Try our new research platform with insights from 80,000+ expert users
Qualys Patch Management Logo

Qualys Patch Management pros and cons

Vendor: Qualys
4.5 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Qualys Patch Management automates patch deployment, boosting patch rates and reducing risk by coordinating vulnerability remediation. It offers scheduling and on-demand patching, integrating Qualys Gateway Scanner to minimize bandwidth consumption. The tool provides a comprehensive vulnerability overview, though it lacks driver updates and has limited patch capabilities compared to SCCM. Issues with agent authorization and detection logic can affect report accuracy, and pricing is higher with a limited patch range. Improvements are needed for VMware environments and user-friendly reporting.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Qualys Patch Management automates patch deployment and significantly improves patch rates.
The tool reduces organizational risk by effectively coordinating vulnerability remediation across all assets.
Qualys Patch Management allows for convenient scheduling and on-demand patching, improving time and resource efficiency.
The integration of Qualys Gateway Scanner is praised for minimizing bandwidth consumption and simplifying patch deployment.
Qualys Patch Management excels in providing a single source of truth for vulnerabilities, enhancing assessment and remediation efficiency.

CONS

Qualys Patch Management lacks built-in driver updates, and its patch capabilities are limited compared to other tools like SCCM.
It could improve in fixing vulnerabilities on VMware and other virtualized environments, and reporting needs to be more user-friendly.
The detection logic sometimes shows false positives, detecting vulnerabilities that are not exploitable.
Issues with Qualys agent authorization can lead to inaccurate vulnerability reports and restricted patch deployments.
Pricing is considered high compared to competitors, and the range of available patches should be expanded.
 

Qualys Patch Management Pros review quotes

Brad Mathis - PeerSpot reviewer
Brad Mathis
Employee-Owner, Senior Consultant, Information Security at Keller Schroeder
Jun 10, 2024
The most valuable feature in Patch Management is the Qualys query language for set-it-and-forget-it patching for our preapproved patches, and our preapproved schedules, That is extremely helpful compared to the old days of patching.
Read full review
Yuvaraaj Adhithya - PeerSpot reviewer
Yuvaraaj Adhithya
Cyber Security Analyst at WPP
Aug 20, 2024
For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it.
Read full review
reviewer2560884 - PeerSpot reviewer
reviewer2560884
SOC - Cyber Security Engineer at a computer software company with 201-500 employees
Sep 25, 2024
Qualys' best feature is its reporting. At first, it may seem a little complicated to a beginning user, but it's helpful once you get used to it. Most of these scans run automatically. We set the scans up for the client to run at daily, weekly, or monthly intervals, depending on how critical the server or other hardware is.
Read full review
Buyer's Guide
Qualys Patch Management
January 2026
Free Report: Qualys Patch Management Reviews and More
Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,707 professionals have used our research since 2012.
Rafael Araujo - PeerSpot reviewer
Rafael Araujo
Infrastructure and Information Security Supervisor at YKK MALAYSIA SDN BHD
Oct 4, 2024
Policy enforcement requires less time for my team because users cannot avoid applying updates. The user can skip two or three times or for a maximum of eight hours. After that, there is no way to avoid it. It helps us keep the environment safe.
Read full review
AZ
Aasim Zaidi
System Admin at a insurance company with 501-1,000 employees
Oct 28, 2024
Patch Management's most valuable feature is the ability to search for vulnerabilities using their QID.
Read full review
reviewer2584884 - PeerSpot reviewer
reviewer2584884
Foundation Services Director at a leisure / travel company with 10,001+ employees
Oct 14, 2024
The most valuable features are the ease of managing both first-party and third-party patching, the generation of dashboards, and the provision of real-time information.
Read full review
Darrell Elmore - PeerSpot reviewer
Darrell Elmore
System Architect at a leisure / travel company with 10,001+ employees
Oct 17, 2024
Patch Management gave my side and the security side a single pane of glass and the ability to better coordinate the delivery of patches.
Read full review
RO
Rustam Osmanov
Cybersecurity Engineer at a manufacturing company with 51-200 employees
Oct 18, 2024
Patch Management, if configured correctly, works effectively without requiring further action.
Read full review
reviewer2588394 - PeerSpot reviewer
reviewer2588394
Works at a comms service provider with 1-10 employees
Oct 24, 2024
The integration of Qualys Gateway Scanner is my favorite feature. The patches our downloaded to QGS in our environment and deployed, saving bandwidth. The patch logging and policies have been helpful. The dashboard shows you when the patch has been applied to your assets.
Read full review
reviewer2589096 - PeerSpot reviewer
reviewer2589096
Senior Information Security Engineer at a consultancy with 10,001+ employees
Oct 30, 2024
Qualys Patch Management has significantly reduced our organizational risks.
Read full review
Show 10 more reviews (out of 42)
 

Qualys Patch Management Cons review quotes

Brad Mathis - PeerSpot reviewer
Brad Mathis
Employee-Owner, Senior Consultant, Information Security at Keller Schroeder
Jun 10, 2024
A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates.
Read full review
Yuvaraaj Adhithya - PeerSpot reviewer
Yuvaraaj Adhithya
Cyber Security Analyst at WPP
Aug 20, 2024
One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective.
Read full review
reviewer2560884 - PeerSpot reviewer
reviewer2560884
SOC - Cyber Security Engineer at a computer software company with 201-500 employees
Sep 25, 2024
Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn.
Read full review
Buyer's Guide
Qualys Patch Management
January 2026
Free Report: Qualys Patch Management Reviews and More
Learn what your peers think about Qualys Patch Management. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
881,707 professionals have used our research since 2012.
Rafael Araujo - PeerSpot reviewer
Rafael Araujo
Infrastructure and Information Security Supervisor at YKK MALAYSIA SDN BHD
Oct 4, 2024
Its implementation is too recent to make any judgments about areas needing improvement. In terms of pricing, of course, it is not free. Cheaper is always better.
Read full review
AZ
Aasim Zaidi
System Admin at a insurance company with 501-1,000 employees
Oct 28, 2024
The Qualys agent sometimes encounters authorization issues, leading to inaccurate vulnerability reports.
Read full review
reviewer2584884 - PeerSpot reviewer
reviewer2584884
Foundation Services Director at a leisure / travel company with 10,001+ employees
Oct 14, 2024
There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.
Read full review
Darrell Elmore - PeerSpot reviewer
Darrell Elmore
System Architect at a leisure / travel company with 10,001+ employees
Oct 17, 2024
A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it.
Read full review
RO
Rustam Osmanov
Cybersecurity Engineer at a manufacturing company with 51-200 employees
Oct 18, 2024
Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement.
Read full review
reviewer2588394 - PeerSpot reviewer
reviewer2588394
Works at a comms service provider with 1-10 employees
Oct 24, 2024
There is room for improvement in terms of adding more patches. Not all patches are available for deployment on Qualys Patch Management, so collaborating with various vendors to provide new patches would be beneficial.
Read full review
reviewer2589096 - PeerSpot reviewer
reviewer2589096
Senior Information Security Engineer at a consultancy with 10,001+ employees
Oct 30, 2024
Qualys could improve its randomized download feature and provide more detailed information about patch failures, including the reason for failure.
Read full review
Show 10 more reviews (out of 42)

Product Categories

Product Categories
Patch Management

Popular Comparisons

Popular Comparisons
Microsoft Configuration Manager vs Qualys Patch Management Logo
Microsoft Configuration Manager vs Qualys Patch Management
NinjaOne vs Qualys Patch Management Logo
NinjaOne vs Qualys Patch Management
BigFix vs Qualys Patch Management Logo
BigFix vs Qualys Patch Management
Atera vs Qualys Patch Management Logo
Atera vs Qualys Patch Management
Kaseya VSA vs Qualys Patch Management Logo
Kaseya VSA vs Qualys Patch Management
Vicarius vRx vs Qualys Patch Management Logo
Vicarius vRx vs Qualys Patch Management
ManageEngine Patch Manager Plus vs Qualys Patch Management Logo
ManageEngine Patch Manager Plus vs Qualys Patch Management
Automox vs Qualys Patch Management Logo
Automox vs Qualys Patch Management
Microsoft Windows Server Update Services vs Qualys Patch Management Logo
Microsoft Windows Server Update Services vs Qualys Patch Management
Ivanti Security Controls vs Qualys Patch Management Logo
Ivanti Security Controls vs Qualys Patch Management
Patch My PC vs Qualys Patch Management Logo
Patch My PC vs Qualys Patch Management
PDQ Deploy vs Qualys Patch Management Logo
PDQ Deploy vs Qualys Patch Management
Ivanti Patch for Endpoint Manager vs Qualys Patch Management Logo
Ivanti Patch for Endpoint Manager vs Qualys Patch Management
Action1 vs Qualys Patch Management Logo
Action1 vs Qualys Patch Management
See all alternatives

Product Categories

Product Categories
Patch Management

Popular Comparisons

Popular Comparisons
Microsoft Configuration Manager vs Qualys Patch Management Logo
Microsoft Configuration Manager vs Qualys Patch Management
NinjaOne vs Qualys Patch Management Logo
NinjaOne vs Qualys Patch Management
BigFix vs Qualys Patch Management Logo
BigFix vs Qualys Patch Management
Atera vs Qualys Patch Management Logo
Atera vs Qualys Patch Management
Kaseya VSA vs Qualys Patch Management Logo
Kaseya VSA vs Qualys Patch Management
Vicarius vRx vs Qualys Patch Management Logo
Vicarius vRx vs Qualys Patch Management
ManageEngine Patch Manager Plus vs Qualys Patch Management Logo
ManageEngine Patch Manager Plus vs Qualys Patch Management
Automox vs Qualys Patch Management Logo
Automox vs Qualys Patch Management
Microsoft Windows Server Update Services vs Qualys Patch Management Logo
Microsoft Windows Server Update Services vs Qualys Patch Management
Ivanti Security Controls vs Qualys Patch Management Logo
Ivanti Security Controls vs Qualys Patch Management
Patch My PC vs Qualys Patch Management Logo
Patch My PC vs Qualys Patch Management
PDQ Deploy vs Qualys Patch Management Logo
PDQ Deploy vs Qualys Patch Management
Ivanti Patch for Endpoint Manager vs Qualys Patch Management Logo
Ivanti Patch for Endpoint Manager vs Qualys Patch Management
Action1 vs Qualys Patch Management Logo
Action1 vs Qualys Patch Management
See all alternatives
Related questions
  • 47
Why is patch management important for cybersecurity?
  • 32
When evaluating Patch Management, what aspect do you think is the most important to look for?
  • 49
What patch management solution do you recommend?
  • 45
What solution should we use for upgrading and patching OS to remediate vulnerabilities?
  • 102
Why is Patch Management important for companies?
  • 34
What are Pros and Cons of Cloud-based Patch Management?