Qualys Patch Management Reviews

We do it for our OS patching across multiple clouds. If we don't put GE Vernova on there, then I can say we use it for AWS and Azure, plus on-prem. It's used across OS platforms too, so Windows and Linux-based. Our OS team uses it monthly to patch, and then we also supplement third-party software, such as Chrome, Edge, Notepad++, Wireshark, and all that software that people will install and forget to uninstall and forget that they have to patch it. We do that almost weekly as well.

My favorite feature is reoccurring jobs. We had some requirements where we needed some options added to do reoccurring jobs, and they were able to add that in. Now we mostly use reoccurring jobs, and we don't have to touch them. The hardest part now is just getting change controls through our change management team instead of actually creating the jobs.

It has simplified so much from a cost overhead and perspective.

For Qualys Patch Management, I actually talked with their product manager last week during their conference. Unified QQL needs improvement because while they have QQL in Qualys Patch Management, it doesn't pull in the same tokens as VMDR or CCM, so I can't search by similar things. Also, grouping or foldering for Qualys Patch Management jobs would be beneficial because if different groups own different jobs, it all gets dumped into what is essentially a flat file. You're just scrolling through it. You can search, but if we were able to do foldering, that would be great. The third piece would be having an approved catalog. For example, instead of my IT teams doing the patching, I wanted to enable our internal customers, our app teams, to run the jobs themselves but only on patches that we say are good - a curated catalog that the company patch admin approved.

Their frontline support could be improved. I'm really close with Qualys and spoke at the conference last week. They already know all this. They know that their support could be better. They just need to get more knowledgeable and not necessarily seem to have to pass the buck to engineering or VulnSig or the product teams.

We've been using it since April of last year, so April of '24, which is approximately 18 months.

There are times where Qualys sometimes delays or doesn't have the catalog updated. For example, Red Hat comes out with an update and a week later, it wasn't in the Qualys catalog, which causes us to scramble.

On our pod, we don't experience issues. One of my colleagues on a different pod has issues there. I'm on their biggest pod that brings in the most revenue, so they're very cautious with what they do on that.

Their frontline support could be improved. I'm really close with Qualys and spoke at the conference last week. They already know all this. They know that their support could be better. They just need to get more knowledgeable and not necessarily seem to have to pass the buck to engineering or VulnSig or the product teams.

Neutral

We used WSUS and custom scripts for Linux before. On-prem, we used SSM for AWS and Patch Management for Azure. It was complicated because there were so many different moving parts. That's where Qualys Patch Management comes in and is able to work across all platforms. It's easy because you don't have to manage all kinds of different things for every cloud. Your agent's already on the box because we have a rule that every server has to have an agent on it.

The setup was actually easy. We already had VMDR deployed and agents everywhere, so it was a couple clicks to enable it.

The implementation took approximately a month, though some of that was due to our delay. We had one to two people involved, and part of the timeline was due to our internal processes, not Qualys Patch Management.

You can always drive pricing down, but I think it's reasonable. For what we get out of it, I think it's a reasonable investment.

I think that's where we have to go as an industry because you can't address everything all the time. Adding the risk on top, if it's an external asset compared to something internal inside your vault, the risk is much greater for exfiltration of data. The risk-based approach absolutely is the right way to go about it.

I rate Qualys Patch Management a nine out of ten.

Hybrid Cloud

Other

We are in the education industry, and we perform weekly scans. On weekends, we scan our entire management, servers, and expectations. Then on Monday, I set up some weekly reports. From these, I'll have my vulnerabilities and Patch management reports showing which third-party applications I installed on users' workstations. I tested these on a Monday or Tuesday with Patch Management. If all goes well, by Wednesday or Thursday, I'm patching the rest of the environment. In terms of workstations, I scan and patch them weekly, but for servers, I wait for the Microsoft patching cycle. Only then do we patch the servers, allowing for a restart for each update. After the Microsoft updates, we can restart our servers.

The auto patch is useful. On zero-day vulnerabilities or patches, we can automatically apply those without user interference. We can drastically decrease vulnerabilities, especially third-party ones, such as a Java update that usually takes time to test on different machines. With Patch Management, machines can be grouped into test workstations, and a fix can be deployed and monitored for a day or two. If nothing goes wrong, it is deployed to all users. In Koketso Towers, you will notice about one thousand or five thousand mortgages decrease. This has helped us keep up with vulnerabilities, especially on workstations. Test management is a module added to the vulnerability management scanner, which also has the auto-fix feature. We don't usually use this on servers but on workstations. For instance, if there's a vulnerability that is not a zero-day, but something else, we can test and deploy it almost immediately from the workstation.

I do not have any major problems. I think it's working great. My recommendation would be not just for Patch Management but for Qualys itself. I am using Qualys through a third party or reseller. The issue is that when buying Qualys licenses, from my side, I'm buying for about seven thousand five hundred users or machines. I also need to buy licenses for another seven thousand five hundred for patch management. We dislike having to pay extra. We don't mind paying for additional modules like Certificate View. The test management part requires buying licenses. We are trying to negotiate with our reseller. If they can't provide us, we'll go straight to Qualys and see if they can assist.

I have been using Patch Management for about six months now.

The solution is very stable. I have encountered no problems so far.

We don't interact much since our service is managed. We only contact Qualys if there are serious issues. Last year, we communicated with Qualys two times when our service provider couldn't assist us in resolving one vulnerability.

Positive

We started before moving to VMDR. We used a previous version called Qualys VM, and now it's Qualys VMDR. With Qualys VM, we had access to the console.

The setup was straightforward. We began by installing the scanner, scanning the entire environment, and then categorizing items as servers, workstations, etc., applying tags accordingly. It took us about two weeks to have it fully operational with both daily and monthly reports set up. The deployment is easy through SCCM from Microsoft, as we deploy based on our AD groups.

I would give it a ten out of ten. It is an excellent module to have within the environment, as most environments have Windows Patch cycles, but not for third-party applications. Patch Management not only addresses third-party applications but can also patch vulnerabilities. It allows seamless deployment from the console if a patch for a vulnerability is available. I would rate the overall solution a 10 out of 10.

Hybrid Cloud

Other

We have been using Qualys Patch Management alongside vulnerability management. We utilize it to manage high and critical vulnerabilities by prioritizing patches based on asset value and vulnerability score. We rate our asset with an asset value. Along with that, once we have a vulnerability score, we prioritize patches and servers that are high and critical. That is how we utilize both vulnerability management and patch management.

The risk-based approach provides a better way of patching. It helps identify criticalities based on asset value, enhancing decision-making.

Qualys Patch Management has helped us reduce the overall risk in our environment by integrating with vulnerability management and VMDR, allowing us to address risks based on asset value and risk levels. It is important for us that it is integrated with VMDR so that we are aware of the vulnerabilities in our system and can apply patches as per the associated risk, asset value, and threat to the environment. It is very important to integrate these tools. It helps reduce vulnerabilities through diligent patch application and improves overall efficiency.

TruRisk score is helpful for us, but we still have to ensure the security team is involved in the governance process to ensure that we are taking care of the entire environment. We include the security team on the governance side but the implementation and the activity can be done without them.

There has been an improvement in our patch rate. The efficiency in our environment increased by 30% over three years, compared to the tool we used previously. The duration of patching decreased in the environment.

The Risk Reduction Recommendation Report is good. It gives an overview of what can be remediated soon. It gives a good understanding of which patch can remediate the majority of the risks in the environment. It helps us see which vulnerabilities would reduce the most risk within our organization.

We have all the information on one page. The dashboard provides comprehensive information on one page, making it easy to apply patches and monitor pending updates. It helps a lot from the governance point of view to see what exactly is missing and what exactly has been applied.

They have already covered most of the things. I do not see a lot of opportunities for improvement. It is pretty good. However, it would be good to have more widgets and AI-generated reports. I have not seen anything related to AI with Qualys. It would be beneficial for Qualys to incorporate AI-generated tools for Patch Management and VMDR. This could assist in managing risks, providing AI-generated reports, and creating risk letters for clients, which can streamline communication.

I have been using Qualys Patch Management for more than three years.

We did not encounter any significant stability issues, except during a notified period when they were transitioning to another cloud vendor or fixing an issue.

Customer service is responsive and effective. They are pretty fast. They generally respond to inquiries and provide a resolution within a couple of hours. So far, I have not seen a case where the resolution was not provided within 48 hours.

Positive

We previously used BigFix. We switched to Qualys because BigFix moved from IBM to HCL, and we wanted a tool certified for PCI compliance. Qualys is PCI compliant.

We have a hybrid deployment model. It was an easy process because we knew what we needed to configure the firewall rules and ports. The documentation and other information was provided by the Qualys partner. It did not take us a long time to get it deployed and test it out. We did a PoC, and everything worked fine.

Overall, the setup process was straightforward, and with good documentation and support, we deployed it within our change management framework in about two weeks.

It does not require any maintenance, but we need to ensure that we get rid of the licenses when not required or request licenses when we have more devices planned to be onboarded. That is something we need to look into. When we do not have a device or we do not need a scanner in a particular location, we can get rid of it, so from a maintenance point of view, there is not much.

This deployment also involved integration with vulnerability management. We had a project manager coordinating efforts with the vendor, a documentation coordinator, and a team to handle change management and firewall configurations. Overall, we had three people. Effort-wise, it did not require a lot. They had to coordinate a couple of times for two to three hours.

Its price is competitive in the market. Compared to other solutions like Rapid7, Qualys offers a favorable price point and robust features.

Overall, I would rate Qualys Patch Management a nine out of ten.

We primarily use Patch Management in our organization for remediating vulnerabilities for which patches are supported by Qualys. 

There is a zero-touch mechanism in Qualys for patch management. For example, if we have a product for which frequent patches are released, we do not have to manually initiate a patch. It can be initiated automatically when a new patch is available.

The integration between Qualys VMDR and Patch Management allows us to monitor job statuses and ensures timely remediation. Previously, we had only the VMDR solution from Qualys. For remediation, we had to go to a different solution. There was a delay in the syncing process. With the integration of Qualys VMDR and Patch Management, we have more real-time and comprehensive data. We can see information about the status of the job and other things in a single console. We have a faster view of the remediation effort.

We also have the ability to view and select patches based on the assets. There might be hundreds of patches available in the knowledge base. It gives us patches available only for the selected assets. This saves time and reduces risk.

For vulnerability management, Qualys serves as a single source of truth, but for patch management, we have to use some more tools because Qualys does not support certain scenarios.

We have seen about 60% to 70% improvement in the patch rate so far. It has reduced the organization's risk. 

Patch Management offers pre-action and post-action features, which provide the ability to execute scripts during the installation or uninstallation of software. This helps me make changes from Qualys itself.

Not all patches are supported, so there are some restrictions. Some remediations require script-level changes which Qualys does not support. We have to manually create those scripts.

They should focus on increasing the list of supported patches. New software or data is continuously released, and it would be beneficial if patches were updated in the knowledge base more quickly. Sometimes, there are delays of three to four days, which should be addressed.

I have been using Qualys Patch Management for more than one and a half years.

I would rate the stability a nine out of ten. Occasionally, I need to change patches for certain software like Google Chrome, but overall, it is stable.

The scalability is good. It handles the requirements effectively.

We are using it at multiple locations. We have about 300k users.

I would rate their customer support a nine out of ten. Although there can be some delays, overall, the support is satisfactory.

Positive

We used a different patch management solution previously. We switched to Qualys because it integrates seamlessly with VMDR, which makes it easier to manage vulnerabilities and patching in a single console.

The initial setup was easy. We had already deployed the agent. It involved selecting the asset and enabling the module.

It does not require any maintenance from our side. It is a SaaS platform. Everything is handled by Qualys.

I would recommend Qualys Patch Management if you are integrating it with VMDR. If you are using a different solution for vulnerability management and considering Qualys solely for patch management, it might not be the best choice.

I would rate Qualys Patch Management a nine out of ten.

Public Cloud

Other

We primarily use Qualys Patch Management for deploying Microsoft's monthly security updates, released every second Tuesday. To mitigate vulnerabilities, we promptly create patch jobs for all endpoints and servers upon release and inform stakeholders of the urgent need for deployment. We adhere to strict SLAs, ensuring the entire patch cycle is completed within one to two weeks.

We implemented Qualys Patch Management to efficiently patch our endpoints, and servers.

Qualys' risk-based approach to automation is helpful for addressing vulnerabilities. We utilize TruRisk management for a comprehensive risk overview, employing a tag-based system to assign criticality scores. This allows us to prioritize patching through Qualys Vulnerability Management, Detection, and Response based on the severity of risks.

The integration of Qualys Patch Management and VMDR is critical for automating the deployment of relevant patches and configurations to remediate vulnerabilities. Within our organization's 343,000 assets, multiple entities and tags allow us to leverage VMDR to identify critical vulnerabilities and prioritize patching for high-value machines. This integration enables us to proactively push patches to all server and endpoint agents, effectively mitigating vulnerabilities.

The implementation of Qualys Patch Management has resulted in the remediation of nearly 25 million vulnerabilities within our organization, significantly reducing our overall vulnerability count.

TruRisk automation allows us to address vulnerabilities without involving our security team, as we can directly assess their criticality levels.

Qualys Patch Management provides a single source of truth for managing assets and vulnerabilities, enabling assessment, prioritization, and remediation. Its comprehensive view of each asset streamlines collaboration between security and IT teams, facilitating efficient vulnerability management.

The single source of truth helped reduce costs by 95 percent.

We have improved our patch rate to over 86 percent by implementing Qualys Patch Management. Previously, patches were managed through both Microsoft Intune and SCCM, which proved less effective.

The risk reduction report allows us to split the remediation based on criticality.

The risk reduction report provides recommendations on how to remediate vulnerabilities. Once a fix is available, the corresponding patch can be deployed to all assets based on the associated CVE identifier.

Qualys Patch Management has reduced our organizational risk by 99.9 percent.

Qualys Patch Management offers excellent features, most notably the Qualys Gateway Service, which caches patches and distributes them to agents, minimizing bandwidth consumption. The platform provides comprehensive visibility into patch status across endpoints and servers, supporting Linux and macOS in addition to Windows. Qualys has been instrumental in our vulnerability remediation efforts, enabling us to address nearly 25 million vulnerabilities.

One area for improvement in Qualys Patch Management is knowing whether patches have been completely downloaded in a particular QGS appliance. If a platform owner could verify that patches are downloaded on the appliance side, it would be possible to push them through to all agents confidently.

I have been using the Patch Management solution for more than four years.

We did not encounter any significant stability issues. Control level issues can arise, but these can be addressed through support cases.

I rate the scalability of Qualys Patch Management ten out of ten.

I am completely satisfied with Qualys' customer service.

Positive

We are using SCCM and Intune, but they are not able to achieve the same Qualys patch percentages.

The initial setup was straightforward. Since Patch Management is not a separate module, it is integrated with the overall Qualys deployment, allowing us to enable licenses for VMDR and PM automatically.

To deploy on one machine it takes ten minutes.

To begin, we'll deploy the Qualys agent using an external tool on a separate system. Once the agent appears in the Qualys console, we can proceed by differentiating tags, assigning activation keys, verifying reported machines, and creating multiple vulnerability-based jobs.

We have achieved significant time savings of 90 percent, primarily due to comprehensive oversight and visibility of security issues. This streamlined approach reduces time spent addressing vulnerabilities and ensures efficient mitigation of any threats. Consequently, our robust security posture remains uncompromised, yielding substantial benefits.

Qualys Patch Management is a cost-effective solution for managing our 43,000-plus assets. Its efficiency and effectiveness in vulnerability remediation justify the associated expenses.

I would rate Qualys Patch Management ten out of ten.

To enhance visibility, we will utilize the TruRisk features more effectively in the future.

Our organization has 342,000 assets and over 150 people with access to Qualys, which is deployed across the entire organization.

No maintenance is required from our end.

I recommend Qualys Patch Management due to its comprehensive features. It saves time and provides significant tools for identifying vulnerabilities, pushing patches, and providing pre and post-action capabilities. Virtual patching is available to mitigate many vulnerabilities.

Public Cloud

Other

My use cases for Qualys Patch Management are primarily for Windows workstations.

My favorite feature of Qualys Patch Management is being able to go from detection to patching in a single platform.

Qualys Patch Management helps me remediate vulnerabilities without needing to involve the security team because I am the security team. It helps me get context of what's going on.

One downside is that I've always wanted a dark mode in Qualys Patch Management. Because Qualys is so bright, if you're working in there for a while, you feel blind after extended time. Having a dark mode would be fantastic.

I have been using Qualys Patch Management since the end of 2023.

I find the stability of Qualys Patch Management to be inconsistent; sometimes it works fine, while other times when I try to show a colleague something quickly, it takes considerable time to respond.

The scalability of Qualys Patch Management seems good.

I contact their technical support or customer support frequently.

The quality and speed of their support could be better.

I would rate their support a five out of ten.

Neutral

The initial deployment of Qualys Patch Management is difficult.

I wasn't involved with the company during the initial deployment, which occurred approximately ten years ago. However, newer modules and connector configurations always seem more difficult than they should be.

Regarding pricing for Qualys Patch Management, if you can get a good deal, the value is there. It's on the pricier side, but it provides value if you can utilize it effectively.

I have used alternatives such as Tenable.

I prefer Qualys over Tenable.

The biggest difference between Qualys and Tenable is reporting, as the quality of reports from Qualys is much better received than those from Tenable.

I use Qualys Patch Management with VMDR.

This integration with VMDR is important for me.

Qualys Patch Management gives me a single source of truth for assets and vulnerabilities that need to be assessed, prioritized, and remediated.

I use the Risk Reduction Recommendation report in Qualys Patch Management.

The Risk Reduction Recommendation report is helpful.

Qualys Patch Management helps me streamline remediation and gives me a good starting point.

If the risk-based approach to automation is set up correctly, it performs excellently.

For newer deployments of Qualys Patch Management, typically one person handles the implementation.

I maintain Qualys Patch Management consistently, so it requires minimal effort on my end.

My advice for new users of Qualys Patch Management is to spend time at the training center. A streamlined initial video guide would be beneficial.

I rate Qualys Patch Management an eight out of ten overall.

Our use case for Qualys Patch Management is patching and updating. We use it for adding and removing local admin to the machines, along with various other tasks.

Qualys Patch Management helps the IT and security teams work together by enabling the IT team to handle Patch Tuesday and Microsoft patches. With Patch Management, I can monitor when patches have not been applied and help ensure 100% coverage on Patch Tuesday for the desktop team. 

Qualys Patch Management has helped reduce our organization's risk by 20%, and we have seen an improvement in our patch rates.

The best feature of Qualys Patch Management is the ability to schedule jobs. I have browser updates that run automatically every day to update the three browsers, and I don't have to worry about it.

For those patches that I have to download for Patch Management, I would prefer if I could upload them to a repository instead of having to download them every time.

I have been using the solution for about eight months.

I haven't experienced any bugs, glitches, or downtime, so I would rate Qualys Patch Management a ten out of ten for stability.

For scalability, I would rate it a ten out of ten. We have approximately 8 to 10 users using this solution.

I would rate the vendor support a ten out of ten.

Positive

We had another patch management solution, but we were using Qualys for VMDR and moved everything into Qualys Patch Management for the simplicity of the user interface and because we had an existing relationship with Qualys. That way we can not only manage our vulnerabilities, but if the vulnerability requires a patch, it's very easy to fix it in Qualys. We were using BigFix for patch management.

The deployment was easy.

The agents self-update, and by using Qualys Cloud, that's all handled by the vendor, so the maintenance aspect requires little to no interaction from our end.

It has improved our patch rate by 40%.

Regarding the single source of truth, it really at this juncture has not reduced costs as of yet.

I would recommend this product to other users because it's very user-friendly. I can't speak to the pricing aspect, but from a user standpoint, it's a very good product.

I would rate it a nine out of ten.

Public Cloud

Other

We use Qualys Patch Management to remediate vulnerabilities. Qualys synchronizes with both the Vulnerability Management, Detection, and Response module and the Patch Management module. This provides a unified view of which vulnerabilities can be patched through Qualys and allows patching to be initiated directly from the VMDR module.

Most Windows security patches are released on Patch Tuesdays and become available to us through Qualys the following day. Once available, we can initiate patching to reduce vulnerabilities within our infrastructure. This process primarily addresses critical security updates from Microsoft and other third-party applications, allowing us to mitigate vulnerabilities using Qualys proactively.

Qualys Patch Management effectively mitigates risks through its risk-based automation, enabling rapid vulnerability remediation.

The integration of Qualys Patch Management with Qualys VMDR allows us to use the same device identification ID for both patch management and vulnerability identification. This enables us to easily determine which vulnerability a patch addresses, access CVE information, and validate patches based on product or product family. For instance, if we have Google applications with vulnerabilities, we can efficiently identify and patch them without searching for specific versions or missions. By selecting assets in Patch Management, we can automatically patch QID-based or family-based vulnerabilities identified by VMDR. This integration streamlines the patching process and provides clear visibility into the vulnerability status of our assets.

Our previous patch management products had communication issues with their agents. Qualys Patch Management utilizes the same agent as their vulnerability management system, streamlining the process. Security agents are more reliable than standard IT solutions, and because our IT team prioritizes agent uptime, patching is more accessible, and risk is reduced within our infrastructure. Qualys Patch Management offers immediate benefits. If a patch requires a reboot, Qualys allows users to initiate one within a specified timeframe automatically. Upon rebooting, the machine reports to the Qualys console and is automatically scanned. If the patch is successfully installed, the console reflects the update within 20 to 30 minutes. This streamlined process ensures efficient patch management and reduces vulnerabilities.

Qualys Patch Management's TruRisk automation allows us to prioritize patching vulnerabilities with available patches. This prioritization helps us focus on critical vulnerabilities and quickly remediate them, improving our security posture. The TruRisk score provides a clear metric to demonstrate the effectiveness of our remediation efforts to leadership, showing how quickly we address critical vulnerabilities and enhance our security.

TruRisk automation enhances data accuracy across business units. Leveraging the Vulnerability Management Tool for Remediation within TruRisk, patching can be initiated based on a risk score mechanism query, which provides the TruRisk score for a specific business unit. A subsequent query determines patch dispatchability, triggering a patch job if applicable. This process can be streamlined using Patch Query Language to efficiently retrieve data and execute accurate patching, reducing risk based on TruRisk scores.

Initially, the IT team resisted using Qualys Patch Management for vulnerability remediation due to its critical importance. However, after we demonstrated how integrating Patch Management with Vulnerability Management provides a single report and effectively reduces vulnerabilities, we convinced them to adopt it. This consolidated approach enhances efficiency and streamlines patch management throughout our organization.

Qualys Patch Management significantly improved our patching rates. Qualys provides access to exclusive security patches and boasts a comprehensive knowledge base covering a wide range of applications, including third-party software like Google Chrome, Edge browsers, and SQL. As Qualys expands its knowledge base, our patch management rates continue to improve. Furthermore, the Qualys support team has been instrumental in helping us resolve patching issues, such as installation failures, by efficiently identifying the root cause, whether it stemmed from network problems or the Qualys platform itself. With their assistance and the robust Qualys product, we have successfully mitigated these challenges.

Qualys Patch Management has significantly reduced our organizational risks. Previously, when using other solutions, our patch percentage was low, resulting in high risk. Qualys Patch Management, integrated with VMDR, immediately improved our patch percentage. Features like patch initiation, recurring patches, scheduling, and randomized patch downloading have been crucial in mitigating risk, especially for employees working from home with network issues. The randomized download option ensures patches are successfully downloaded even with interruptions, resuming automatically when the network connection is restored. These capabilities ensure Qualys Patch Management effectively reduced our organizational risk by 88 percent.

My favorite feature of Qualys Patch Management is its flexibility in executing scripts before and after patching. This is particularly useful for third-party or enterprise applications that require registry modifications to address vulnerabilities. We leverage this functionality to deploy scripts that adjust registry values, effectively patching vulnerabilities and enhancing the security of our machines. The ability to automate these tasks through Qualys Patch Management streamlines our workflow and improves our overall security posture.

Qualys could improve its randomized download feature and provide more detailed information about patch failures, including the reason for failure. This could include specifying whether the failure is related to a file download error, network interruption, application crash, or installer error based on the operating system. These enhancements would offer more insights into the patch management process and improve overall functionality.

I have been using Qualys Patch Management for the last two years.

The stability of Qualys Patch Management is a nine out of ten. While it's generally stable, there have been occasional issues, particularly when new patches for Linux have been introduced.

Qualys Patch Management's scalability is a ten out of ten. It scales efficiently across different machines globally, ensuring patches are deployed smoothly.

Qualys' technical support has been excellent. Their team has effectively resolved various issues, including some that originated within our network.

Positive

The initial setup was straightforward, leveraging the existing vulnerability management tool, which facilitated easy integration of Patch Management.

Deploying software to a single machine takes approximately one minute. However, in an organization with 1,000 machines, a traditional push deployment method could take up to four days to complete.

I would rate Qualys Patch Management ten out of ten. Qualys Patch Management has significantly benefited our security and remediation efforts.

Qualys Patch Management is deployed across multiple locations and time zones in various countries. While most of the IT team has access to view Qualys Patch Management, only a few individuals can initiate patching. Those with view access can assess the patching capabilities and compliance of specific machines, while a limited number of authorized personnel can deploy the patches.

Qualys Patch Management requires minimal maintenance, primarily involving updating the agent software on managed devices.

I would recommend Qualys Patch Management to those using a vulnerability management solution as it helps significantly in reducing risks. It provides various options such as using third-party repositories for patches, which are beneficial for comprehensive patch management.

Hybrid Cloud

Other