CyberTrust Launches TuxCare ELS for Open Source Software Vulnerabilities

CyberTrust Unveils TuxCare ELS Service

CyberTrust Inc., based in Minato, Tokyo, has announced the launch of its new service, TuxCare ELS, starting from December 11, 2025. This innovative service offers security patches for vulnerabilities in open-source software (OSS) even after the official support from the community has ended. By providing continuous updates and fixes for newly discovered vulnerabilities, TuxCare ELS aims to safeguard systems against ever-evolving threats such as ransomware and supply chain attacks.

One of the primary advantages of TuxCare ELS is that it enables organizations to mitigate security risks and adhere to compliance requirements without the need for costly system modifications or migrations. These capabilities are particularly beneficial for legacy systems that may face obstacles due to cost or time constraints related to frequent updates.

Importance of Addressing Vulnerabilities

The surge in cyber-attacks targeting critical infrastructure and companies has brought attention to the importance of vulnerability management. The Information Processing Promotion Agency (IPA) emphasizes in its 2025 Information Security White Paper, released in September 2025, the necessity of keeping utilized software up-to-date as a crucial vulnerability countermeasure.

Furthermore, a report from the Ministry of Economy, Trade and Industry (METI) in May 2025 reveals that 61% of user companies possess legacy systems, spotlighting the issues associated with outdated software support. As software support ends, systems become prime targets for cyberattacks due to unresolved vulnerabilities. Rigid industry audit standards mandate ongoing vulnerability management, necessitating patch applications based on impact assessments. Using software that has reached the end of its support cycle can lead to issues during audits, including loss of certification, potentially jeopardizing business continuity.

However, upgrading old software can be time-consuming and expensive, requiring extensive testing and application modifications.

TuxCare ELS: Features and Benefits

In response to these challenges, CyberTrust is introducing TuxCare ELS, which provides proprietary security patches for newly discovered OSS vulnerabilities along with an inquiry service in Japanese. Offered as an annual subscription, TuxCare ELS allows organizations to apply fixes without the need for software upgrades or application modifications, facilitating the safe and continuous use of existing systems.

Key Features of TuxCare ELS:

- Broad OSS Support: The service supports a wide range of OSS, including popular frameworks such as PHP, Python, and OpenJDK, with plans to gradually expand the list.
- Compatibility with Various Linux OS: TuxCare ELS covers major Linux operating systems used in server environments, including AlmaLinux, CentOS, and Red Hat Enterprise Linux.
- Applicability to Custom OSS: It can be applied to OSS obtained from sources other than standard repositories, ensuring flexibility and comprehensive coverage.
- Easy Rollback Capability: The service allows parallel use of the standard OSS, enabling organizations to revert to previous versions in case of operational issues.

TuxCare ELS is structured around three primary plans:
1. Server Plan: For direct use of targeted OSS on physical or virtual servers.
2. Container Host Plan: For utilizing targeted OSS within containers on physical or virtual servers.
3. Developer Plan: For applications running on the targeted OSS.

These plans are available for purchase through CyberTrust and its distribution partners.

Drawing from its extensive experience in long-term Linux support, CyberTrust is committed to enabling safe and secure operations of OSS-utilizing systems over extended periods.

About CyberTrust Inc.

CyberTrust is Japan's first commercial certification authority, established in 2000, and has been providing trust services leveraging certificate and security technology. The company specializes in platform services for on-premises, cloud, and embedded domains, applying Linux kernel technology and open-source software knowledge. With a vision of ensuring reliability in services, CyberTrust aims to prove the integrity of people, things, and events in advanced fields like IoT through its expertise and neutrality in IT infrastructure technology.