Chef Progress Primary Logo
Solutions

Automate OS Patch Management

Remove the drama from OS patching and minimize security risks with fully-automated patch management and validation from Chef.

Download the white paper

The Challenges and Risks of Unpatched Systems

Conceptually, applying patches should be simple. Identify the systems that are vulnerable and patch them. But without a comprehensive and automated approach to patch management it is far from simple. Your fleet might conceivably have thousands of vulnerabilities needing to be patched, but not all of them are high priority or even relevant. You might not know whether patching systems will break critical business applications. On top of this, you only have a small team of system administrators responsible for tens of thousands of systems. You started with a OS patching problem, and what you actually have is a risk management problem. And risks are not absolute.

Patch Management Just Another Event in Continuous Delivery

The key to implementing a scalable patch management and validation solution is treating patching updates like any other event that is automated as part of a continuous delivery pipeline. Chef enables clients to automate system patching as part of CI/CD pipelines by providing the tools and best practices ops teams need to prioritize, test, run and validate patches consistently across Windows, Mac and Linux devices both on-premises and in the cloud.

Benefits of Chef’s Approach to OS Patch Management

Less Time

Efficiency

Operations teams spend 90% less time packaging and delivering patches.

Consistent Configuration

Agility

Downtime is eliminated and App teams self-manage patch events as part of automated pipelines.

Compliant

Business Assurance

Compliance teams can view the status and validate systems in real-time across their entire IT estate.

Our Fully-Automated Patch Management and Validation Solutions

With Chef you get continuous visibility into what systems need patching and assurance that systems stay patched regardless of how often you deploy new content or environments. Chef provides everything you need to ensure you can deliver system and application changes with unparalleled speed while minimizing the risks of unpatched systems in your environment.

Identify: Understand the Risks

Chef gives you immediate insight into the risk of unpatched systems in any environment, at any time. Built-in profiles defining patching baselines for Linux, Mac and Windows can be used to scan your environments and learn which systems have out of date OSs.

Manage Application Updates the Same Way

In addition to the challenges ops teams face managing OS patches teams responsible for application updates must deal with the additional challenge of application dependency and packaging. Older applications many times have a number of runtime dependencies with the underlying operating system and newer applications are interwoven with the older applications. Without proper dependency mapping and exhaustive testing it is many times impossible to know what the impact of a system update or patch maybe.

Chef Habitat was developed to help Application Delivery teams overcome these challenges. Using Chef Habitat teams package each dependency as an atomic unit that is independent of the underlying infrastructure and OS. Packages are then tested in a clean room ensuring what is built and tested in development is what is delivered in production.

Resource Card Images Webpage
Solution

Windows Application Automation

Resource Card Images Blog
Product

Chef EAS

Resource Card Images Whitepaper
White Paper

Chef Infra 16 Product Guide