Predictive Risk-Aware Patch and Configuration Governance for Enterprise Linux Using Artificial Intelligence

Enterprise Linux infrastructures require continuous patching and configuration management to mitigate security vulnerabilities and maintain operational stability. Traditional patch governance approaches are largely reactive, relying on severity scores, periodic maintenance windows, and manual prioritization. These methods often fail to account for contextual risk factors such as system criticality, configuration dependencies, and historical failure patterns, leading to delayed remediation or unintended service disruptions.

This paper presents a predictive, risk-aware patch and configuration governance framework for enterprise Linux systems using artificial intelligence. The proposed approach integrates Configuration-as-Code, continuous system observation, and AI-based risk modeling to predict the potential impact of patch and configuration changes before deployment. By analyzing historical patch outcomes, configuration drift patterns, and system behavior, the framework prioritizes remediation actions based on operational and security risk rather than static severity metrics alone.

Through architectural design and controlled evaluation in enterprise Linux environments, the study demonstrates that predictive, risk-aware governance improves patch prioritization, reduces configuration-related incidents, and enhances decision-making for maintenance activities. The findings indicate that AI-assisted risk modeling can support safer and more efficient patch and configuration governance while preserving transparency and human oversight.

DOI: https://doi.org/10.52783/crlsj.679