Qualys Patch Management Reviews

Name: Qualys Patch Management
Brand: Qualys
Rating: 4.5 (33 reviews)

4.5 out of 5

33 reviews
96% willing to recommend

What is Qualys Patch Management?

Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.

Get the Qualys Patch Management Buyer's Guide and find out what your peers are saying about Qualys Patch Management, Microsoft Configuration Manager, BigFix and more!

Qualys Patch Management is the #4 ranked solution in top Patch Management solutions. PeerSpot users give Qualys Patch Management an average rating of 9.0 out of 10. Qualys Patch Management is most commonly compared to Microsoft Configuration Manager: Qualys Patch Management vs Microsoft Configuration Manager. Qualys Patch Management is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 18% of all views.

Buyer's Guide

Qualys Patch Management

March 2025

Get the report

Helped 845,960 peers since 2012

Featured Qualys Patch Management reviews

Revathi VeeraRaghavan

Information Security - Manager at Infosys

Qualys Patch Management system requires several improvements. Firstly, the inability to download asset patches and the lack of third-party application integration limit patch accessibility. Additionally, rollback options are unreliable, and pre-deployment patch testing is crucial. Reporting needs enhancement, particularly with group-based compliance percentages and clearer, VMDR-like reporting in the Patch Management module. Furthermore, detection speed should be improved, as patches are released 24 hours after QIDs are published. The user interface could be more functional, with dashboards for patch compliance visualization and simplified error code language. Finally, the Mac patch catalogue needs expansion, and automated workflows, policy enforcement, and testing procedures should be streamlined for seamless, user-independent operation.

Read full review

ShantanuChoubal

Project Lead at Persistent Systems

The most valuable features of Qualys Patch Management include its ability to automate patch deployment for hundreds or thousands of assets, reducing our reliance on the IT team to perform these tasks manually. It is able to fix most of our vulnerabilities. The count is reducing significantly. We do not have to rely on our IT team to manually log in to systems or deploy using the AD group. We can just put in a command and schedule the patches for our hundreds or thousands of assets. The vulnerability count has reduced significantly. Secondly, it helps us not just deploy a patch, it also helps us to install a particular software if it is required from an IT standpoint. Tomorrow, if the organization has a requirement for certain software to be installed on a device, Qualys Patch Management has that capability as well. It can install that software on the machine irrespective of whether it is a security tool or some other tool. We can just put in the URL or source path of it, and it will install that software. The last one is the registry remediation. It is not just limited to patch management or patch deployment. We can also create a script to fix a particular vulnerability that cannot be fixed through patch deployment. It might require logging into the system, opening the registry keys, and editing some values to it. We can create a script for that.

Read full review

Arshad Nr

Senior Security Consultant at CyberNxt Solutions LLP

Whenever Microsoft releases any zero-day vulnerabilities, they provide a workaround. We are able to push that workaround from the Patch Management module. We can push the registry key changes or use the PowerShell script. We push changes to almost 600 devices in ten minutes. It helps us ensure our infrastructure security. Qualys Patch Management has significantly improved our visibility into vulnerability remediation and patch severity. The solution has enabled us to remediate a large number of vulnerabilities and reduce our attack surface effectively. We can track live updates and present dashboards to management, which has increased their confidence in our security posture. We can see the progress while pushing the patches. We have VMDR dashboards and reports. The reports are user-friendly, and everyone can understand these reports. We could also present them to the management. They were also happy to see the progress. They had visibility. We have not implemented much automation. We are still in the early stages of this solution and testing out the possibilities. We had an issue because of the requirement that every server should be connected to the Internet before downloading the patches, but QGS was very helpful with that. QGS helps to ensure that we are able to patch devices that are not connected to the Internet. We are able to prioritize the vulnerabilities and remediation. We did not see any discrepancies. With some of the other tools I have used, I have seen so many discrepancies between the vulnerability and the patching. It helped our teams to work together. We created a separate team for vulnerability remediation. We also could help the patching team and support them in automating patch management. Previously, they were doing it manually on each server. With Qualys Patch Management, there is an increase in vulnerability remediation. We have remediated almost 100,000 vulnerabilities. That is a huge count. Previously, we used a formula to identify critical vulnerabilities, and we could remediate only a limited number of vulnerabilities. With Qualys Patch Management, we could remediate all the vulnerabilities. We did not exclude any of the vulnerabilities. There is also an increase in the patch rate. Previously, we could only cover 30% patching, whereas with Qualys Patch Management, within one and a half months, we could achieve 70% to 80% patching. The remaining ones are not included in the initial phase because of certain dependencies. We pushed data to almost 2,000 devices. It took some time for us to do the testing. We tested on ten production devices. After that, we pushed the patches to other devices. We can download reports and customize the report templates based on the information we need. Our management could clearly see where we are now as compared to before. They could see our progress. They could see that we have fixed all high-priority ones within a month. The remaining ones are of medium and low priority. Even if we do not remediate them, it will be fine. The Risk Reduction Recommendation Report helped us see which vulnerabilities would reduce the most risk within our organization.

Read full review

Qualys Patch Management mindshare

As of April 2025, the mindshare of Qualys Patch Management in the Patch Management category stands at 4.1%, up from 0.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Patch Management

PeerAnalyst reports based on Qualys Patch Management reviews

Type	Title	Date
Category	Patch Management	Apr 10, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 10, 2025	Download
Comparison	Qualys Patch Management vs Microsoft Configuration Manager	Apr 10, 2025	Download
Comparison	Qualys Patch Management vs BigFix	Apr 10, 2025	Download
Comparison	Qualys Patch Management vs Microsoft Windows Server Update Services	Apr 10, 2025	Download

Title	Rating	Mindshare	Recommending
Microsoft Configuration Manager	4.1	15.0%	90%	81 interviews Add to research
BigFix	4.3	10.4%	97%	96 interviews Add to research

Valuable Features

Qualys Patch Management excels in automated scheduling, comprehensive dashboards, and real-time data. Users value its user-friendly interface, robust reporting, and ability to deploy patches without manual intervention. It enhances security with integration capabilities, efficient vulnerability scanning, and risk prioritization. Real-time vulnerability assessment, flexible patching, and script execution before and after patching streamline workflows. The system's support for various operating systems and patches significantly reduces organizational vulnerabilities and improves security posture.

"My overall rating for Qualys Patch Management is a ten out of ten."
"The consolidated report we received from the solution was very time-saving because, in the dashboard, we could get all the patch details for a particular patch and all the assets listed."
"Patch management significantly helped us track and reduce vulnerabilities."

Room for Improvement

Qualys Patch Management requires improvements in its user interface, support for third-party applications, and customer service. Integration with OEMs, enhanced AI tools, and quicker response to vulnerabilities are needed. Users find delays in patch detection and limitations in patch variety frustrating. Pricing and third-party integration present challenges. Enhancements are suggested for pre-deployment testing, error messages, dashboard functionality, and Mac support. Improvements in downloading speeds and detailed reporting are also essential.

"False positives were the biggest concern. We also had some concerns with respect to the Cloud Agent."
"False positives were the biggest concern."
"I deploy patches to endpoints and servers every month. However, despite a job showing as successful, I need to examine the job in detail."

ROI

Qualys Patch Management provides significant benefits, including 80% vulnerability reduction and 70% time savings. Users report substantial resource savings and enhanced security oversight, achieving 50% ROI. The system offers live data updates, reducing manual effort and operational complexity. Although exact ROI is hard to quantify, clients express high satisfaction with improved efficiency and reduced vulnerabilities. Some users highlight the importance of Qualys in preventing potential attacks, contributing to a positive return on investment.

Pricing

Qualys Patch Management pricing is perceived as competitive, though some users find it expensive compared to competitors like Nessus. While Microsoft's free WSUS lacks certain features, Qualys offers comprehensive functionality. Users appreciate scaling benefits and new pricing bundles for smaller environments, yet desire more features and better support. The licensing cost is high, a barrier for some, but many view it as a worthwhile investment given its capabilities and effectiveness in vulnerability management.

"Qualys Patch Management comes as part of a bundled package with several modules, making it a cost-effective deal for us."
"Its price is competitive in the market. Compared to other solutions like Rapid7, Qualys offers a favorable price point and robust features."
"Qualys Patch Management offers a moderate price point, neither cheap nor expensive, considering its comprehensive functionality."

Popular Use Cases

Organizations implement Qualys Patch Management to automate vulnerability remediation, prioritize patches, and ensure accurate application to minimize security risks. They utilize cloud-based agents for seamless patch deployment across multiple systems, focusing on critical and high-severity vulnerabilities. By integrating with Qualys VMDR and other security tools, they efficiently detect, prioritize, and deploy patches without needing on-premise servers or VPN connections, significantly enhancing their security posture and reducing the time to remediate vulnerabilities.

Service and Support

Feedback on customer service and support for Qualys Patch Management is mixed. Some emphasize challenges, noting delays and suggestions via articles rather than direct assistance. Others describe experiences as efficient, with timely responses and a quick resolution of issues. Many rate support highly, praising responsiveness and clear communication. However, some still find room for improvement, especially in escalation procedures and response speed. Overall, the support experience seems to vary based on case priority and user engagement.

Deployment

Qualys Patch Management's setup is straightforward when the right team is involved. Whitelisting in endpoint security systems like Carbon Black or CrowdStrike is crucial. Cloud and on-premises deployment options are available. Organizations often start with multiple personnel but transition to solo management. Documentation aids in overcoming initial complexities. The setup can range from quick tasks to extended periods based on organization size, asset count, security prerequisites, and internal processes.

Scalability

Qualys Patch Management is recognized for strong scalability, effectively accommodating a vast number of devices and updates globally. It is used by many companies across multiple locations with numerous users and teams, demonstrating dynamic expansion capabilities. While generally well-regarded, a few highlight areas for improvement, such as Mac patch support and multi-tenancy. Its ability to grow with organizational needs is praised, though some note cost and licensing considerations. Many rate its scalability highly.

Stability

Qualys Patch Management is praised for its stability, receiving high ratings such as nine and ten out of ten. Users appreciate seamless updates and minimal downtime. While occasional issues like latency are noted, they often attribute this to their internal networks or specific software updates. Some mention rare downtime during maintenance, but these are quickly resolved. Client experiences reflect consistent reliability over years of use, even during cloud transitions or system upgrades.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Patch Management Buyer's Guide for additional reliable information.