If you’ve been following the monthly Security Patch Roundup series, you’ll know the drill: every month I pull together patch data across Windows, Apple, Android, Ubuntu, and more, so you don’t have to chase nine different vendor pages yourself.
This month, I’m announcing something new: I’ve automated it, and I’m giving the whole thing away for free.
The Story
Every patch roundup started the same way: opening a stack of browser tabs. Microsoft’s Security Update Guide. Apple’s security releases page. The Android bulletin. Ubuntu’s security notices. Then Red Hat, Debian, and the network vendors. Copying CVE counts, checking severities, cross-referencing KB numbers.
It’s valuable work but it’s also exactly the kind of repetitive collection a machine should be doing, so a human can focus on what matters: the analysis, the context, and the “what should you actually do about it” part.
So I built the Patch Tuesday Tracker, a small, open-source tool that checks nine major vendors every single day and collects new security patch data automatically. No servers, no cost, no maintenance. It just runs.
What It Covers
The tracker currently pulls patch and advisory data from:
- Windows & Windows Server (Microsoft Security Response Center)
- Apple – iOS, macOS, watchOS, tvOS
- Android (Google’s monthly security bulletin)
- Ubuntu (Canonical security notices)
- Red Hat (RHSA advisories)
- Debian (DSA advisories)
- ChromeOS
- Palo Alto Networks
- Cisco IOS / IOS XE
That’s desktops, servers, phones, and the network edge, the platforms that matter for most homes and businesses.
How It Works (The Short Version)
Under the hood it’s deliberately simple: a scheduled job runs once a day, checks each vendor’s official security feed or advisory page, and records anything new. When fresh patch data lands, like on Patch Tuesday, it updates a public dashboard and archives everything by month.
No accounts, no tracking, no cost. It’s all built on free, public vendor sources, the same ones I was checking by hand.
How You Can Use It
Everything is public:
The live dashboard – see the current month’s patch data at a glance, with severity counts per platform: https://tayvensec.github.io/patch-tuesday-tracker/index.html
The monthly archive – every month’s data is preserved, so you can look back at any patch cycle.
The source code – the whole project is open source. Fork it, run your own copy, add platforms you care about, or just poke around to see how it works: github.com/TayvenSec/patch-tuesday-tracker
If you’re a sysadmin, a security team of one, or just someone who likes to stay on top of updates, it’s yours to use.
What This Means for the Roundup Series
The monthly Security Patch Roundup isn’t going anywhere, if anything, it gets better. The tracker handles the raw collection, which means more time for the parts you value most: prioritisation, plain-English explanations, and recommended actions for individuals, businesses, and admins.
Same series. Better data. Faster turnaround after Patch Tuesday.
Closing Thoughts
Patch management is one of the least glamorous and most effective things you can do for your security posture. Most successful attacks still exploit vulnerabilities that already had a patch available.
If this tool helps even a few more people or businesses stay current, it’s done its job.
Check it out, share it with your team, and as always, patch early, patch often.
Explore the full Patch Management Series: tayvensec.com/patch-management
Full technical breakdown – https://github.com/TayvenSec/patch-tuesday-tracker/blob/main/TECHNICAL.md

