Qualys Patch Management Reviews

Name: Qualys Patch Management
Brand: Qualys
Rating: 4 (8 reviews)

4.2 out of 5

8 reviews
87% willing to recommend

What is Qualys Patch Management?

Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.

Get the Qualys Patch Management Buyer's Guide and find out what your peers are saying about Qualys Patch Management, Microsoft Configuration Manager, BigFix and more!

Qualys Patch Management is the #12 ranked solution in top Patch Management solutions. PeerSpot users give Qualys Patch Management an average rating of 8.4 out of 10. Based on the analysis of the 8 most recent Qualys Patch Management reviews, the overall sentiment is positive, with a sentiment score of 6.9. (Among the highest in the category). Qualys Patch Management is most commonly compared to Microsoft Configuration Manager: Qualys Patch Management vs Microsoft Configuration Manager. Qualys Patch Management is popular among the large enterprise segment, accounting for 61% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 13% of all views.

Buyer's Guide

Qualys Patch Management

October 2024

Get the report

Helped 814,649 peers since 2012

Featured reviews

Brad Mathis

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Qualys query language simplifies patch selection by allowing us to define risk-based criteria. We can target patches based on severity medium to critical and Qualys rating while excluding specific unwanted patches like "Patch xyz". As long as a patch meets our pre-approved criteria, it's automatically selected, making the approval process quick and efficient. The Patch Management integration with VMDR including all development patches and configuration changes required to remediate vulnerabilities detected by the VMDR is significantly important. While Qualys offered benefits initially, the deployment of the cloud agent truly transformed our security posture. Previously, regular scans provided only point-in-time vulnerability identification. Now, with continuous updates from the cloud agent every four hours, we have near real-time visibility into our risk levels, allowing us to prioritize and swiftly address vulnerabilities to minimize overall security exposure. TruRisk automation streamlines vulnerability remediation by prioritizing threats based on real-world exploitability, not just a generic CVSS score. This allows us to focus on the most critical issues first, avoiding the time-wasting whack-a-mole approach of patching everything at once. While all vulnerabilities eventually need to be addressed, TruRisk helps us prioritize effectively and work through them in a methodical way. Qualys' prioritization feature streamlines vulnerability management by offering a central hub to find, rank, and address critical security issues. This unified approach significantly improves collaboration between security and IT teams. Previously, prioritizing vulnerabilities was often a matter of simply patching critical ones. Patching policies also play a role, with most companies aiming for a 30-day window or less for critical patches. While the industry average turnaround is 17 days, faster patching remains crucial. Qualys' TruRisk scoring system helps identify outliers – vulnerabilities that might slip through the cracks in a well-managed environment. Traditional patching methods, like Microsoft's WSUS, may miss these outliers, but Qualys excels at finding them, providing better communication and faster remediation. This single source has helped reduce soft costs where employees were wasting time spinning their wheels searching for answers. This newfound focus allows them to dedicate their energy to more important tasks. Prior to implementing patch management, a random sampling of systems would often reveal outdated patches, some exceeding 60 days old. However, with patch management in place, finding such aged patches is now a rarity. We integrated Patch Management on top of Qualys VMDR. This gave us a lot more visibility and accuracy. Patch Management has helped to reduce our organizational risk.

Read full review

Darrell Elmore

System Architect at a leisure / travel company with 10,001+ employees

I used Patch Management with Qualys VMDR when I was doing a proof of concept with Patch management. It works well. To me, it was just a shortcut or another way to patch a system versus doing it with the job, but it was straightforward. We were able to realize its benefits immediately. Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches. After using it, I felt a lot more comfortable with it. TruRisk gives the confidence that we are attacking the major issues, but we do leverage our security team to make the final decision. It does help. Patch Management gives us a single source of truth for assets and vulnerabilities that need to be assessed, prioritized, and remediated. Currently, we are in a hybrid environment until we fully transition over. We have Ivanti and Qualys. They are two separate agents, two separate infrastructures. Moving to Qualys Patch Management gives us instant access to all of the systems we have. We do not have to worry about building up new infrastructure. We just go and start patching. It streamlines everything a lot, especially the dialogue between our teams, that is, the risk side versus the security side. It reduces confusion over patches. Patch Management has definitely given us the opportunity to do more hands-off patching. Some in my team are manually pushing the patches out. We click a button, schedule it, and shoot it out. We are going to take advantage of zero-touch patching for browsers. We are going to do a lot more scheduled or agent-based patching. It will be hands-off. It will free us up to do more analytical things and spread ourselves out to other tasks. Patch Management will help us reduce our organization's risk. We have not had the opportunity to start using it the way we want to. We are still early on, but just from what I see, I expect that it would have a significant impact on our ability to patch. Personally, I think the impact will be significant.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

If a server has two applications, and one has a patch and the other one does not have a patch, you do not need to worry. You just select the server and the patches you want to deploy. If you have selected four patches but only two are applicable, it will only deploy the ones that are applicable. The other two are skipped so that there are no issues or errors with the existing image. That is an advantage of this solution. There is no automation. You have to manually create a job. There is a scanned report, and based on that, you can select a patch or server. You can select multiple servers or multiple patches. We have used the solution's Risk Reduction Recommendation Report. After the remediation, we run the scan again. It is simple. Using Patch Management, we have not seen any improvement in our patch rates.

Read full review

Valuable Features

Qualys Patch Management excels with its query language for automated patching, ease of interface, and comprehensive reporting. Users highlight the effectiveness of its real-time information, dashboards, and a risk-based approach to vulnerability management. The tool's policy enforcement ensures timely updates by preventing users from indefinitely skipping patches. It efficiently manages patches for first-party and third-party applications using its Custom Assessment and Remediation module, offering a thorough vulnerability scanning process.

"Patch Management, if configured correctly, works effectively without requiring further action."
"Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches."
"The most valuable features are the ease of managing both first-party and third-party patching, the generation of dashboards, and the provision of real-time information."

Room for Improvement

Qualys Patch Management could enhance its capabilities by incorporating driver updates, improving automation, and expanding application support. Users find limitations in patching various software like Oracle. Reporting and detection logic need refinement for accuracy. Enhancing the support system with more communication and troubleshooting options would be beneficial. Pricing is a consideration for many. Users also note issues with the agent causing authorization errors and duplicate assets, and they suggest improving handling virtualized environments.

"Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement."
"A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it."
"There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5."

ROI

Users reported a significant reduction in vulnerability exposure and a streamlined patching process through Qualys Patch Management. They experienced faster remediation times and increased efficiency in managing updates. Users also mentioned reduced operational risks and better compliance with industry regulations, attributing these improvements to prioritized and automated patching. Consequently, businesses observed cost savings due to fewer security incidents and less manual labor in patching tasks.

Pricing

Qualys Patch Management pricing is viewed as competitive, though perceptions vary with some finding it expensive. Similar competitor pricing exists, and scaling reduces per-asset costs. Qualys recently introduced improved bundles for smaller environments. While some believe it lacks features at its price point and offers separate SKUs for new functionalities, others with larger infrastructures desire better support. Though preferred over free options like WSUS, some still view it as a costly barrier.

"From what I have heard, Qualys Patch Management is pricey, which is a main barrier to entry. Another aspect that I do not like about Qualys is that they do not add new patch management functionalities to the existing package. It is a separate SKU, so you have to pay more money."
"Qualys Patch Management is expensive."
"The licensing cost is more than 2,000 for the whole Americas region"

Popular Use Cases

Organizations utilize Qualys Patch Management for vulnerability reduction, patch management, and asset management. They employ its cloud-based features to address server vulnerabilities and automate patching to reduce remediation time. It integrates with tools like ServiceNow for streamlined operations. The platform assists in managing security vulnerabilities, providing dashboards with severity and remediation information. By using Qualys, teams effectively patch critical vulnerabilities and ensure infrastructure safety, replacing older tools like SCCM or Microsoft Intune.

Service and Support

Qualys Patch Management receives mixed feedback for customer service and support. Users note improved efforts and quicker resolution with recent staffing enhancements, though others mention difficulty in achieving in-depth troubleshooting or accessing live support, especially for lower-priority cases. Some find support effective and evaluative of issues, while communication can be limited. Positive experiences highlight efficient handling by technical managers and engineers for urgent matters. Satisfaction levels can differ depending on case priority.

Deployment

Setup of Qualys Patch Management is straightforward when familiar with whitelisting and requires minimal maintenance. It is essential to whitelist the Cloud Agent on systems with endpoint security to prevent blocking. Deployment can be handled by a single person with access rights. Initial deployment may feel overwhelming but becomes manageable with practice and minimal support from Qualys. The process involves both cloud and on-premise elements, with automatic scheduled operations and minimal performance issues.

Scalability

Qualys Patch Management is cited as very scalable, with ratings of eight to ten out of ten for scalability. Its capacity to expand is influenced by licensing, and the organization can utilize it fully for large user bases. As a cloud-based service, its adaptability to accommodate growth is acknowledged, although some users have yet to experience this scalability firsthand. Qualys Patch Management is expected to scale with organizational demands over time.

Stability

Qualys Patch Management is described as very stable by its users. Maintenance is communicated in advance, with minimal downtime required. Occasional minor glitches are addressed promptly. Clients with high-speed connections experience no stability issues. User ratings consistently regard the stability highly, often at nine out of ten. No issues like downtime or bugs have been reported, though one team mentioned a temporary system down situation while exploring patching features.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Patch Management Buyer's Guide for additional reliable information.