A method and a system for automating security updates in a multi-tiered architecture of a system environment. The method includes receiving a software update note relating to a multi-tiered architecture system environment and determining a patch in the software update note is initially compatible with the system environment. The method also includes predicting, by a patch acceptance machine learning model, the patch is patchable within in the system environment and predicting, by an installation machine learning model, an installation patch time for the patch on the system environment. The method also includes installing the patch at the installation patch time on the system environment, and validating the patch installation using a validation machine learning model.