Seniour Security Consultant at CyberNxt Solutions LLP
Consultant
2024-11-04T09:47:21Z
Nov 4, 2024
In Qualys, it can not only push patches but also apply registry changes and PowerShell scripts on the system, supporting greater automation. Qualys patch management is a better choice.
It took us some time to realize its benefits. I went to a Qualys conference, and that was when I started to realize its benefits. Till then, I thought Rapid7 was a good one or Manage Engine was a good one. I thought those products were good, and they also patch third parties whereas Qualys did not patch third parties. After going to Qualys, they explained there is a way to do that. It was a longer way, which I did not do. We decided to go with an MSP that specializes in installation and fine-tuning the Qualys product. When they did everything, I did not have to touch any configuration with Qualys Patch Management. Everything was going through. With the way we did things previously, it was going through, but it was a longer approach. It was taking a little longer and was more manual. We did not properly utilize tagging. We did not properly utilize the patching process scheduling. The MSP guys did tagging. They did automation of the patch management according to the risks. That was very important. Previously, we had six or seven jobs and sometimes, we manually patched individual machines. After the MSP guys did the fine-tuning, we had only two scheduled jobs, and that was it. The first job does 10 to 15 testing computers, and then the next one does the old machines. I would rate Qualys Patch Management a nine out of ten.
Foundation Services Director at a leisure / travel company with 10,001+ employees
Real User
Top 20
2024-10-14T20:00:00Z
Oct 14, 2024
When we did our PoC, we already had the VMDR piece. We enabled the patch piece and brought the right hand and the left hand together. This integration automatically should include all the relevant patches and configuration changes required to remediate vulnerabilities detected by VMDR. It will be crucial. That is still to be determined, but when two of our critical service delivery organizations are using the same sheet of music or the same tool, it makes us more agile and more responsive to the threats we are trying to protect our business against. I would rate Qualys Patch Management a nine out of ten.
System Admin at a insurance company with 501-1,000 employees
Real User
Top 20
2024-10-14T12:54:00Z
Oct 14, 2024
I would rate Qualys Patch Management eight out of ten. We have three environments: production, development, and QA. To perform patching, we must coordinate with the application team and schedule downtime. Due to the critical nature of the business application running on the production servers, we cannot automate patching; instead, we use satellite servers. Our organization has between 20 and 30 people who use Qualys Patch Management. In the two and a half years I've used Qualys Patch Management, I haven't observed any need for maintenance on the tool. Qualys Patch Management is a valuable tool for large organizations seeking to maintain a secure infrastructure.
At this time, I would not recommend Qualys Patch Management because there are multiple features that need to be developed from their end. You cannot deploy everything through it. I might recommend it in the future. It needs some time to be fully developed. I would rate Qualys Patch Management a six out of ten because of the support quality and lack of features.
I would rate Qualys Patch Management ten out of ten. While the initial setup involves deploying cloud agents, Qualys Patch Management is low maintenance. Updates for both agents, signatures, and related components are automatic. Qualys handles maintenance in the cloud, and new systems are easily enrolled with agents through software distribution or policy enforcement. New Qualys Patch Management users should consult the documentation and training resources before deploying. While a trusted partner can assist with implementation, understanding the process is crucial. Qualys offers free training to cover essential steps like agent deployment, configuration, and security considerations to ensure successful patching. Don't skip these steps, as seemingly minor setup issues can hinder functionality. This applies not just to Qualys, but to any endpoint security solution.
Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.
In Qualys, it can not only push patches but also apply registry changes and PowerShell scripts on the system, supporting greater automation. Qualys patch management is a better choice.
I rate Qualys eight out of 10. It's a great tool, and if I consulted for a client, I would recommend it.
It took us some time to realize its benefits. I went to a Qualys conference, and that was when I started to realize its benefits. Till then, I thought Rapid7 was a good one or Manage Engine was a good one. I thought those products were good, and they also patch third parties whereas Qualys did not patch third parties. After going to Qualys, they explained there is a way to do that. It was a longer way, which I did not do. We decided to go with an MSP that specializes in installation and fine-tuning the Qualys product. When they did everything, I did not have to touch any configuration with Qualys Patch Management. Everything was going through. With the way we did things previously, it was going through, but it was a longer approach. It was taking a little longer and was more manual. We did not properly utilize tagging. We did not properly utilize the patching process scheduling. The MSP guys did tagging. They did automation of the patch management according to the risks. That was very important. Previously, we had six or seven jobs and sometimes, we manually patched individual machines. After the MSP guys did the fine-tuning, we had only two scheduled jobs, and that was it. The first job does 10 to 15 testing computers, and then the next one does the old machines. I would rate Qualys Patch Management a nine out of ten.
I would rate Qualys Patch Management a nine out of ten.
When we did our PoC, we already had the VMDR piece. We enabled the patch piece and brought the right hand and the left hand together. This integration automatically should include all the relevant patches and configuration changes required to remediate vulnerabilities detected by VMDR. It will be crucial. That is still to be determined, but when two of our critical service delivery organizations are using the same sheet of music or the same tool, it makes us more agile and more responsive to the threats we are trying to protect our business against. I would rate Qualys Patch Management a nine out of ten.
I would rate Qualys Patch Management eight out of ten. We have three environments: production, development, and QA. To perform patching, we must coordinate with the application team and schedule downtime. Due to the critical nature of the business application running on the production servers, we cannot automate patching; instead, we use satellite servers. Our organization has between 20 and 30 people who use Qualys Patch Management. In the two and a half years I've used Qualys Patch Management, I haven't observed any need for maintenance on the tool. Qualys Patch Management is a valuable tool for large organizations seeking to maintain a secure infrastructure.
At this time, I would not recommend Qualys Patch Management because there are multiple features that need to be developed from their end. You cannot deploy everything through it. I might recommend it in the future. It needs some time to be fully developed. I would rate Qualys Patch Management a six out of ten because of the support quality and lack of features.
I would rate Qualys Patch Management ten out of ten. While the initial setup involves deploying cloud agents, Qualys Patch Management is low maintenance. Updates for both agents, signatures, and related components are automatic. Qualys handles maintenance in the cloud, and new systems are easily enrolled with agents through software distribution or policy enforcement. New Qualys Patch Management users should consult the documentation and training resources before deploying. While a trusted partner can assist with implementation, understanding the process is crucial. Qualys offers free training to cover essential steps like agent deployment, configuration, and security considerations to ensure successful patching. Don't skip these steps, as seemingly minor setup issues can hinder functionality. This applies not just to Qualys, but to any endpoint security solution.