Qualys Patch Management Reviews

Name: Qualys Patch Management
Brand: Qualys
Rating: 4 (4 reviews)

4.0 out of 5

4 reviews
75% willing to recommend

What is Qualys Patch Management?

Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.

Get the Qualys Patch Management Buyer's Guide and find out what your peers are saying about Qualys Patch Management, Microsoft Configuration Manager, BigFix and more!

Qualys Patch Management is the #18 ranked solution in top Patch Management solutions. PeerSpot users give Qualys Patch Management an average rating of 8.0 out of 10. Based on the analysis of the 4 most recent Qualys Patch Management reviews, the overall sentiment is positive, with a sentiment score of 6.9. (Among the highest in the category). Qualys Patch Management is most commonly compared to Microsoft Configuration Manager: Qualys Patch Management vs Microsoft Configuration Manager. Qualys Patch Management is popular among the large enterprise segment, accounting for 62% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a manufacturing company, accounting for 16% of all views.

Buyer's Guide

Qualys Patch Management

October 2024

Get the report

Helped 813,418 peers since 2012

Featured reviews

Brad Mathis

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Qualys query language simplifies patch selection by allowing us to define risk-based criteria. We can target patches based on severity medium to critical and Qualys rating while excluding specific unwanted patches like "Patch xyz". As long as a patch meets our pre-approved criteria, it's automatically selected, making the approval process quick and efficient. The Patch Management integration with VMDR including all development patches and configuration changes required to remediate vulnerabilities detected by the VMDR is significantly important. While Qualys offered benefits initially, the deployment of the cloud agent truly transformed our security posture. Previously, regular scans provided only point-in-time vulnerability identification. Now, with continuous updates from the cloud agent every four hours, we have near real-time visibility into our risk levels, allowing us to prioritize and swiftly address vulnerabilities to minimize overall security exposure. TruRisk automation streamlines vulnerability remediation by prioritizing threats based on real-world exploitability, not just a generic CVSS score. This allows us to focus on the most critical issues first, avoiding the time-wasting whack-a-mole approach of patching everything at once. While all vulnerabilities eventually need to be addressed, TruRisk helps us prioritize effectively and work through them in a methodical way. Qualys' prioritization feature streamlines vulnerability management by offering a central hub to find, rank, and address critical security issues. This unified approach significantly improves collaboration between security and IT teams. Previously, prioritizing vulnerabilities was often a matter of simply patching critical ones. Patching policies also play a role, with most companies aiming for a 30-day window or less for critical patches. While the industry average turnaround is 17 days, faster patching remains crucial. Qualys' TruRisk scoring system helps identify outliers – vulnerabilities that might slip through the cracks in a well-managed environment. Traditional patching methods, like Microsoft's WSUS, may miss these outliers, but Qualys excels at finding them, providing better communication and faster remediation. This single source has helped reduce soft costs where employees were wasting time spinning their wheels searching for answers. This newfound focus allows them to dedicate their energy to more important tasks. Prior to implementing patch management, a random sampling of systems would often reveal outdated patches, some exceeding 60 days old. However, with patch management in place, finding such aged patches is now a rarity. We integrated Patch Management on top of Qualys VMDR. This gave us a lot more visibility and accuracy. Patch Management has helped to reduce our organizational risk.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

If a server has two applications, and one has a patch and the other one does not have a patch, you do not need to worry. You just select the server and the patches you want to deploy. If you have selected four patches but only two are applicable, it will only deploy the ones that are applicable. The other two are skipped so that there are no issues or errors with the existing image. That is an advantage of this solution. There is no automation. You have to manually create a job. There is a scanned report, and based on that, you can select a patch or server. You can select multiple servers or multiple patches. We have used the solution's Risk Reduction Recommendation Report. After the remediation, we run the scan again. It is simple. Using Patch Management, we have not seen any improvement in our patch rates.

Read full review

Rafael Araujo

Infrastructure and Information Security Supervisor at YKK MALAYSIA SDN BHD

We have not yet seen many benefits because we are still deploying patch policies. We are doing that first with a test group. We have not done 100% patch management. By next month, we will have 100% management through Qualys Patch Management. We expect to see about 99.9% of assets updated all the time. We have great expectations. We can create rules based on risk. We do not make it 100% automatic for servers because there is a higher chance of issues, but for PCs, we can do 100% automation. Based on the risk for an operation, we can create some sort of policies. We are deploying both Qualys Vulnerability Management and Qualys Patch Management. Qualys Vulnerability Management was deployed one month ago. For the last month, we have been working to deploy Qualys Patch Management. They are being deployed side by side. The benefit of this is that Qualys Patch Management can solve all the vulnerabilities found by Qualys Vulnerability Management. One part of the tool detects the vulnerabilities and then the other part fixes them. They work together. Patch Management will help reduce our organization's risk, but it is hard to say how much it will reduce the risks.

Read full review

Valuable Features

Qualys Patch Management's most valuable features include its Qualys query language for automatic patch scheduling and a comprehensive interface that eliminates the need to download patches externally. It offers strong reporting capabilities, customizable scan intervals, and policy enforcement that limits user ability to delay updates, ensuring security. Organizations appreciate its alignment with protocols such as ISO-27000 and GDPR. Despite an initial learning curve, its user-friendly design enhances productivity in patch deployment and system protection.

"Policy enforcement requires less time for my team because users cannot avoid applying updates. The user can skip two or three times or for a maximum of eight hours. After that, there is no way to avoid it. It helps us keep the environment safe."
"Qualys' best feature is its reporting. At first, it may seem a little complicated to a beginning user, but it's helpful once you get used to it. Most of these scans run automatically. We set the scans up for the client to run at daily, weekly, or monthly intervals, depending on how critical the server or other hardware is."
"For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it."

Room for Improvement

Qualys Patch Management needs improvements in driver updates and support for a wider range of applications. Users experience issues with patch deployment and errors, affecting reliability. Support is insufficiently communicative and lacks a call-based approach. Enhancements in handling VMware environments and more user-friendly reporting are needed. Pricing is considered high, and better affordability is desired. Competitors like SCCM offer more flexibility and automation, highlighting the need for Qualys to expand capabilities.

"Its implementation is too recent to make any judgments about areas needing improvement. In terms of pricing, of course, it is not free. Cheaper is always better."
"Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn."
"One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective."

ROI

Users reported a significant reduction in vulnerability exposure and a streamlined patching process through Qualys Patch Management. They experienced faster remediation times and increased efficiency in managing updates. Users also mentioned reduced operational risks and better compliance with industry regulations, attributing these improvements to prioritized and automated patching. Consequently, businesses observed cost savings due to fewer security incidents and less manual labor in patching tasks.

Pricing

Qualys Patch Management offers competitive pricing compared to similar solutions, though some perceive it as costly. Users highlight advantages such as scalable pricing with reduced per-asset costs and new bundles for smaller environments. However, they desire more features aligned with pricing and enhanced support. While more expensive than Nessus, many acknowledge the need to pay for top-quality technological products. Large-scale deployments, such as with 80,000 licenses, receive mixed feedback on affordability and support.

"The licensing cost is more than 2,000 for the whole Americas region"
"I'm unaware of Qualys' exact price, but it's more expensive than Nessus. With technological products, you need to pay to get the best."
"It is affordable, but they should provide features as per the rate they are charging. We have a big infrastructure with about 80,000 licenses. We expect better support from the Qualys team. So, it is affordable, but more features should be there, and the support should be better."

Popular Use Cases

Organizations utilize Qualys Patch Management for patching applications and managing vulnerabilities. Its cloud-based platform facilitates vulnerability management and response without on-premise servers. Qualys is preferred for core infrastructure checks, identifying and escalating patching issues, and integrating with tools like ServiceNow. They leverage Qualys to rapidly address software and operating system vulnerabilities, often replacing tools like SCCM or Microsoft Intune, ensuring a secure environment.

Service and Support

Qualys Patch Management customer service has shown improvements, with recent requests resolved efficiently. Some users experience initial responses from level-one support requiring further escalation. Challenges include reliance on knowledge-based articles and difficulty in live troubleshooting. Support varies with case priority, potentially more attentive for higher priority cases. Efficiency is generally rated positively, with some reporting delays early on but smooth interactions thereafter. Some users haven't needed support, and others find the team lacking in communication.

Deployment

Users find Qualys Patch Management's initial setup straightforward and easy to implement. They appreciate the simplicity and efficiency it offers during deployment. The intuitive guidance during the setup process ensures a seamless experience. Users also highlight that they encounter minimal issues when integrating it with existing systems.

Scalability

Users find Qualys Patch Management highly scalable, suitable for both small and large environments. It effectively manages numerous endpoints with minimal performance issues. Some appreciate its seamless integration with existing systems, while others note easy deployment and monitoring capabilities. Scalability is enhanced by its cloud-based nature, ensuring adaptability as enterprise needs grow. Automated features and detailed reporting further facilitate expansion without compromising efficiency.

Stability

Qualys Patch Management is considered very stable by users, who appreciate the clear communication on scheduled maintenance and minimal downtime. Even during major maintenance, limited portal access is announced in advance. Minor glitches can occur occasionally, but users easily check status.qualys.com. Stability is rated nine out of ten, with no significant issues reported when using high-speed fiber optic connections. Overall satisfaction with stability is high.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Patch Management Buyer's Guide for additional reliable information.