Menu
Dedicated Drupal patching and maintenance services. Keep your Drupal site secured and up-to-date at all times.
Ensure your website remains up-to-date, secure, and running smoothly with our SLA-backed Drupal patching and maintenance services, delivered by a dedicated team of Drupal experts 24/7 across the globe.
Not patching your website can expose it to significant security, performance, and usability risks, potentially leading to lost customers, revenue, and reputation. Regularly applying patches and maintaining up-to-date software is essential for ensuring the security, stability, and overall success of a website.
How
How does it all work.
It’s as easy as 1-2-3.
Together, we will assess if our service is a good fit for your project. Then we’ll formalise a statement of work
and then get started as per the steps outlined below.
01
Initial assessment
Conduct an initial assessment to review your Drupal site, identify its version and installed modules, and evaluate existing security measures and performance.
02
Identify updates
Monitor Drupal channels and Update Manager to identify available updates and patches.
03
Evaluate updates
Review release notes and prioritize updates based on security, bug fixes, and enhancements.
04
Download patches
Download patch files or updated versions from reputable sources and verify their integrity.
05
Test in staging
Set up a staging environment to test updates and address any issues before applying to the live site.
06
Apply updates
Back up your live site, apply patches and updates using appropriate tools, and verify their successful application.
07
Post-update monitoring
Continuously monitor site performance, security, and functionality to identify and resolve post-update issues.
08
Ongoing maintenance and support
Monitor Drupal channels and provide regular patch management with expert support to keep your site secure, up-to-date, and efficiently maintained.
Security
Patch and protect.
Significantly reduce cyber security threats.
We actively monitor Drupal security advisories, official patches, and relevant module updates specific to your website. Our regular Drupal patching service ensures your website is protected from known security vulnerabilities by promptly applying the latest security patches as they become available. This safeguards your site against attacks, data breaches, and unauthorized access, while also maintaining customer trust, complying with data protection regulations, and preventing potential financial and reputational damage associated with compromised security.
Up to date
Keep up to date.
Latest features. Least bugs.
Above and beyond security, regular patches keeps your site up to date with the latest features and bug fixes. These updates enhance your website’s functionality, improve compatibility with plugins and themes, and ensure that you use the latest features available in Drupal. This results in a consistently high-quality user experience, allowing you to retain and attract more visitors while reducing the risk of technical issues and site downtime.
Performance
Optimise performance.
Reduce downtime.
Applying patches and updates regularly can help improve load times, responsiveness, and overall user experience. We also monitor your site’s performance to ensure load times are maintained or improved. By addressing potential performance bottlenecks and reducing downtime, we help you provide a fast, reliable, and enjoyable experience for your site visitors, which can lead to better search rankings, increased engagement, conversions, and customer satisfaction.
24x7
24x7 dedicated team.
Drupal experts.
Your site is patched, supported and maintained by a dedicated team of Drupal experts with extensive experience in managing and maintaining Drupal sites. You can have peace of mind knowing that our dedicated global team works diligently 24×7 to resolve any patch issues and ensure smooth and uninterrupted operation.
Testing
Proactive testing and monitoring.
Prompt resolution.
Beyond simply applying patches and updates; we proactively conduct visual and functional tests of your Drupal site to detect and address any potential issues before they escalate. Our prompt resolution of problems helps maintain your site’s stability and minimize the impact of any disruptions. This proactive approach ensures that your website remains functional and accessible to users, protecting your online presence and reputation while reducing the likelihood of costly emergency repairs.
Service level guarantee
SLA backed guarantee.
Or your money back.
Our SLA-backed patching service options provides you with a guaranteed time window security patches are applied from the moment they become available. This reduces your website’s vulnerability window of attack and thus risk of a cyber hack.In the unlikely event we don’t get to patch your site within the SLA window, then you will receive SLA credits.
Reporting
Monthly patch reports.
Complete visibility.
Receive a comprehensive monthly patch report that summarizes all the patches and updates applied to your Drupal installation each month. This ensures you have full visibility and stay up to date with the latest security fixes, feature updates, and bug fixes implemented on your website. The report provides transparent and detailed information on the patches applied, including core updates and module patches. It gives you complete visibility into the changes made, patch-related issues encountered, and the resolutions provided, allowing you to stay well-informed about your website’s security posture.
Inclusions
Standard inclusions.
With every site.
Priority Drupal security updates
Immediate security updates are applied as soon as they become available, protecting your website against the latest threats.
Regularly Drupal module updates
Periodic updates to Drupal modules to ensure your website stays current with the latest features and bug fixes.
Testing and validation
Post-update checks, both automated and manual, maintaining the quality and performance of your website.
Basic troubleshooting and remediation
Identification and remediation of minor issues and bugs that may arise after updates to ensure smooth operation of your site.
Zero touch or one-touch deploy
Optional automated deployment of updates reduces manual effort and mitigates cyber security threats by reducing the attack surface.
Monthly patch reports
Regular patch reports provide an overview of maintenance activities, enhancing transparency, record-keeping, and compliance.
Offsite backups *
Regular backups are stored securely offsite, providing peace of mind and facilitating easy recovery in case of data loss.
Security breach restoration *
Rapid restoration services after a security breach minimize damage, protecting your website and its data.
*For higher tiers only
Pricing
Drupal SLA and cyber protection patch plans.
One for every budget.
Select a patch plan that suits your budget and risk profile. Select a tier from either professional, enterprise or
cyber protection.
Recommended for website owners who prioritize security updates within reasonable timeframes and semi-regular application updates to core and third-party modules.
All prices shown in:
Minimum 3 month comittment. Commit to and pay annually and save up to 15%.
PROFESSIONAL - SMALL
AUD$
$325
$215
.00/mo
Essential Security Patching
For small sites or organizations looking for essential security patching, automated tests, and basic update management within a budget-friendly price point.
Featured inclusions:
- Security patches applied < 72 hrs
- QUARTERLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 72 hrs
- QUARTERLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
PROFESSIONAL - MEDIUM
AUD$
$465
$310
.00/mo
Enhanced Security Patching
For medium sites or organizations that require faster security patching, more frequent core and contrib updates, and efficient deployment processes for improved website performance and security.
Featured inclusions:
- Security patches applied < 48 hrs
- BIMONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 48 hrs
- BIMONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
PROFESSIONAL - LARGE
AUD$
$675
$450
.00/mo
Rapid Security Patching
For larger sites or organizations that need a higher level of security with rapid security patching, monthly core and contrib updates, and seamless deployment processes for enhanced website protection and reliability.
Featured inclusions:
- Security patches applied < 24 hrs
- MONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 24 hrs
- MONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
Minimum 3 month commitment. Commit to an pay annually and save up to 15%
PROFESSIONAL - SMALL
AUD$
$275
$185
.00/mo
Essential Security Patching
For small sites or organizations looking for essential security patching, automated tests, and basic update management within a budget-friendly price point.
Featured inclusions:
- Security patches applied < 72 hrs
- QUARTERLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 72 hrs
- QUARTERLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
PROFESSIONAL - Medium
AUD$
$395
$265
.00/mo
Enhanced Security Patching
For medium sites or organizations that require faster security patching, more frequent core and contrib updates, and efficient deployment processes for improved website performance and security.
Featured inclusions:
- Security patches applied < 48 hrs
- BIMONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 48 hrs
- BIMONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
PROFESSIONAL - Large
AUD$
$575
$385
.00/mo
Rapid Security Patching
For larger sites or organizations that need a higher level of security with rapid security patching, monthly core and contrib updates, and seamless deployment processes for enhanced website protection and reliability.
Featured inclusions:
- Security patches applied < 24 hrs
- MONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- A$600 setup
- Security patches applied < 24 hrs
- MONTHLY core + contrib updates
- Automated functional and visual tests
- Zero touch or one touch deployments
- Monthly patch report
- Security patch alert notifications
- USD$400 setup
Recommended for website owners who require higher priority and faster applied security updates, backed by an SLA, along with a higher frequency of application updates to core and third-party modules. Enterprise patch plans also provide daily offsite back ups and a security breach restoration SLA for extra peace of mind.
All prices shown in:
Minimum 3 month comittment. Commit to and pay annually and save up to 15%.
ENTERPRISE - SMALL
AUD$
$875
$585
.00/mo
Enterprise Security Patch and Restore SLA
For enterprises with more stringent security requirements, seeking guaranteed security update times through an SLA, fast security patching, security breach restoration guarantees, and custom automated test cases to further reduce the risk of post-patch errors.
Featured inclusions:
- Security patches applied < 24 hrs
- SLA guarantee
- MONTHLY core + contrib updates
- Security breach restoration < 48 hrs
- Security breach restoration SLA
- Setup + maintain 2 custom tests
- A$1200 setup fee
- Security patches applied < 24 hrs
- SLA guarantee
- MONTHLY core + contrib updates
- Security breach restoration < 48 hrs
- Security breach restoration SLA
- Setup + maintain 2 custom tests
- USD$800 setup fee
ENTERPRISE - MEDIUM
AUD$
$1390
$925
.00/mo
Enhanced Security Patch and Restore SLA
For enterprises with critical security demands, seeking even faster security patching, more frequent core and contrib updates, expedited security breach restoration, and an increased number of custom automated test cases to ensure an even higher level of mitigation against post-patch errors.
Featured inclusions:
- Security patches applied < 12 hrs
- SLA guarantee
- FORTNIGHTLY core + contrib updates
- Security breach restoration < 24 hrs
- Security breach restoration SLA
- Setup + maintain 4 custom tests
- A$1800 setup fee
- Security patches applied < 12 hrs
- SLA guarantee
- FORTNIGHTLY core + contrib updates
- Security breach restoration < 24 hrs
- Security breach restoration SLA
- Setup + maintain 4 custom tests
- USD$1200 setup fee
ENTERPRISE - LARGE
AUD$
$2125
$1415
.00/mo
Ultimate Security Patch and Restore SLA
For enterprises with the most stringent security requirements, seeking the fastest possible security patching, weekly core and contrib updates, rapid security breach restoration, and a comprehensive suite of custom automated test cases to ensure the highest level of mitigation against post-patch errors.
Featured inclusions:
- Security patches applied < 4 hrs
- SLA guarantee
- WEEKLY core + contrib updates
- Security breach restoration < 12 hrs
- Security breach restoration SLA
- Setup + maintain 6 custom tests
- A$2400 setup fee
- Security patches applied < 4 hrs
- SLA guarantee
- WEEKLY core + contrib updates
- Security breach restoration < 12 hrs
- Security breach restoration SLA
- Setup + maintain 6 custom tests
- USD$1600 setup fee
Minimum 3 month comittment. Commit to and pay annually and save up to 15%.
ENTERPRISE - SMALL
AUD$
$745
$495
.00/mo
Enterprise Security Patch and Restore SLA
For enterprises with more stringent security requirements, seeking guaranteed security update times through an SLA, fast security patching, security breach restoration guarantees, and custom automated test cases to further reduce the risk of post-patch errors.
Featured inclusions:
- Security patches applied < 24 hrs
- 4 hour response SLA guaranteeSLA
- MONTHLY core + contrib updates
- Security breach restoration < 48 hrs
- Security breach restoration SLA
- Setup + maintain 2 custom tests
- A$1200 setup fee
- Security patches applied < 24 hrs
- 4 hour response SLA guaranteeSLA
- MONTHLY core + contrib updates
- Security breach restoration < 48 hrs
- Security breach restoration SLA
- Setup + maintain 2 custom tests
- USD$800 setup fee
ENTERPRISE - MEDIUM
AUD$
$1180
$785
.00/mo
Enhanced Security Patch and Restore SLA
For enterprises with critical security demands, seeking even faster security patching, more frequent core and contrib updates, expedited security breach restoration, and an increased number of custom automated test cases to ensure an even higher level of mitigation against post-patch errors.
Featured inclusions:
- Security patches applied < 12 hrs
- SLA guarantee
- FORTNIGHTLY core + contrib updates
- Security breach restoration < 24 hrs
- Security breach restoration SLA
- Setup + maintain 4 custom tests
- A$1800 setup fee
- Security patches applied < 12 hrs
- SLA guarantee
- FORTNIGHTLY core + contrib updates
- Security breach restoration < 24 hrs
- Security breach restoration SLA
- Setup + maintain 4 custom tests
- USD$1200 setup fee
ENTERPRISE - LARGE
AUD$
$1805
$1205
.00/mo
Ultimate Security Patch and Restore SLA
For enterprises with the most stringent security requirements, seeking the fastest possible security patching, weekly core and contrib updates, rapid security breach restoration, and a comprehensive suite of custom automated test cases to ensure the highest level of mitigation against post-patch errors.
Featured inclusions:
- Security patches applied < 4 hrs
- SLA guarantee
- WEEKLY core + contrib updates
- Security breach restoration < 12 hrs
- Security breach restoration SLA
- Setup + maintain 6 custom tests
- A$2400 setup fee
- Security patches applied < 4 hrs
- SLA guarantee
- WEEKLY core + contrib updates
- Security breach restoration < 12 hrs
- Security breach restoration SLA
- Setup + maintain 6 custom tests
- USD$1600 setup fee
Recommended for website owners who require higher priority and faster patches, backed by an SLA, along with proactive cyber security controls that comply with the 5 key functions of the NIST cybersecurity framework: identify, protect, detect, respond, and recover.
All prices shown in:
Minimum 3 month comittment. Commit to and pay annually and save up to 15%.
ENTERPRISE + CYBER - SMALL
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Critical Defense
For enterprises seeking the highest level of security and protection, even faster security breach restoration times, vulnerability scanning, intrusion detection, and a Web Application Firewall (WAF) for comprehensive defense against web-based threats.
Everything in Enterprise Large Plus:
- Security patches applied < 4 hrs
- Security breach restoration < 8 hrs
- Vulnerability scanning
- Intrusion detection
- Web Application Firewall (WAF)
- A$TBD setup fee
ENTERPRISE + CYBER - MEDIUM
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Comprehensive Defense
For enterprises requiring advanced security and monitoring solutions, zero-day vulnerability protection, secure application configuration scans, and log monitoring and analysis for a comprehensive and proactive approach to securing their web presence.
Everything in Enterprise Large Plus:
- Zero day vulnerability protection
- Secure configuration scans
- Log monitoring and analysis
- A$TBD setup fee
ENTERPRISE + CYBER - LARGE
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Ultimate Assurance
For enterprises that need the most comprehensive security assurances, including everything in all other tiers, plus a dedicated cyber incident response service to ensure prompt and effective action in the event of a security breach, providing the ultimate protection for their web presence.
Everything in Enterprise Large Plus:
- Cyber incident response
- A$TBD setup fee
Minimum 3 month comittment. Commit to and pay annually and save up to 15%.
ENTERPRISE + CYBER - SMALL
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Critical Defense
For enterprises seeking the highest level of security and protection, even faster security breach restoration times, vulnerability scanning, intrusion detection, and a Web Application Firewall (WAF) for comprehensive defense against web-based threats.
Everything in Enterprise Large Plus:
- Security patches applied < 4 hrs
- Security breach restoration < 8 hrs
- Vulnerability scanning
- Intrusion detection
- Web Application Firewall (WAF)
- A$TBD setup fee
ENTERPRISE + CYBER - MEDIUM
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Comprehensive Defense
For enterprises requiring advanced security and monitoring solutions, zero-day vulnerability protection, secure application configuration scans, and log monitoring and analysis for a comprehensive and proactive approach to securing their web presence.
Everything in Cyber - Small Plus:
- Zero day vulnerability protection
- Secure configuration scans
- Log monitoring and analysis
- A$TBD setup fee
ENTERPRISE + CYBER - LARGE
EOI
EXPRESSIONS OF INTEREST
Cybersecurity Ultimate Assurance
For enterprises that need the most comprehensive security assurances, including everything in all other tiers, plus a dedicated cyber incident response service to ensure prompt and effective action in the event of a security breach, providing the ultimate protection for their web presence.
Everything in Cyber - Medium Plus:
- Cyber incident response
- A$TBD setup fee
Get in touch
Where to from here?
All roads lead to Rome.
There’s a lot to take in, so we thought we’d help.
Want to learn about your options? Contact us.
FAQ’s
Questions you may have?
These are the most popular.
Can’t find the answer you’re looking for?
Book a time to chat with us and a member of our team will get back to you as soon as they can.
- How quickly are patches applied?
Typically anywhere between 4 to 72 hours, depending on a number of factors including the package tier you are on.
The speed at which Drupal patches can be applied depends on several factors, including the severity of the security vulnerability, the complexity of the website, and the availability of the developer or agency responsible for applying the patch
In general, Drupal security patches are released as soon as possible after a vulnerability has been discovered. The Drupal Security Team provides advance notice of upcoming security releases, allowing website administrators and developers to prepare for the patching process.
Once a security patch is released, website administrators and developers should aim to apply it as soon as possible to minimize the risk of exploitation. The time required to apply the patch will depend on the complexity of the website, the number of modules and customizations installed, and the thoroughness of the testing process.
In some cases, patches may require significant modifications to the website’s code or database, which can increase the time required for testing and deployment. However, it’s essential to prioritize timely patching to ensure the security and stability of your Drupal website.
- Which Drupal versions are supported?
Drupal officially provides support for the following versions:
Drupal 7: Drupal 7 is supported until November 2023.
Drupal 8: Drupal 8 is no longer officially supported as of November 2021.
Drupal 9: Drupal 9 is supported until November 2023.
Drupal 10: Drupal 10 is the current major version of Drupal and is fully supported.
Drupal 8: Drupal 8 is no longer officially supported as of November 2021.
Drupal 9: Drupal 9 is supported until November 2023.
Drupal 10: Drupal 10 is the current major version of Drupal and is fully supported.
It’s important to note that Drupal 8 no longer receives security fixes and no new feature development. Drupal 7 and Drupal 9 will receive only security fixes until its end of life in November 2023, after which no further updates will be provided.
Website administrators and developers should plan to migrate their Drupal 7, 8 and Drupal 9 sites as soon as possible to ensure ongoing support and security updates. Migrating to Drupal 10 from Drupal 8 and 9 is generally simpler than previous major version upgrades due to Drupal’s commitment to backwards compatibility, but may still require some level of custom code and module updates.
- What happens if there's a compatibility issue?
If there is a compatibility issue when upgrading or patching a Drupal website, it can cause errors or unexpected behavior that can affect the functionality and user experience of the site. Compatibility issues can occur for various reasons, such as conflicts between different modules or themes, changes in the Drupal core architecture, or custom code that is not compatible with the new version of Drupal.
In some cases, compatibility issues can be resolved by updating or modifying the modules or themes that are causing the issue. However, in other cases, it may be necessary to modify custom code to resolve the issue.
It’s important to thoroughly test the website after any major updates or patches to identify and resolve any compatibility issues before deploying the changes to the live site. It’s also a good practice to have a backup of the website before making any significant changes to allow for easy rollback in case of any issues that may arise.
It’s important to note that our monthly patching package fees includes fixes of any minor remediation issues however excludes any major compatibility issues. In the event of such cases, we will inform you immediately of the issue(s) and provide you options to enable you to make an informed decision on how to best proceed.
- Can I upgrade or downgrade my package at any time?
Yes, the flexibility of our service allows you to upgrade or downgrade your package at any time. If you have chosen a yearly pricing plan and wish to downgrade during the year, we will reconcile the balance accordingly.
Proof
100s of sites. 1000s of patches.
But who’s counting.
Since 2011, from the days of Drupal 6, we’ve been patching, maintaining, and supporting hundreds of sites
across multiple Drupal versions for mission-critical, large-scale Drupal multi-site portfolio programs across
government, education, and enterprise.
Drupal 7
X
sites
X
patches
since 2012
Drupal 8
X
sites
X
patches
from 2015 to 2021
Drupal 9
X
sites
X
patches
since 2020
Drupal 10
X
sites
X
patches
since 2022
Upgrade services
Need help upgrading to Drupal 10?
We’ve helped many. We can help you too.
We’ve developed streamlined and repeatable processes to upgrade or rebuild older versions of Drupal to Drupal 10.
Drupal 7
Rebuild your Drupal 7 site on Drupal 10
Rebuilds start from A$20K+
Since Drupal 10 is not backward compatible with Drupal 7 you can choose to either rebuild “like for like” or take advantage of a new modern theme.
Drupal 8
Upgrade your Drupal 8 site to Drupal 10
Upgrades start from A$10K+
Upgrading from Drupal 8 is a multi-step process. During the upgrade process we identify and remediate all issues including incompatible or deprecated modules.
Drupal 9
Upgrade your Drupal 9 site to Drupal 10
Upgrades start from A$5K
Upgrading from Drupal 9 is relatively smooth. Here we simply run the Drupal 9 upgrade process and remediate any issues identified, including incompatible or deprecated modules.
About us
Who is Salsa?
More than a latin dance.
Salsa is an open source digital innovation company that’s devoted the past 11+ years to mastering its craft in Drupal. We are currently responsible for managing many of the largest Drupal websites on behalf of the Australian Government.
Official service provider
Official service provider of 4 major government programs across Australia.
Drupal contributor
Top 10 international ranking in 2022 for Drupal contribution.
Enterprise security
ISM/IRAP certified service provider for GovCMS. Enterprise grade security in other government programs.
Supporting 400 websites
Responsible for supporting over 400 Drupal websites across Australian Government.
Values-driven culture
Accountability, transparency and authenticity are 3 examples of Salsa’s 8 key values.re magna aliqua.
Digital innovation company
Salsa is a digital innovation company with a pioneering spirit.
