Automation for security patching

Security patching challenges

Patching known vulnerabilities comes at a cost. Performing the activity at scale across your organisation could result in business disruption and regression defects.

When planning for this disruption in advance, you have two choices:

1. Spend additional time and resolve all known vulnerabilities over a longer patch maintenance window, at some point further in the future.
2. Move swiftly to resolve high and critical priority patches, in the near term.

Reduce the time and complexity of security patch rollouts and minimise the risk of human error by embracing linux patching automations. Organisations that move swiftly have the best security posture. Security patching consumes time and resources both during and after the patching event, therefore it is prudent to prioritise the most important patches first. Focusing on patches that are critical or high priority mitigates the likely vector of breaches and data loss for your organisation.

Phased and tiered security patching automations for Linux

Thanks to Canonical’s robust tooling, system administrators have choices when it comes to phased or tiered security patching across their Ubuntu estate. System administrators have a choice to patch their Ubuntu estate by software package name, security vulnerability’s CVE number, or the security vulnerability’s USN number. Canonical also provides tooling for on-demand patch analysis through systems which operate externally from the ones used to apply the patch. For example: a system could be patched by Landscape, and the patch can be verified through Pro Client. Alternatively, a system could be patched by Pro Client, and the patch can be verified through Landscape.

Phased and tiered security patching automations for the Linux kernel

Livepatch for the Linux kernel provides security patching automation with point in time snapshots for the Linux kernel. Shrink exploit windows by patching vulnerabilities without reboot disruptions, and improve your security posture between your scheduled security patching maintenance windows.

Addressing your compliance and security requirements

Beyond security and vulnerability patching, Livepatch and Landscape are an essential component of many organisations’ broader compliance strategies. Self-hosted Landscape is free for limited personal or evaluation use. All machines with an active Ubuntu Pro subscription can use Landscape SaaS or self-hosted Landscape, and Livepatch, at no additional cost. Livepatch, and both editions of Landscape are included with Ubuntu Pro on AWS, Azure and GCP.

Canonical offers professional services for implementation, training, and consulting in connected, and air gapped environments. If you want to learn more, talk to us about Livepatch, Landscape, and our professional services options.

Contact information

• First name:
• Last name:
• Work email:
• Company name:
• Job title:
• Mobile/cell phone number:
• Country: Select...FranceGermanyJapanUnited KingdomUnited States of America——————————————————AfghanistanÅland IslandsAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia (Plurinational State of)Bonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCabo VerdeCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo (Democratic Republic of the)Cook IslandsCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland Islands (Malvinas)Faroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHoly SeeHondurasHong KongHungaryIcelandIndiaIndonesiaIran (Islamic Republic of)IraqIrelandIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea (Democratic People's Republic of)Korea (Republic of)KuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMacedonia (the former Yugoslav Republic of)MadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesia (Federated States of)Moldova (Republic of)MonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana IslandsNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRéunionRomaniaRussian FederationRwandaSaint BarthélemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyrian Arab RepublicTaiwanTajikistanTanzania, United Republic ofThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited States of AmericaUnited States Minor Outlying IslandsUruguayUzbekistanVanuatuVenezuela (Bolivarian Republic of)Viet NamVirgin Islands (British)Virgin Islands (U.S.)Wallis and FutunaWestern SaharaYemenZambiaZimbabwe
• I agree to receive information about Canonical's products and services.
• Website:
• Name:

• In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

• Contact us