What is Root Patches / Patch Stream?

Root Patches / Patch Stream is Root's capability to deliver standalone patch artifacts that you can validate and implement yourself. Unlike competitors who rebuild images or patch in place, Root delivers patch feeds—complete patch packages with all build evidence—that operate outside your perimeter.

Why This Capability Matters

Unique Differentiator:

Only Root provides patch feeds as direct deliverables
Standalone artifacts - complete patch packages for CI/CD
Reproducible builds - all build evidence included
Enterprise control - you validate and implement patches yourself
Operates outside your perimeter - Root doesn't manage your supply chain

This is fundamentally different from other security solutions. Root is the only platform that can deliver patch feeds as standalone artifacts that you integrate into your existing CI/CD pipelines.

Key Capabilities

Standalone Patch Artifacts

Root delivers complete patch packages that include:

The actual fix - source code changes
Intelligence - how to apply the patch
Artifacts - all build evidence and test results
Instructions - merge and implementation guidance

Reproducible Fix Build Streams

Every patch includes:

Complete evidence - all build artifacts
Test results - comprehensive testing documentation
Validation - exploit blocking and functional integrity proof
Merge instructions - clear implementation guidance

Universal Compatibility

Any OS - Alpine, Ubuntu, RHEL, and specialized systems
Any package - all major package managers
Any version - current, legacy, and end-of-life

Enterprise Control

Root's patch feed operates outside your perimeter:

You validate - review patches before implementation
You implement - control when and how patches are applied
You maintain control - Root doesn't manage your supply chain
You audit - complete visibility into all patches

Use Cases

Non-Upgradable Critical Systems

Large institutions with critical systems that cannot be upgraded. Root provides standalone patches that work with existing infrastructure without requiring system changes.

Enterprise Patch Feeds

Organizations that need patch feeds for CI/CD pipelines. Root delivers reproducible fix build streams as direct deliverables that integrate into your existing workflows.

High-Security Environments

Organizations that need security fixes but won't let a vendor manage their software supply chain. Root's patch feed operates outside the perimeter—you maintain full control.

How It Works

Root Patches / Patch Stream uses the same AVR Factory that powers Root Image Catalog and Root Library Catalog:

CVE Detection - New vulnerability triggers AVR Factory
Expert Research - OS-specific agents gather context
Patch Generation - Patching agents create fixes
Testing - Agent swarms perform comprehensive testing
Validation - Human validators review and approve
Delivery - Standalone artifacts delivered as patch feeds

The result: reproducible patch artifacts that you can validate and implement yourself, with complete build evidence and testing documentation.

Availability

Root Patches / Patch Stream is available through enterprise engagements. This capability is designed for organizations with specific requirements for standalone patch artifacts and enterprise patch feeds.

To learn more about Root Patches / Patch Stream:

Contact your Enterprise Support Team to discuss your requirements
Speak with your Root account representative about availability
Reach out to Root Sales to explore this capability

How This Differs from Root's Standard Products

Root Image Catalog and Root Library Catalog:

Deliver secured artifacts (images and libraries) ready to use
Automatic updates and continuous maintenance
Standard product offerings

Root Patches / Patch Stream:

Delivers standalone patch artifacts for you to implement
Operates outside your perimeter
Enterprise engagement required
Advanced capability for specific use cases

Both approaches use the same AVR Factory technology, but serve different enterprise needs.