Table of Contents
- Summary
- Market Categories, Deployment Types, and Patch Coverage
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Ron Williams
- About GigaOm
- Copyright
1. Summary
Patch management is the process used to identify, acquire, verify, and install patches to physical and virtual devices and software systems. The purpose of patch management is to mitigate and remove security flaws in software and firmware.
The management of patches is not without challenges. Organizations unable to overcome these challenges may suffer from vulnerabilities leading to easily preventable compromises.
Good patch management practices in the current global environment require mitigation of the root causes responsible for some recent cyber events. Patch management also requires the proper tools, processes, and methods to minimize security risks and should support the functionality of the underlying hardware or software. Patch characterization, prioritization, testing, implementation tracking, and verification are all part of robust patch management.
Most organizations already patch laptops, desktops, and servers. A patch management solution adds rigor and consistency to what may already exist. When searching for a solution, companies should evaluate the coverage that already exists to learn how to fill gaps.
To assist in this effort, this Radar includes coverage as an additional dimension. By coverage, we mean the range of operating systems (OSs) and applications a solution can work with. If a vendor’s solution is designed for a single OS and environment, it may score well as a best-of-breed solution for that specific situation. And if that situation is your use case, the vendor selection becomes obvious.
On the other hand, some vendor solutions may cover all the various OSs and environments, making them appear suitable for almost any environment. However, they may not be a good fit if there is a lack of consistency in the covered areas. Examples include a strong agent-driven inventory and deployment system for Windows OSs, but a weak, secure-shell protocol (SSH) non-agent inventory method for Linux boxes. Another example is strong Windows workstation support, but less robust support for macOS, leading to more difficulties when managing Apple workstations and devices. In both cases, coverage for all OSs is present, but not consistent. Again, a careful review of the strengths and weaknesses, plus the coverage areas of a solution, will lead an organization to the most appropriate solution.
This GigaOm Radar report highlights the key patch management vendors and equips IT decision-makers with the information needed to select the one best fit for their business and use case requirements. In the corresponding “Key Criteria for Evaluating Patch Management Solutions,” we describe in more detail the key features and metrics we use to evaluate vendors in this market.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.