There is an interesting new project called Hardenize online, which has the goal to provide tool to check your website for security best practices. It does not test if your CMS is up to date, but it checks a lot of other stuff . It is still in Alpha state, so there is a lot more to come, I think. It is easy to register and for the moment it's free to use. Of Course I tested Loony Information also with it and I enhanced the Content Security Policy after the first check, now the Report for Loony Information on Hardenize Looks like this .
I, now also had some chances to use Drush for updating Drupal and I have to say: ""I love it!" No bash script is able to beat Drush. Especially when you use it in Connection with Amazon Auto Scaling there is no way around Drush, because with Drush Auto Scaling won't mark any instance unhealthy due to the speed of Drush. Before I used Drush, I used self written bash scripts and they took about 20 minutes to finish, when working with Amazon Elastic File Service (EFS). That always ended in auto scaling marking instances unhealthy und starting new ones. With Drush updating the source Code takes between 5 and 10 minutes and Auto scaling keeps ist feet still. The amount of time updating takes depends on your backup strategy. If you do your own backups before updating it takes longer than if you only rely on the Drush backup instead, which Drush does before any update. So if you use Drupal, I recommend you also use Drush with it! It makes your maintenance life so much easier. Also when you use shared webhosting look out, if your hosting company supports Drush at all. You will love to use it.