Try our new research platform with insights from 80,000+ expert users

Qualys Patch Management pros and cons

Vendor: Qualys

4.5 out of 5

24 reviews
95% willing to recommend

Pros & Cons summary

Qualys Patch Management offers automated patch scheduling and retrieval, improving compliance rates over 95%. Effective bandwidth consumption and integration with vulnerability feeds enhance risk mitigation. However, it faces authorization issues and challenges in virtualized environments, affecting vulnerability report accuracy. Collaboration with vendors for new patches and faster zero-day response are needed. Despite excellent customer service, high costs limit accessibility compared to competitors, especially with issues in detecting non-exploitable vulnerabilities.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys Patch Management offers strong reporting and automatic scans, which can be scheduled for various intervals, aiding in maintaining security and compliance efficiently.

The integration of Qualys Gateway Scanner optimizes the process by caching patches locally, reducing bandwidth use.

Patch Management allows seamless first-party and third-party patch handling and real-time updates, enhancing organizational security.

The service and support from Qualys are praised for their responsiveness and real-time assistance.

Automated features in Patch Management significantly improve patch rates and streamline deployment, achieving high compliance rates.

CONS

Qualys Patch Management lacks built-in driver updates, limiting its ability to patch certain components compared to SCCM.

Qualys faces challenges in patching VMware and virtualized environments, highlighting a need for improvement in vulnerability management.

The detection logic of Qualys sometimes reports vulnerabilities inaccurately, such as orphan files, needing reclassification.

The agent occasionally encounters authorization issues, leading to inaccurate vulnerability reports, and requires improvement in this area.

Pricing for Qualys Patch Management is high compared to competitors, making it unaffordable for some companies.

Qualys Patch Management Pros review quotes

reviewer2590236

Information Security Lead at Infosys

Oct 31, 2024

Qualys Patch Management offers a valuable feature that allows for deferred reboots, giving users control while still ensuring eventual patching.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

Dec 11, 2024

The most valuable features of Qualys Patch Management include its ability to automate patch deployment for hundreds or thousands of assets, reducing our reliance on the IT team to perform these tasks manually.

Read full review

RO

Cybersecurity Engineer at a manufacturing company with 51-200 employees

Oct 18, 2024

Patch Management, if configured correctly, works effectively without requiring further action.

Read full review

Qualys Patch Management

Free Report: Qualys Patch Management Reviews and More

Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

824,053 professionals have used our research since 2012.

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

The most valuable feature in Patch Management is the Qualys query language for set-it-and-forget-it patching for our preapproved patches, and our preapproved schedules, That is extremely helpful compared to the old days of patching.

Read full review

Seniour Security Consultant at CyberNxt Solutions LLP

Nov 5, 2024

The features I find most valuable in Qualys Patch Management include the ability to manage registry changes and run scripts both pre and post-patching. We have been able to apply workarounds for zero-day vulnerabilities efficiently.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

Aug 20, 2024

For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 30, 2024

Qualys Patch Management has significantly reduced our organizational risks.

Read full review

System Architect at a leisure / travel company with 10,001+ employees

Oct 17, 2024

Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches.

Read full review

reviewer2584884

Foundation Services Director at a leisure / travel company with 10,001+ employees

Oct 14, 2024

The most valuable features are the ease of managing both first-party and third-party patching, the generation of dashboards, and the provision of real-time information.

Read full review

reviewer2593263

Manager Information Security at Infosys

Nov 14, 2024

Qualys Patch Management offers excellent features, most notably the Qualys Gateway Service, which caches patches and distributes them to agents, minimizing bandwidth consumption.

Read full review

Show 10 more reviews (out of 24)

Qualys Patch Management Cons review quotes

reviewer2590236

Information Security Lead at Infosys

Oct 31, 2024

Currently, there are limitations in downloading patch jobs to view all associated assets and patch statuses.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

Dec 11, 2024

It works with Windows and Linux, but Mac patch support is not yet available.

Read full review

RO

Cybersecurity Engineer at a manufacturing company with 51-200 employees

Oct 18, 2024

Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement.

Read full review

Qualys Patch Management

Free Report: Qualys Patch Management Reviews and More

Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

824,053 professionals have used our research since 2012.

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates.

Read full review

Seniour Security Consultant at CyberNxt Solutions LLP

Nov 5, 2024

They need to improve the user-friendliness of identifying how many devices are affected by a particular patch. It is not intuitive, and there should be clearer indicators or buttons to access this information easily.

Read full review

Yuvaraaj Adhithya

Cyber Security Analyst at WPP

Aug 20, 2024

One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 30, 2024

Qualys could improve its randomized download feature and provide more detailed information about patch failures, including the reason for failure.

Read full review

System Architect at a leisure / travel company with 10,001+ employees

Oct 17, 2024

A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it.

Read full review

reviewer2584884

Foundation Services Director at a leisure / travel company with 10,001+ employees

Oct 14, 2024

There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.

Read full review

reviewer2593263

Manager Information Security at Infosys

Nov 14, 2024

One area for improvement in Qualys Patch Management is knowing whether patches have been completely downloaded in a particular QGS appliance.

Read full review

Show 10 more reviews (out of 24)

Product Categories

Product Categories

Patch Management

Popular Comparisons

Popular Comparisons

Microsoft Configuration Manager vs Qualys Patch Management

BigFix vs Qualys Patch Management

Kaseya VSA vs Qualys Patch Management

Microsoft Windows Server Update Services vs Qualys Patch Management

Automox vs Qualys Patch Management

ManageEngine Patch Manager Plus vs Qualys Patch Management

Ivanti Security Controls vs Qualys Patch Management

Patch My PC vs Qualys Patch Management

See all alternatives

Product Categories

Product Categories

Patch Management

Popular Comparisons

Popular Comparisons

Microsoft Configuration Manager vs Qualys Patch Management

BigFix vs Qualys Patch Management

Kaseya VSA vs Qualys Patch Management

Microsoft Windows Server Update Services vs Qualys Patch Management

Automox vs Qualys Patch Management

ManageEngine Patch Manager Plus vs Qualys Patch Management

Ivanti Security Controls vs Qualys Patch Management

Patch My PC vs Qualys Patch Management

See all alternatives

Related questions

120

Why is patch management important for cybersecurity?

12

When evaluating Patch Management, what aspect do you think is the most important to look for?

48

What patch management solution do you recommend?

39

What solution should we use for upgrading and patching OS to remediate vulnerabilities?

13

Why is Patch Management important for companies?

39

What are Pros and Cons of Cloud-based Patch Management?