...
Cloudaware provides a detailed report indicating available upgradable packages, the machines that will be updated, and the scheduled patch installation date. This gives customers sufficient time to evaluate whether some patches should be applied manually or excluded from the scope.
Consistency
Cloudaware generates a patching snapshot defining the patches and their versions to which they will be updated. Cloudaware guarantees that this snapshot to be implemented across all environments such as Dev, QA, Staging and Prod. If any patch is detected as manually upgraded or auto-installed, Cloudaware will skip it.
Cloudaware also supports patch groups, meaning that only members of one patch group will be rebooted at a time if necessary.
Rollback
...
To undo a failed patch release, customers can address Cloudaware's rollback script available by default. Cloudaware can perform a simultaneous rollback in all instances within a given cloud account. The rollback script is located on every patched instance in the following location: /opt/breeze-agent/os_updater/YYYYMMDDhhmmss.sh
Cloudaware can perform a simultaneous rollback in all instances within a given cloud account. If rollback is requested, Cloudaware’s Breeze agent will set repo to the previous GUID, execute the rollback script and verify rollback using yum update against preview repo GUID. After the script execution is complete, the yum update should not introduce any changes to the packages on the host.
...
Once a package is applied, the column 'Installed Date' is populated. The column 'Package Age' gives the idea of demonstrates how well your the customer’s security team is doing with patching.