No more typing reviews! Try our Samantha, our new voice AI agent.
Qualys Patch Management Logo

Qualys Patch Management pros and cons

Vendor: Qualys
4.4 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Qualys Patch Management drastically reduces organizational risk, with users reporting risk reductions up to 99.9% and compliance improvement. It automates patch deployment, reducing workloads by 80%. Despite agent communication issues and costly pricing, it integrates with TruRisk and VMDR, providing a comprehensive vulnerability management solution. However, VMware integration and support for non-compliant patches need enhancement. Users note delays in zero-day vulnerability mitigation, which could increase cybersecurity risks.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Qualys Patch Management significantly reduces organizational risk, with some users reporting reductions as high as 99.9 percent.
It automates patch deployment, reducing workloads by up to 80% and increasing compliance rates significantly.
Users have experienced improved patch rates, achieving rates as high as 98% from a previous 85% before implementation.
The integration with Qualys TruRisk and VMDR offers a seamless experience by providing a single source of truth for assessing and remediating vulnerabilities.
Qualys Patch Management supports effective third-party patching and offers valuable features like scheduling, automation, and deferred reboots, which contribute to heightened security and efficiency.

CONS

Qualys Patch Management encounters agent communication issues, which result in patch failures.
Pricing is high compared to other tools, making it unaffordable for many companies.
Qualys Patch Management struggles with timely support and often has slow turnaround for deploying non-compliant patches.
VMware and other virtualized environment integration requires improvement to address vulnerabilities effectively.
Zero-day vulnerability mitigation takes too long, raising cybersecurity risks.
 

Qualys Patch Management Pros review quotes

Brad Mathis - PeerSpot reviewer
Brad Mathis
Employee-Owner, Senior Consultant, Information Security at Keller Schroeder
Jun 10, 2024
The most valuable feature in Patch Management is the Qualys query language for set-it-and-forget-it patching for our preapproved patches, and our preapproved schedules, That is extremely helpful compared to the old days of patching.
Read full review
Yuvaraaj Adhithya - PeerSpot reviewer
Yuvaraaj Adhithya
Cyber Security Analyst at WPP
Aug 20, 2024
For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it.
Read full review
reviewer2560884 - PeerSpot reviewer
reviewer2560884
SOC - Cyber Security Engineer at a computer software company with 201-500 employees
Sep 25, 2024
Qualys' best feature is its reporting. At first, it may seem a little complicated to a beginning user, but it's helpful once you get used to it. Most of these scans run automatically. We set the scans up for the client to run at daily, weekly, or monthly intervals, depending on how critical the server or other hardware is.
Read full review
Buyer's Guide
Qualys Patch Management
April 2026
Free Report: Qualys Patch Management Reviews and More
Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
890,124 professionals have used our research since 2012.
Rafael Araujo - PeerSpot reviewer
Rafael Araujo
Infrastructure and Information Security Supervisor at YKK MALAYSIA SDN BHD
Oct 4, 2024
Policy enforcement requires less time for my team because users cannot avoid applying updates. The user can skip two or three times or for a maximum of eight hours. After that, there is no way to avoid it. It helps us keep the environment safe.
Read full review
AZ
Aasim Zaidi
System Admin at a insurance company with 501-1,000 employees
Oct 28, 2024
Patch Management's most valuable feature is the ability to search for vulnerabilities using their QID.
Read full review
reviewer2584884 - PeerSpot reviewer
reviewer2584884
Foundation Services Director at a leisure / travel company with 10,001+ employees
Oct 14, 2024
The most valuable features are the ease of managing both first-party and third-party patching, the generation of dashboards, and the provision of real-time information.
Read full review
Darrell Elmore - PeerSpot reviewer
Darrell Elmore
System Architect at a leisure / travel company with 10,001+ employees
Oct 17, 2024
Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches.
Read full review
RO
Rustam Osmanov
Cybersecurity Engineer at a manufacturing company with 51-200 employees
Oct 18, 2024
Patch Management, if configured correctly, works effectively without requiring further action.
Read full review
reviewer2588394 - PeerSpot reviewer
reviewer2588394
Works at a comms service provider with 1-10 employees
Oct 24, 2024
The integration of Qualys Gateway Scanner is my favorite feature. The patches our downloaded to QGS in our environment and deployed, saving bandwidth. The patch logging and policies have been helpful. The dashboard shows you when the patch has been applied to your assets.
Read full review
reviewer2589096 - PeerSpot reviewer
reviewer2589096
Senior Information Security Engineer at a consultancy with 10,001+ employees
Oct 30, 2024
Qualys Patch Management has significantly reduced our organizational risks.
Read full review
Show 10 more reviews (out of 51)
 

Qualys Patch Management Cons review quotes

Brad Mathis - PeerSpot reviewer
Brad Mathis
Employee-Owner, Senior Consultant, Information Security at Keller Schroeder
Jun 10, 2024
A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates.
Read full review
Yuvaraaj Adhithya - PeerSpot reviewer
Yuvaraaj Adhithya
Cyber Security Analyst at WPP
Aug 20, 2024
One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective.
Read full review
reviewer2560884 - PeerSpot reviewer
reviewer2560884
SOC - Cyber Security Engineer at a computer software company with 201-500 employees
Sep 25, 2024
Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn.
Read full review
Buyer's Guide
Qualys Patch Management
April 2026
Free Report: Qualys Patch Management Reviews and More
Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
890,124 professionals have used our research since 2012.
Rafael Araujo - PeerSpot reviewer
Rafael Araujo
Infrastructure and Information Security Supervisor at YKK MALAYSIA SDN BHD
Oct 4, 2024
Its implementation is too recent to make any judgments about areas needing improvement. In terms of pricing, of course, it is not free. Cheaper is always better.
Read full review
AZ
Aasim Zaidi
System Admin at a insurance company with 501-1,000 employees
Oct 28, 2024
The Qualys agent sometimes encounters authorization issues, leading to inaccurate vulnerability reports.
Read full review
reviewer2584884 - PeerSpot reviewer
reviewer2584884
Foundation Services Director at a leisure / travel company with 10,001+ employees
Oct 14, 2024
There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.
Read full review
Darrell Elmore - PeerSpot reviewer
Darrell Elmore
System Architect at a leisure / travel company with 10,001+ employees
Oct 17, 2024
A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it.
Read full review
RO
Rustam Osmanov
Cybersecurity Engineer at a manufacturing company with 51-200 employees
Oct 18, 2024
Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement.
Read full review
reviewer2588394 - PeerSpot reviewer
reviewer2588394
Works at a comms service provider with 1-10 employees
Oct 24, 2024
There is room for improvement in terms of adding more patches. Not all patches are available for deployment on Qualys Patch Management, so collaborating with various vendors to provide new patches would be beneficial.
Read full review
reviewer2589096 - PeerSpot reviewer
reviewer2589096
Senior Information Security Engineer at a consultancy with 10,001+ employees
Oct 30, 2024
Qualys could improve its randomized download feature and provide more detailed information about patch failures, including the reason for failure.
Read full review
Show 10 more reviews (out of 51)

Product Categories

Product Categories
Patch Management

Popular Comparisons

Popular Comparisons
Microsoft Configuration Manager vs Qualys Patch Management Logo
Microsoft Configuration Manager vs Qualys Patch Management
NinjaOne vs Qualys Patch Management Logo
NinjaOne vs Qualys Patch Management
BigFix vs Qualys Patch Management Logo
BigFix vs Qualys Patch Management
Atera vs Qualys Patch Management Logo
Atera vs Qualys Patch Management
Kaseya VSA vs Qualys Patch Management Logo
Kaseya VSA vs Qualys Patch Management
Vicarius vRx vs Qualys Patch Management Logo
Vicarius vRx vs Qualys Patch Management
Automox vs Qualys Patch Management Logo
Automox vs Qualys Patch Management
ManageEngine Patch Manager Plus vs Qualys Patch Management Logo
ManageEngine Patch Manager Plus vs Qualys Patch Management
Microsoft Windows Server Update Services vs Qualys Patch Management Logo
Microsoft Windows Server Update Services vs Qualys Patch Management
GFI LanGuard vs Qualys Patch Management Logo
GFI LanGuard vs Qualys Patch Management
Ivanti Security Controls vs Qualys Patch Management Logo
Ivanti Security Controls vs Qualys Patch Management
PDQ Deploy vs Qualys Patch Management Logo
PDQ Deploy vs Qualys Patch Management
Patch My PC vs Qualys Patch Management Logo
Patch My PC vs Qualys Patch Management
Ivanti Patch for Endpoint Manager vs Qualys Patch Management Logo
Ivanti Patch for Endpoint Manager vs Qualys Patch Management
Action1 vs Qualys Patch Management Logo
Action1 vs Qualys Patch Management
See all alternatives

Product Categories

Product Categories
Patch Management

Popular Comparisons

Popular Comparisons
Microsoft Configuration Manager vs Qualys Patch Management Logo
Microsoft Configuration Manager vs Qualys Patch Management
NinjaOne vs Qualys Patch Management Logo
NinjaOne vs Qualys Patch Management
BigFix vs Qualys Patch Management Logo
BigFix vs Qualys Patch Management
Atera vs Qualys Patch Management Logo
Atera vs Qualys Patch Management
Kaseya VSA vs Qualys Patch Management Logo
Kaseya VSA vs Qualys Patch Management
Vicarius vRx vs Qualys Patch Management Logo
Vicarius vRx vs Qualys Patch Management
Automox vs Qualys Patch Management Logo
Automox vs Qualys Patch Management
ManageEngine Patch Manager Plus vs Qualys Patch Management Logo
ManageEngine Patch Manager Plus vs Qualys Patch Management
Microsoft Windows Server Update Services vs Qualys Patch Management Logo
Microsoft Windows Server Update Services vs Qualys Patch Management
GFI LanGuard vs Qualys Patch Management Logo
GFI LanGuard vs Qualys Patch Management
Ivanti Security Controls vs Qualys Patch Management Logo
Ivanti Security Controls vs Qualys Patch Management
PDQ Deploy vs Qualys Patch Management Logo
PDQ Deploy vs Qualys Patch Management
Patch My PC vs Qualys Patch Management Logo
Patch My PC vs Qualys Patch Management
Ivanti Patch for Endpoint Manager vs Qualys Patch Management Logo
Ivanti Patch for Endpoint Manager vs Qualys Patch Management
Action1 vs Qualys Patch Management Logo
Action1 vs Qualys Patch Management
See all alternatives
Related questions
  • 79
Why is patch management important for cybersecurity?
  • 55
When evaluating Patch Management, what aspect do you think is the most important to look for?
  • 73
What patch management solution do you recommend?
  • 87
What solution should we use for upgrading and patching OS to remediate vulnerabilities?
  • 130
Why is Patch Management important for companies?
  • 75
What are Pros and Cons of Cloud-based Patch Management?