Cyber Essentials Plus Packaging

Enterprises face tight timelines for critical patch and update management to remain within the Cyber Essentials Framework.  APPtechnology’s service covers the applications that are not reached by turning on vendors' auto-update functionality or automated patch tooling.

Set and forget services for your business-critical application patching, minor or major releases

We help you set the business-critical application policies that will keep your organisation compliant to the Cyber Essentials Plus controls

Reduce your Workload

You decide on what actions you want undertaken on a per application basis.
When you onboard an application to our service, we agree the actions to be taken based on patch release, criticality, minor or major versions. For instance you will want critical patches packaged for deployment but may decide to skip functional patching. You could have minor versions packaged on release, but require business confirmation on major version packaging.
Alternatively, you could cut the cost of minor version packaging and only rebase-line your application following a critical support update so that your baseline application doesn’t have any critical flaws.
The choice is yours to decide on a policy that we will work to and you decide where business input is required.

Patching of Business-Critical Applications

The Cyber Essentials Plus control theme states software must be:
…patched within 14 days of an update being released, where the patch fixes a vulnerability with a severity the product vendor describes as 'critical' or 'high risk'. Some vendors release patches for multiple issues with differing severity levels as a single update. If such an update covers any 'critical' or 'high risk' issues, then it must be installed within 14 days.
APPtechnology will assess and packaged based on agreed policy or inform and confirm with the business before proceeding. You remain in charge and compliant.

Unsupported Applications

The Cyber Essentials Plus control theme states Software should be removed from devices when no longer supported, as product vendors do not generally release patches for products they no longer support.
Your organisation cannot predict which Vendors will drop product support or even cease to trade, but when they do you can be faced with a dilemma covering unsupported business critical applications that are integrated to other essential business processes.
APPtechnology have a host of Legacy application management solutions to enable the secure and protected continued use of unsupported software where a business exception is required.
Isolation and containerisation techniques ensure that any unsupported applications or server / client systems can withstand all the penetration test requirements to meet your CE+ requirements

Benefits you can expect

Application Monitoring

We monitor your critical business applications for patch and version releases


We monitor your specified vendor websites for new release activity

Version Updates

We create a new version or patch release based on your agreed requirements


Online portal for additional requests or new software requirements


Add new applications to the monitoring service as required


Request confirmation or immediate repackage, your rules, you decide

  • For medium to
    large enterprises
  • Unique suite of
  • Providing legacy web
    application solutions
  • Never beaten by a
    Legacy Application