PatchMon is patch management for teams who run Linux, FreeBSD, and Windows together. You see pending updates across six package managers in one view. On Linux and FreeBSD you dry-run, approve production changes, and keep a shell-level audit trail; on Windows you get the same inventory and planning surface today while patch deploy from PatchMon is on the roadmap. Cloud tiers that include it add browser SSH/RDP through the agent. Prefer to own the stack? Community Edition is the same codebase under AGPLv3 for self-hosting.

How much does PatchMon cost?

PatchMon Cloud bills per host: Starter $1 (monitoring), Plus $2 (patch deployment and Docker), Max $3 (compliance scanning and browser SSH/RDP) per host per month, with a 14-day trial so you can run real hosts before you pay. No fleet minimums on the public tiers; pay for what you run. If you want zero SaaS bill and you are happy operating the database and backups yourself, Community Edition is AGPLv3 on your infrastructure.

How long does it take to set up PatchMon?

About five minutes. Sign up for a Cloud trial, pick a region, and install the one-line agent on your first host. Your first server appears in the dashboard within a couple of minutes. Self-hosting takes a similar amount of time using Docker Compose.

What operating systems does PatchMon support?

PatchMon supports Ubuntu, Debian, RHEL, CentOS, Rocky Linux, AlmaLinux, Fedora, Alpine, Arch Linux, openSUSE, FreeBSD, pfSense, and Windows Server. Agents are built for amd64, arm64, i386, and arm architectures.

How does PatchMon differ from Ansible for patching?

Ansible is a general-purpose automation tool. PatchMon is purpose-built for patch management with a permanent dashboard, compliance scanning, approval workflows, audit trails, and alerting. You can use both together; PatchMon provides an Ansible dynamic inventory plugin.

55K+ servers run PatchMon

AGPL v3 Open Source

Take control of every Linux update. DiscoveredApprovedPatched

Name: PatchMon
Author: PatchMon

PatchMon deploys updates and tracks history across your Linux and FreeBSD estate. No SSH marathons, no one-off scripts, no spreadsheets.

Start your 14-day Cloud trial Book a demo

55K+

Servers run PatchMon

4K+

Live installations

2.5K+

GitHub Stars

600+

Discord community

Built on

Sound familiar?

This is what patch day looks like
without a system.

The SSH marathon

SSH into every host. Run apt update. Check the output. Repeat 47 times. Miss the one that matters.

No audit trail.

The Ansible sprawl

Playbooks for three distros. Dry-run output nobody reads. “Did that run?” “I think so.” No way to know without SSH-ing in again.

No single view.

The spreadsheet

Paste hostname, paste date, paste “done.” Auditor asks for evidence. You open the spreadsheet. You pray.

No evidence.

PatchMon replaces all three with one queue.

Why teams switch

Your Monday shouldn't be a
patch reconnaissance tour.

The work you spread across scripts, SSH sessions, and spreadsheets is the work PatchMon turns into a single queue: what's pending, who approved it, what shipped, and what to tell an auditor.

Six package managers. Dry-run before you ship. Full audit trail.

See every pending update across APT, DNF/YUM, APK, Pacman, FreeBSD pkg, and Windows Update in one view. Define patch policies with scheduling (immediate, delayed, or fixed maintenance windows). Preview what will change with dry-run mode. On Linux and FreeBSD, require approval before production patches run, with full shell output for your audit trail. On Windows, you get the same visibility and planning today; patch deployment from PatchMon is on the roadmap.

Learn more

And more

Docker, alerting, and access control — built in, not bolted on.

Docker Monitoring

Inventory every container, image, volume, and network across your fleet. Detect outdated base images with digest comparison and security severity tracking.

Learn more

Alerting

Route alerts by severity and host group to Slack, Discord, email, or ntfy. Assign to team members, track to resolution. Host-down detection on a steady cadence.

Learn more

RBAC & Security

Granular roles and custom permissions. OIDC/SSO, Discord sign-in, TOTP two-factor auth, session management, and separate agent credentials.

Learn more

Time to value

From signup to your first host on the dashboard in minutes, not days.

Sign up and choose a region

Create your PatchMon Cloud account and pick a region close to your fleet

Add your first host

Copy the one-line agent install command from the dashboard

Review available patches

Your hosts, packages, and pending updates appear in one view

Approve and ship (Linux & FreeBSD)

Pick hosts and packages, then let automation apply updates with a trail. On Windows, monitor and plan today; deploy from PatchMon is on the roadmap.

Outcomes

Move from ad-hoc to audited, in weeks not quarters.

What actually changes on your fleet after PatchMon is installed.

Before:Spreadsheets and SSH loops

After:One dashboard, every host, every package manager

APT, DNF, APK, Pacman, pkg, and Windows Update in a single view. Pending updates, patch drift, and compliance coverage visible at a glance.

Before:Ad-hoc patching with no paper trail

After:Approved, scheduled, and auditable

Every run is logged with approver, targeted hosts, packages changed, and outcome. Export the trail for SOC 2, ISO 27001, or internal review.

Before:Manual compliance reporting

After:Evidence that generates itself

OpenSCAP CIS benchmarks and Docker Bench run on a schedule. Scheduled patch reports land in email, Slack, or a webhook without anyone driving them.

Integrations

Fits the stack you already run.

Proxmox auto-enrolment, Ansible inventory, dashboard widgets, webhooks, and a REST API, so PatchMon sits next to the tools your team already trusts, not instead of them.

Proxmox LXC Ansible GetHomepage REST API Docker OpenSCAP Slack Discord SMTP Webhooks Open SSH Windows RDP Claude OpenAI

View all integrations

Agent builds: amd64·arm64·arm·i386 — Linux, FreeBSD, Windows.

Choose your path

Same codebase. Two ways to run it.

Recommended

PatchMon Cloud

We run it. You patch.

Dedicated, isolated service per customer with managed backups and uptime
Starter $1, Plus $2, Max $3 per host/month
14-day free trial on real hosts
Tiered support included
UK, EU, and US data residency

Start your 14-day trial

Community Edition

You run it. You own it.

Self-host on your own infrastructure
Free under AGPLv3 — audit every line
Docker Compose or bare metal install
Community Discord support
Same codebase as Cloud

Deploy Community Edition

PatchMon PRO

Need enterprise support or a custom deployment?

PRO is for teams running PatchMon at scale who need dedicated engineering support, deployment architecture, custom integrations, or managed on-premise delivery. You bring the requirements, we scope it.

Talk to us about PRO See PRO services

Deployment & architecture
High-availability design, multi-site planning, and database tuning for fleets of 1,000+ hosts.
Training & onboarding
Hands-on admin sessions on patch policies, compliance scanning, and alert routing.
Priority support
Dedicated support channel with defined SLAs and direct access to engineering.
Custom development
CMDB, ITSM, notification, and API integrations built to your team's spec.
Managed deployment
We deploy and run PatchMon on your infrastructure, including air-gapped environments.
Security & compliance
Patch policies and compliance configurations aligned to your regulatory frameworks.

See every host in one place.
Your infrastructure, your choice.

Let us run the control plane on PatchMon Cloud, or self-host Community Edition under AGPLv3 on your own infrastructure. Same codebase, two ways to run it.

Start your 14-day Cloud trial Deploy Community Edition

Prefer to talk first? Book a demo →

Take control of every Linux update. DiscoveredApprovedPatched

33+ Integrations