Try our new research platform with insights from 80,000+ expert users

Qualys Patch Management pros and cons

Vendor: Qualys

4.5 out of 5

30 reviews
96% willing to recommend

Pros & Cons summary

Qualys Patch Management offers automated patch scheduling, minimizing organizational risk while caching patches via Qualys Gateway Service to optimize network resources. It integrates vulnerability feeds for prioritization and deploys efficiently with Qualys Gateway Scanner. Despite excellent support, limitations exist, such as lack of built-in driver updates, high pricing, patching legacy systems, and inaccurate detection logic. Zero-day vulnerability response time requires improvement, but its strong automated capabilities enhance security.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys Patch Management offers robust automated patch scheduling and retrieval, enhancing efficiency and ensuring timely updates.

The integration of Qualys Gateway Scanner optimizes bandwidth by caching and distributing patches within the environment.

Qualys Patch Management significantly improves organizational risk management, demonstrating reduction rates of up to 99.9%.

Customer support is exceptionally responsive and provides real-time assistance, surpassing expectations in addressing user queries.

Qualys Patch Management streamlines vulnerability management by providing a comprehensive source to assess, prioritize, and remediate vulnerabilities.

CONS

Qualys Patch Management has limitations in patching for VMware and virtualized environments, and it lacks built-in driver updates.

Reporting and patch completion information require improvement for better user understanding and efficiency.

The support for legacy operating systems is inadequate, causing issues for users with older infrastructures.

There are limitations in patch availability, and collaboration with vendors to expand supported patches is necessary.

Pricing for Qualys Patch Management is higher when compared to other vendors, which can be a significant obstacle for many companies.

Qualys Patch Management Pros review quotes

reviewer2590236

Information Security Lead at Infosys

Oct 31, 2024

Qualys Patch Management offers a valuable feature that allows for deferred reboots, giving users control while still ensuring eventual patching.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

Dec 11, 2024

The most valuable features of Qualys Patch Management include its ability to automate patch deployment for hundreds or thousands of assets, reducing our reliance on the IT team to perform these tasks manually.

Read full review

RO

Cybersecurity Engineer at a manufacturing company with 51-200 employees

Oct 18, 2024

Patch Management, if configured correctly, works effectively without requiring further action.

Read full review

Qualys Patch Management

Free Report: Qualys Patch Management Reviews and More

Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: February 2025.

838,713 professionals have used our research since 2012.

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

The most valuable feature in Patch Management is the Qualys query language for set-it-and-forget-it patching for our preapproved patches, and our preapproved schedules, That is extremely helpful compared to the old days of patching.

Read full review

Senior Security Consultant at CyberNxt Solutions LLP

Nov 5, 2024

The features I find most valuable in Qualys Patch Management include the ability to manage registry changes and run scripts both pre and post-patching. We have been able to apply workarounds for zero-day vulnerabilities efficiently.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

Aug 20, 2024

For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 30, 2024

Qualys Patch Management has significantly reduced our organizational risks.

Read full review

Revathi VeeraRaghavan

Information Security - Manager at Infosys

Dec 5, 2024

Qualys Patch Management offers numerous valuable features, including automatic patching for Google browsers, which allows for scheduled updates immediately upon vendor release.

Read full review

System Architect at a leisure / travel company with 10,001+ employees

Oct 17, 2024

Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches.

Read full review

reviewer2584884

Foundation Services Director at a leisure / travel company with 10,001+ employees

Oct 14, 2024

The most valuable features are the ease of managing both first-party and third-party patching, the generation of dashboards, and the provision of real-time information.

Read full review

Show 10 more reviews (out of 30)

Qualys Patch Management Cons review quotes

reviewer2590236

Information Security Lead at Infosys

Oct 31, 2024

Currently, there are limitations in downloading patch jobs to view all associated assets and patch statuses.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

Dec 11, 2024

It works with Windows and Linux, but Mac patch support is not yet available.

Read full review

RO

Cybersecurity Engineer at a manufacturing company with 51-200 employees

Oct 18, 2024

Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement.

Read full review

Qualys Patch Management

Free Report: Qualys Patch Management Reviews and More

Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: February 2025.

838,713 professionals have used our research since 2012.

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates.

Read full review

Senior Security Consultant at CyberNxt Solutions LLP

Nov 5, 2024

They need to improve the user-friendliness of identifying how many devices are affected by a particular patch. It is not intuitive, and there should be clearer indicators or buttons to access this information easily.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

Aug 20, 2024

One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 30, 2024

Qualys could improve its randomized download feature and provide more detailed information about patch failures, including the reason for failure.

Read full review

Revathi VeeraRaghavan

Information Security - Manager at Infosys

Dec 5, 2024

Reporting needs enhancement, particularly with group-based compliance percentages and clearer, VMDR-like reporting in the Patch Management module.

Read full review

System Architect at a leisure / travel company with 10,001+ employees

Oct 17, 2024

A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it.

Read full review

reviewer2584884

Foundation Services Director at a leisure / travel company with 10,001+ employees

Oct 14, 2024

There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.

Read full review

Show 10 more reviews (out of 30)

Product Categories

Product Categories

Patch Management

Popular Comparisons

Popular Comparisons

Microsoft Configuration Manager vs Qualys Patch Management

BigFix vs Qualys Patch Management

Kaseya VSA vs Qualys Patch Management

Microsoft Windows Server Update Services vs Qualys Patch Management

Automox vs Qualys Patch Management

ManageEngine Patch Manager Plus vs Qualys Patch Management

Vicarius vRx vs Qualys Patch Management

Ivanti Security Controls vs Qualys Patch Management

Patch My PC vs Qualys Patch Management

See all alternatives

Product Categories

Product Categories

Patch Management

Popular Comparisons

Popular Comparisons

Microsoft Configuration Manager vs Qualys Patch Management

BigFix vs Qualys Patch Management

Kaseya VSA vs Qualys Patch Management

Microsoft Windows Server Update Services vs Qualys Patch Management

Automox vs Qualys Patch Management

ManageEngine Patch Manager Plus vs Qualys Patch Management

Vicarius vRx vs Qualys Patch Management

Ivanti Security Controls vs Qualys Patch Management

Patch My PC vs Qualys Patch Management

See all alternatives

Related questions

79

Why is patch management important for cybersecurity?

12

When evaluating Patch Management, what aspect do you think is the most important to look for?

38

What patch management solution do you recommend?

43

What solution should we use for upgrading and patching OS to remediate vulnerabilities?

29

Why is Patch Management important for companies?

31

What are Pros and Cons of Cloud-based Patch Management?