diff --git a/lib/post_install_tasks/keep_system_updated.md b/lib/post_install_tasks/keep_system_updated.md
index f387546..952717b 100644
--- a/lib/post_install_tasks/keep_system_updated.md
+++ b/lib/post_install_tasks/keep_system_updated.md
@@ -4,7 +4,7 @@
 
 #### :information_source: Introduction
 
-Software updates offer plenty of benefits. It’s all about revisions. These might include repairing security holes that have been discovered and fixing or removing computer bugs.
+Software updates offer plenty of benefits. It’s all about revisions. These might include repairing security holes that have been discovered and fixing or removing bugs.
 
 Some benefits:
 
@@ -14,7 +14,7 @@ Some benefits:
 
 #### :eight_pointed_black_star: Make sure that the system is up to date
 
-For CentOS:
+###### RedHat/CentOS
 
 ```bash
 # Check for updates
@@ -22,13 +22,24 @@ yum check-update
 
 # Install updates
 yum update
+
+# Install upgrades (with security updates)
+yum --security upgrade
 ```
 
-For Debian:
+###### Policy
+
+| Type | Severity | Reference | Comment |
+| :---         | :---         | :---         | :---       |
+| <sup>OpenSCAP</sup> | <sup>High</sup> | <sup>[Ensure Software Patches Installed](https://static.open-scap.org/ssg-guides/ssg-centos7-guide-pci-dss.html#xccdf_org.ssgproject.content_rule_security_patches_up_to_date)<sup> | |
+| <sup>STIG</sup> | <sup>Medium</sup> | <sup>[Vendor packaged system security patches and updates must be installed and up to date.](https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-12-14/finding/V-71999)</sup> | <sup>ID: V-71999</sup> |
+| <sup>CIS</sup> | | | <sup>ID: 1.2, 1.8</sup> |
+
+###### Debian
 
 ```bash
 # Check for updates
-apt-get update -qq ; apt-get upgrade -duyq
+apt-get update && apt-get upgrade
 
 # Install updates
 apt-get upgrade && apt-get dist-upgrade
@@ -36,19 +47,34 @@ apt-get upgrade && apt-get dist-upgrade
 
 #### :eight_pointed_black_star: Automatic security updates
 
-###### Useful resources
+###### RedHat/CentOS
+
+```bash
+yum install yum-cron
+
+# Edit /etc/yum/yum-cron.conf
+update_cmd = security
+apply_updates = yes
+
+# Enable service
+systemctl enable yum-cron
+systemctl start yum-cron
+```
+
+###### Debian
+
+```bash
+apt-get install unattended-upgrades apt-listchanges
+
+# Edit /etc/apt/apt.conf.d/20auto-upgrades
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+```
+
+#### :eight_spoked_asterisk: Useful resources
 
 - [How Often Should I Update our Linux Server?](https://serverfault.com/questions/9490/how-often-should-i-update-our-linux-server)
 
-###### Policies
-
-| <b><u>Policy</u></b> | <b><u>ID/Description</u></b> | <b><u>Severity</u></b> |
-| :---         | :---         | :--- |
-| <b>STIG</b> | [V-71999](https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-12-14/finding/V-71999) | <b>Medium</b> |
-| <b>CIS</b> | 1.2, 1.8 | |
-| <b>OpenSCAP</b> | CCI-002605, CCI-002607 | CAT II |
-
-
 #### :ballot_box_with_check: Summary checklist
 
 | <b>Item</b> | <b>True</b> | <b>False</b> |