Streamline and accelerate vulnerability remediation for all your IT assets.
E-mail our sales team
or call us at +1 800 745 4355.
The industry's most advanced solution for automated patch management
Qualys is uniquely positioned to leverage both vulnerability and threat intelligence insights in its patching solution. Cleverly, Qualys’ approach of taking patch remediation a step further with the addition of zero-touch automation eliminates non-caustic threats like always patching Chrome or iTunes. It is a welcome addition that helps companies reduce their attack surface while also freeing up IT and Security resources to focus on more strategic areas.
Christopher Kissel Research Director, Security Products, IDC
Qualys is uniquely positioned to leverage both vulnerability and threat intelligence insights in its patching solution. Cleverly, Qualys’ approach of taking patch remediation a step further with the addition of zero-touch automation eliminates non-caustic threats like always patching Chrome or iTunes. It is a welcome addition that helps companies reduce their attack surface while also freeing up IT and Security resources to focus on more strategic areas.
An introduction (01:53)
Demo: Responding to a suspicious device (03:26)
Qualys Patch Management gives you visibility and control by letting you:
Discover missing OS patches as well as missing patches from 3rd-party vendors, like Adobe, Google, Firefox, Apple, Microsoft, Linux and many more
Discover open vulnerabilities and patches for mobile apps available on the Google Play Store
Discover open vulnerabilities and missing patches quickly, comprehensively and at scale across assets located on premises, in clouds, and at remote endpoints
Track patch status via its central, dynamic dashboard, and generate reports that can be customized for different types of recipients
Create patch deployment jobs for different types of devices to run on specific, repeatable schedules
Configure rules and workflows so patches are deployed when they meet certain criteria, like severity level, CVSS score or product name
Deploy patches on demand at any given point, such as in emergency situations where a vulnerability is suddenly being actively exploited in the wild
Deliver messages to end users prompting them, for example, to install a patch or inform them about an in-progress deployment
Control and manage reboots. Our patch optimization engine will deploy as many patches as possible before a reboot is enforced. When a reboot is required, end users are given control to defer the reboot until a suitable time. However, Qualys PM can enforce a reboot if needed
A common challenge for patch teams is figuring out what patches must be deployed to fix the detected vulnerabilities. For example, to fix one CVE, it’s often necessary to install multiple patches for different versions of the affected product. Qualys Patch Management addresses this challenge by:
Automating correlation of vulnerabilities and patches, speeding up remediation response, especially for high-profile vulnerabilities being exploited in the wild
Indexing patch and vulnerability information, so that when the patch team enters a CVE in Qualys Patch Management’s search engine, they get a list of all the required patches
Putting IT and security teams on the same page by tracking vulnerabilities and patches on the same cadence with correlated information. This helps them collaborate by using a common terminology and consistent data set for patch analysis, prioritization, deployment and verification
Providing a comprehensive, filterable view of how many vulnerabilities were introduced in your environment over the last 2 years by each patchable OS or application so you can prioritize patching of your highest-risk applications
No need to wait for a weekly or bi-weekly vulnerability management report to find out if the latest-deployed patches worked properly – or if they need to be re-deployed. With Qualys Patch Management, patch deployments can be tracked on demand from its central dashboard using the search engine, and results filtered and narrowed using different criteria.
It’s a challenge to deploy patches on mobile devices and remote systems that connect to the corporate network intermittently and infrequently. Because Qualys Patch Management uses the Qualys Cloud Agent, it:
Deploys patches wherever an agent has been installed
Continuously sends critical change-event data and supporting details to the cloud
Enables patch installation on remote and roaming endpoints outside the network
Patches binaries downloaded directly from the vendor, or caches patches locally, eliminating the need for devices inside your corporate network to download them from the internet
Switches automatically to the best source to download patches from, no VPN required: For example, from a local cache when a device is inside the network, or from a vendor when it is at the user’s home
Qualys Zero-Touch Patch automates routine and risk-based patching to reduce exposure and maximize protection against high-risk attacks like ransomware. Mapping of vulnerabilities against the patches and configuration changes required for remediation enables security and IT teams to easily prioritize remediation for increased cooperation, productivity and SLA compliance. Qualys Patch Management enables teams to:
Intelligently identify and automatically deploy the proper patches and configuration changes required for remediating vulnerabilities (available 4Q2021)
Automate the entire patch correlation process and the application of patches with configuration changes in order to continuously meet remediation SLAs and demonstrate patch compliance
Prioritize patching based on real-time threat indicators such as ransomware, active attacks or lateral movements
Automatically apply low-complexity patches where patching has minimal risk of creating system instability
Identify and prioritize which systems & applications to patch regularly based on historical per-application vulnerability data via the new prioritization report
With this product, Qualys offers a complete vulnerability management lifecycle stack that also includes inventorying of assets, vulnerability management, and remediation prioritization. Specifically, Qualys Patch Management works in tandem with:
Qualys Global AssetView, which offers full asset visibility into hybrid IT environments
Qualys Vulnerability Management, Detection and Response, which detects vulnerabilities across all IT assets
Qualys Threat Protection, which helps prioritize remediation
Start your free trial today. No software to download or install. Email us or call us at 1 (800) 745-4355.