Built by the people who needed it.
PatchMon started because the existing options for patch monitoring were either too expensive, too locked-down, or ignored half the fleet. Most tools handle Ubuntu. Some handle RHEL. Almost none handle FreeBSD. We built what we wished existed.
If you've managed servers at any real scale, you know the problem. You have hosts running Ubuntu, Debian, RHEL, maybe some CentOS or Rocky Linux. A few FreeBSD firewalls running pfSense. Windows boxes the dev team insisted on. Each one needs patches. Each one uses a different package manager. And nobody has a clear, centralised view of what's pending.
Enterprise patch management tools exist, but they're typically built for Windows-first environments, priced per seat with no transparent tiering, and require you to trust a third party with access to your infrastructure. Most ignore FreeBSD entirely. For teams with mixed fleets, the options boil down to “write scripts and hope” or “buy something that doesn't quite fit.”
PatchMon is the third option. An open-source platform purpose-built for patch monitoring across Linux, FreeBSD, and Windows. APT, DNF, YUM, APK, Pacman, FreeBSD pkg, and Windows Update Agent - all first-class, all in one dashboard. It uses an outbound-only agent model that your security team will actually approve, and deploys as a single binary with no external dependencies beyond PostgreSQL and Redis.
For MSPs and consultants managing multiple client environments, we work with teams on custom deployments case-by-case. MSP deployments are bespoke engagements today rather than a self-serve tier; get in touch if you want to scope one.
We ship three editions. Community is the AGPLv3 edition you self-host and operate on your own infrastructure. PRO is our professional services and vendor support engagement: for teams running PatchMon at scale, and for self-hosted Community Edition users who want vendor-backed support on their own infrastructure. Cloud removes the infrastructure overhead entirely.
The goal is straightforward: give every infrastructure team - from a five-person startup to a thousand-host enterprise - the patch visibility they need without the vendor tax.
The Company
PatchMon is developed and maintained by PatchMon Ltd, a UK company focused on building and operating the platform. Our internal information security management follows ISO/IEC 27001 principles, least-privilege access, and a documented incident response process. PatchMon Ltd itself is not currently ISO 27001 certified; the ISO 27001 and BSI C5 Type 1 certifications referenced elsewhere on this site apply to our hosting infrastructure provider. The evidence pack for enterprise buyers is available on request under NDA.
PatchMon Cloud runs on IONOS Cloud, an EU-headquartered hosting provider certified to ISO/IEC 27001 and BSI C5 Type 1, operating 18 European data centres on 100% renewable energy. You choose your region at signup.
The Team
PatchMon is built by infrastructure engineers who run the same kinds of environments the tool is designed to manage. The team combines experience in Linux systems administration, security operations, and platform engineering.
Infrastructure-first thinking
Every feature is designed from the perspective of someone managing real servers in production.
Open source by conviction
We believe infrastructure tooling should be transparent, auditable, and community-owned.
Security-conscious by default
Security decisions are constraints, not afterthoughts. Least privilege and zero trust guide the architecture.
Community-responsive development
Feedback from production deployments shapes the roadmap. Real-world needs drive priorities.
What we believe
Transparency over trust
Infrastructure tools should be auditable. We open-source the platform so you can verify exactly what it does.
Simplicity over complexity
A single binary, a Docker Compose file, and a one-line agent install. If deployment takes more than 15 minutes, we've failed.
Security by design
Outbound-only agents, least-privilege defaults, and no telemetry. Security isn't a feature - it's a constraint on every decision.
Community-driven development
The roadmap is shaped by people running PatchMon in production. Feature requests and bug reports from real deployments drive priorities.
AGPLv3 first, services on top
Community is the codebase you run yourself under AGPLv3. PRO and Cloud add managed services, support tiers, and optional paid capabilities.
Sustainable open source
PRO and Cloud fund continued development. Open source is the foundation, not a marketing strategy. Both models have to work.
Want to work with us?
Whether it's contributing code, partnering, or joining the team.