Are you actually targeted with undisclosed vulnerabilities, or are you just concerned about quickly patching your infrastructure after a vulnerability is disclosed? If it's the latter, I'd love to hear more about your pain points as it's an area in which I've been kicking around ideas for a while.