I'm searching for effective solutions to patch and remediate third-party applications, not just Windows patches. I'm specifically looking for systems that require minimal human input and align with security standards like ISO27001, NIST, or Cyber Essentials (UK). Currently, we're using Qualys for scanning and a Kaseya RMM. I'm in the early stages of investigating Qualys's patching product, but I also have some clients on Datto's patch management for Windows, which has been quite inconsistent. Ideally, I need a dependable product that can handle patching for a few thousand endpoints within 14 days of critical CVEs being disclosed. Any suggestions?
4 Answers
We use Action1 for both Windows and third-party app patching. They've got a solid library of supported third-party apps, and you can even add your own. It's easy to set up, works well, and they offer up to 200 endpoints for free, which is pretty neat. Definitely worth a look!
Is Chocolatey still a reliable option? I used it for third-party patching a while back and found it pretty dependable. I’m curious how others feel about it now since I’m experiencing similar patching challenges as OP.
We utilize Ansible/AWX for OS and third-party patching. Works like a charm!
I'm a fan of Microsoft Configuration Manager paired with PatchMyPC Enterprise. Their patch catalog is constantly updated and their customer support is fantastic. What I really appreciate is that it keeps all my installation objects current, which means users always have the latest software when they install from the Software Center. Totally automated, which is a dream!
Thanks, I’ll check this out!