Qualys Patch Management Reviews

Name: Qualys Patch Management
Brand: Qualys
Rating: 4.5 (30 reviews)

4.5 out of 5

30 reviews
96% willing to recommend

What is Qualys Patch Management?

Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.

Get the Qualys Patch Management Buyer's Guide and find out what your peers are saying about Qualys Patch Management, Microsoft Configuration Manager, BigFix and more!

Qualys Patch Management is the #4 ranked solution in top Patch Management solutions. PeerSpot users give Qualys Patch Management an average rating of 9.0 out of 10. Qualys Patch Management is most commonly compared to Microsoft Configuration Manager: Qualys Patch Management vs Microsoft Configuration Manager. Qualys Patch Management is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.

Buyer's Guide

Qualys Patch Management

February 2025

Get the report

Helped 838,713 peers since 2012

Featured reviews

Revathi VeeraRaghavan

Information Security - Manager at Infosys

We have prioritized products for automated patching. This means that whenever a vendor releases a patch, it is seamlessly and robustly applied. Qualys VMDR detects vulnerabilities and correlates them with relevant patches in the Qualys Patch Management module. Although separate databases, they work together to provide a comprehensive solution for identifying and remediating vulnerabilities. When VMDR detects a vulnerability, it identifies corresponding patches released in the Patch Management module, streamlining the patching process. Before the pandemic in 2020, we relied on remote scanning, which limited our ability to deploy and manage patches effectively. Our on-premises SCCM server struggled to push patches to remote users relying on VPN. To address this, we deployed the Qualys Cloud Agent on all 360,000 assets in our infrastructure. This provided comprehensive vulnerability detection, unlike the limited results from remote scans. However, the sheer volume of vulnerabilities overwhelmed our SCCM server. Consequently, we collaborated with Qualys to develop a backend solution integrated with the Cloud Agent for seamless patch management. After successful testing and implementation, Qualys Patch Management now efficiently handles patching for Windows, Linux, and macOS devices. Qualys Patch Management provides a centralized platform for managing assets and vulnerabilities, enabling assessment, prioritization, and remediation. We rely on Qualys for both vulnerability detection and patch deployment. We initially faced challenges as the IT team was hesitant about Qualys Patch Management, and the deployment of cloud agents revealed millions of vulnerabilities. However, Qualys Patch Management significantly reduced these vulnerabilities, particularly on our Windows machines, which comprise 70 percent of our systems. The team observed a 70 percent remediation rate through scheduled patching, establishing Qualys as a reliable source of truth. Consequently, they shifted from relying on SCCM or Intune to Qualys Patch Management for scheduling patching jobs to meet our five-day SLA. With Qualys publishing QIDs the day after vendor patch releases, automated jobs promptly deploy patches to all machines upon vulnerability detection. Qualys Patch Management helps lower operational costs and enhances our security posture by reducing vulnerabilities and streamlining compliance efforts. I have observed an improvement in our patch rate using Qualys Patch Management. Qualys now facilitates over 80 percent compliance within five days, a task that previously required the IT team 12 days to accomplish. By integrating Patch Management with VMDR, we gain immediate vulnerability detections and leverage TruRisk values to derive our own severity rankings for prioritization. These prioritized vulnerabilities are then addressed using the Qualys Patch Management Module, streamlining our remediation process. Qualys Patch Management has helped reduce our organizational risk by providing current vulnerability data, including exploitability and active threat information. The platform's live threat feed and risk score enhance the standard CVSS rating by considering factors like active malware association and exploit availability, allowing us to prioritize patching efforts effectively.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

The most valuable features of Qualys Patch Management include its ability to automate patch deployment for hundreds or thousands of assets, reducing our reliance on the IT team to perform these tasks manually. It is able to fix most of our vulnerabilities. The count is reducing significantly. We do not have to rely on our IT team to manually log in to systems or deploy using the AD group. We can just put in a command and schedule the patches for our hundreds or thousands of assets. The vulnerability count has reduced significantly. Secondly, it helps us not just deploy a patch, it also helps us to install a particular software if it is required from an IT standpoint. Tomorrow, if the organization has a requirement for certain software to be installed on a device, Qualys Patch Management has that capability as well. It can install that software on the machine irrespective of whether it is a security tool or some other tool. We can just put in the URL or source path of it, and it will install that software. The last one is the registry remediation. It is not just limited to patch management or patch deployment. We can also create a script to fix a particular vulnerability that cannot be fixed through patch deployment. It might require logging into the system, opening the registry keys, and editing some values to it. We can create a script for that.

Read full review

Arshad Nr

Senior Security Consultant at CyberNxt Solutions LLP

Whenever Microsoft releases any zero-day vulnerabilities, they provide a workaround. We are able to push that workaround from the Patch Management module. We can push the registry key changes or use the PowerShell script. We push changes to almost 600 devices in ten minutes. It helps us ensure our infrastructure security. Qualys Patch Management has significantly improved our visibility into vulnerability remediation and patch severity. The solution has enabled us to remediate a large number of vulnerabilities and reduce our attack surface effectively. We can track live updates and present dashboards to management, which has increased their confidence in our security posture. We can see the progress while pushing the patches. We have VMDR dashboards and reports. The reports are user-friendly, and everyone can understand these reports. We could also present them to the management. They were also happy to see the progress. They had visibility. We have not implemented much automation. We are still in the early stages of this solution and testing out the possibilities. We had an issue because of the requirement that every server should be connected to the Internet before downloading the patches, but QGS was very helpful with that. QGS helps to ensure that we are able to patch devices that are not connected to the Internet. We are able to prioritize the vulnerabilities and remediation. We did not see any discrepancies. With some of the other tools I have used, I have seen so many discrepancies between the vulnerability and the patching. It helped our teams to work together. We created a separate team for vulnerability remediation. We also could help the patching team and support them in automating patch management. Previously, they were doing it manually on each server. With Qualys Patch Management, there is an increase in vulnerability remediation. We have remediated almost 100,000 vulnerabilities. That is a huge count. Previously, we used a formula to identify critical vulnerabilities, and we could remediate only a limited number of vulnerabilities. With Qualys Patch Management, we could remediate all the vulnerabilities. We did not exclude any of the vulnerabilities. There is also an increase in the patch rate. Previously, we could only cover 30% patching, whereas with Qualys Patch Management, within one and a half months, we could achieve 70% to 80% patching. The remaining ones are not included in the initial phase because of certain dependencies. We pushed data to almost 2,000 devices. It took some time for us to do the testing. We tested on ten production devices. After that, we pushed the patches to other devices. We can download reports and customize the report templates based on the information we need. Our management could clearly see where we are now as compared to before. They could see our progress. They could see that we have fixed all high-priority ones within a month. The remaining ones are of medium and low priority. Even if we do not remediate them, it will be fine. The Risk Reduction Recommendation Report helped us see which vulnerabilities would reduce the most risk within our organization.

Read full review

Qualys Patch Management mindshare

As of February 2025, the mindshare of Qualys Patch Management in the Patch Management category stands at 3.4%, according to calculations based on PeerSpot user engagement data.

Patch Management

PeerAnalyst reports

Type	Title	Date
Category	Patch Management	Feb 22, 2025	Download
Product	Reviews, tips, and advice from real users	Feb 22, 2025	Download
Comparison	Qualys Patch Management vs Microsoft Configuration Manager	Feb 22, 2025	Download
Comparison	Qualys Patch Management vs BigFix	Feb 22, 2025	Download
Comparison	Qualys Patch Management vs Microsoft Windows Server Update Services	Feb 22, 2025	Download

Title	Rating	Mindshare	Recommending
Microsoft Configuration Manager	4.1	16.2%	90%	81 interviews Add to research
BigFix	4.3	10.9%	97%	96 interviews Add to research

Valuable Features

Qualys Patch Management's valuable features include the Qualys query language for seamless patching, real-time updates, and comprehensive dashboards. It supports both first-party and third-party patching, allowing for easy deployment through a user-friendly interface. The tool enhances security with vulnerability assessments and prioritization, automated scripts for complex updates, and integration with other security tools. It provides extensive visibility, compliance, and efficient patch application across Windows, Linux, and macOS environments.

"I would give it a ten out of ten."
"We've been able to reduce organizational risk by 50%."
"The integrations with VMware include configurations to mitigate vulnerabilities. It helps us identify permissions and whatever is applicable for the vulnerability for faster patching."

Room for Improvement

Qualys Patch Management needs enhancements in driver update integration, Oracle patch support, and third-party application support. Pricing is considered high. Customer support and user interface require improvements. Speed of patch delivery and detection of zero-day vulnerabilities should be improved. More functionality for VMware environments and detailed error reporting is needed. The tool struggles with patch availability in virtual settings and legacy systems. Reliability of the patch process and reporting accuracy could be strengthened.

"We dislike having to pay extra. We don't mind paying for additional modules like Certificate View."
"The patch status and patch completion information should be improved. If a patch fails due to some reason, such as a Windows error, the error code that gets published should be more detailed."
"The patch status and patch completion information should be improved."

ROI

Organizations experience significant savings in resources and time with Qualys Patch Management, reducing vulnerabilities by eighty percent and achieving up to ninety percent time savings. Qualys allows a seventy-percent reduction in time and decreases financial expenses by thirty to forty percent. Satisfaction is high due to enhanced security, efficient threat mitigation, and operational efficiency. While some cannot quantify the financial gains, satisfaction remains high with notable resource optimization.

Pricing

Qualys Patch Management pricing is viewed as competitive although some find it expensive compared to alternatives like Nessus. Scaling offers lower per-asset costs, and pricing bundles cater to smaller environments. While some users feel additional features should be included, others appreciate its comprehensive functionality and value, especially against competitors like Microsoft SCCM and Rapid7. Despite mixed perceptions, users acknowledge the worth in relation to its services and efficiency.

"Qualys Patch Management comes as part of a bundled package with several modules, making it a cost-effective deal for us."
"Its price is competitive in the market. Compared to other solutions like Rapid7, Qualys offers a favorable price point and robust features."
"Qualys Patch Management offers a moderate price point, neither cheap nor expensive, considering its comprehensive functionality."

Popular Use Cases

Organizations use Qualys Patch Management primarily for vulnerability remediation, leveraging its automation capabilities to streamline patch deployment for applications and operating systems. They synchronize it with Qualys Vulnerability Management to ensure comprehensive security management, focusing on critical vulnerabilities. The cloud-based platform allows efficient patching processes without extensive on-premise infrastructure, prioritizing high-risk issues. Companies utilize it for Microsoft security updates, third-party applications, and zero-day vulnerabilities, improving security posture through real-time detection and prioritized patch application.

Service and Support

Qualys Patch Management support is rated highly by users, with many praising their quick response times and efficient resolutions. Their technical team is described as efficient and proactive, resolving issues swiftly. Some users note occasional initial response slowdowns requiring further escalation, while others highlight effective communication and robust support. Challenges include reliance on knowledge base articles without live troubleshooting. Generally, most users express satisfaction with their customer service interactions and support quality.

Deployment

Initial setup for Qualys Patch Management is generally straightforward with proper team support. Many find the whitelisting process crucial and well-documented, making integration smooth. Deployment on cloud and on-prem servers is flexible with options for immediate or scheduled updates. Maintenance requirements are minimal, though users report varying levels of support from Qualys. Some experienced challenges due to internal processes, but with documentation aid, organizations accomplished their setups effectively within weeks.

Scalability

Qualys Patch Management is consistently rated high for scalability, often nine or ten out of ten. Users find it adaptable for large organizations, handling numerous assets and locations globally. It efficiently manages increasing workloads and ensures smooth patch deployment. However, its multi-tenancy support and affordability could improve. Users appreciate its dynamic nature and consistent upgrades with new technologies. Mac patch support is lacking, and scaling depends on licensing but generally satisfies organizational needs well.

Stability

Qualys Patch Management is regarded as very stable, frequently receiving ratings between eight to ten out of ten regarding its steadiness. While users occasionally face minor glitches or latency issues, these are rare and often linked to external factors, such as network issues. Users appreciate advance communication about scheduled maintenance and report minimal downtime. Instances of reported downtime or glitches are typically resolved efficiently, contributing to its reputation for reliability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Patch Management Buyer's Guide for additional reliable information.