Upgrades and Patch Management
Upgrades and Patch Management
CertiNext follows a structured and predictable approach to upgrades and patch management, balancing platform stability with the need to evolve functionality and security over time. The upgrade model differs between cloud-hosted deployments and on-premises deployments, reflecting the shared-responsibility nature of each model.
Upgrade Scope and Version Policy
Across all deployment models, CertiNext follows these general principles:
Minor version upgrades (feature enhancements, improvements, and non-breaking changes) are covered as part of standard upgrades during the lifecycle of the product, unless contractually agreed otherwise.
Major version upgrades (architecture changes, breaking changes, or significant platform shifts) are not automatically included and are handled separately.
Upgrade and patch support is typically provided up to the immediately previous major version of the product. Versions older than this may require an upgrade before patches can be applied.
All upgrades follow backward-compatibility guidelines where feasible, especially for APIs and automation workflows.
This approach ensures platform stability while allowing customers to plan upgrades in a controlled manner.
Security Patches and Commercial Considerations (On-Prem)
Security is a continuously evolving domain, and the security posture at the time of deployment may differ significantly over time due to:
Newly discovered vulnerabilities
Changes in threat models
Evolving regulatory and compliance requirements
For on-premises deployments:
Security-related patches are typically covered functionally, but may involve additional commercials, depending on scope and effort.
This reflects the ongoing nature of security hardening and the variability of customer environments.
Any commercial impact is discussed transparently before patch delivery.
This ensures customers receive appropriate security remediation without compromising long-term sustainability.
Cloud-Hosted Deployments (SaaS)
For cloud-hosted CertiNext deployments, upgrades and patches are fully managed by the CertiNext operations team.
Key characteristics:
Regular application, OS, and database patching
Continuous monitoring and proactive remediation
Use of a sandbox environment to validate:
Application upgrades
Security patches
OS and database updates
Only after successful validation are changes promoted to production environments
This approach minimizes operational risk and ensures platform stability while maintaining strong security posture.
On-Premises Deployments
For on-premises deployments, upgrade and patch activities are guided by the customer’s patching and maintenance schedule.
In this model:
CertiNext provides the upgrade or patch artifacts and guidance
Deployment timing is coordinated with customer IT and operations teams
Customers retain control over:
Maintenance windows
Change management approvals
Environment-specific testing
This aligns CertiNext operations with enterprise IT governance and change control processes.
Planned Downtime and Communication
For both deployment models:
Planned upgrades or patches that require downtime are communicated in advance
Maintenance windows are scheduled to minimize operational impact
Clear rollback procedures are defined where applicable
Summary
CertiNext’s upgrade and patch management approach is designed to be predictable, transparent, and aligned with enterprise operational realities:
Minor upgrades are included as part of standard lifecycle support
Security patches for on-prem may involve additional commercials due to evolving security requirements
Support is generally limited to the current and immediately previous major versions
Cloud deployments benefit from fully managed, tested, and regularly applied upgrades
On-prem deployments follow customer-defined patching schedules
This model ensures CertiNext remains secure, stable, and evolvable while respecting customer control and contractual boundaries.
Last updated