How Rimo3 Is Automating PSADT Packaging and Patching for a Set‑and‑Forget Application Lifecycle
Over the past few months, we’ve been steadily improving how Rimo3 handles PSADT. This wasn’t about adding features for the sake of it — the goal has always been clear: help customers move away from repetitive manual work and toward a genuinely set and forget application workflow.
Most teams know the reality of PSADT today: wrapping the app, adjusting scripts, fixing drift, testing it again, deploying it, and repeating the whole thing every time a new version arrives. It works — but it’s fragile, slow, and inconsistent.
We wanted to change that. So we took things step by step.
November – Getting Visibility First
The first step toward a set‑and‑forget model was understanding what existed in the estate.
In November, we introduced PSADT recognition: detecting PSADT apps on import, identifying whether they used v3 or v4, surfacing useful insights, validating the apps automatically, and exporting them cleanly to Intune.
It solved a simple but fundamental problem:
you can’t automate what you can’t see.
This gave teams the clarity they needed to start standardising their application estate.
December – Automated Wrapping to Eliminate Drift
Once we had visibility, we focused on consistency.
In December, we delivered automated PSADT wrapping, enabling customers to wrap apps into v3 or v4 templates without touching a script.
This immediately removed drift — every application now followed the same logic, regardless of who worked on it.
It was a big step toward set‑and‑forget packaging:
define your standard once, apply it automatically to every app.
January – Bringing Governance With Template Management
In January, we added full template management to turn PSADT from “automated” to “governed.”
That included:
This gave customers a proper mechanism to control standards, ensure consistency, and embed organisational logic directly into their workflow.
And in parallel with this work, we’ve been building out Intune deployment templates that automate multi‑phase rollouts and supersedence to complete the deployment side of the workflow.
When you combine this with automated wrapping, you get another major step toward set‑and‑forget automation:
your templates become policies — not files in a folder.
February – Applying PSADT Automation to Patching
The next logical step was ensuring that the same standards applied to vendor updates, not just internal apps.
This is where PSADT truly meets the patching lifecycle.
In February, we extend the automation to allow Rimo3 to automatically apply your chosen custom template when importing patches. That means:
This is where set‑and‑forget really starts to take shape:
your applications update, your template is applied, validation runs, and the package is ready — without manual steps.
We also add PSADT script editing, allowing quick adjustments or modernisation without rebuilding packages from scratch.
March and Beyond – Automated Intune Deployments and Intelligent Patching
As we move into March and beyond, the automation extends into deployment with Intune deployment templates.
This unlocks:
But deployment is only one part of the story, as part of this evolution, we’re unifying the pipeline with our Clarity data so vulnerability signals can directly influence when apps are patched — shifting patching from a date‑driven cycle to intelligent, risk‑based triggers.
By unifying everything with Clarity vulnerability data, customers will be able to define their risk tolerance once — and let the system handle the rest.
Imagine setting your vulnerability thresholds and knowing that patching only happens when those thresholds are met or exceeded.
No more guessing.
No more manual prioritisation.
Just intelligent automation that reacts to real‑world risk.
Because wrapping, customising, validating, exporting, and deploying are already automated, this becomes a true end‑to‑end flow:
patching driven by evidence, executed by automation, governed by your rules.
The Fully Automated Patching Pipeline
With all these capabilities in place, Rimo3 now supports a clean, repeatable, end‑to‑end pipeline:
Subscribe → Import → Customise → Package → Test → Export → Deploy → Repeat
Each step is governed by your standards, and the pipeline stays consistent even as new versions arrive.
The Deploy stage benefits from the Intune deployment templates we’ve been building — giving customers a rule‑driven way to automate rollouts, supersedence, and cleanup of older versions.
It’s the closest thing to a set‑and‑forget application lifecycle the industry has seen.
No drift.
No manual wrapping.
No repeated setup for deployments.
Just a defined process that runs the same way, every time.
Why This Matters
PSADT has always been powerful, but also manual and easy to get wrong.
By automating everything around it — packaging, customisation, validation, patching, deployment, and risk‑driven decisions — we’ve turned PSADT from a monthly chore into a stable, governed part of an automated pipeline.
This aligns directly with our broader vision:
make application change predictable, intelligent, and ultimately automatic.
And with this set‑and‑forget workflow now in place, we’re much closer to that future.