Custom Vendor Landscape
Patch Management Software
Prepared for: [Client Name Redacted]
An Important Note
Understanding a Custom Vendor Landscape
- Info-Tech's Custom Vendor Landscapes are custom deliverables that are built with a heavy emphasis on the use cases and selection criteria of the requesting client. They are intended to provide an external point-of-view on a smaller or niche software marketspace. They are built over the course of one week based on secondary research by one of our Software Selection Services analysts.
- These deliverables may be sanitized and published for convenient access by our other members; it is important to understand that they are not intended to be general market analysis reports like our SoftwareReviews Data Quadrants or Software Selection Guides.
- The report is bespoke to the client that requested it and is not intended to be an omnibus view of the entire marketspace (these deliverables are limited to ten vendors, and the vendor shortlist is often dictated in full or in part by the requestor).
- Please ensure that you are conducting your own due diligence on vendors within the space; the sanitized version of this report may be a helpful starting point for initial vendor shortlisting; the limitations of its scope and the highly custom nature of the vendor list and analysis contained within does not make it synonymous with the analysis in our omnibus market analysis research (SoftwareReviews Data Quadrants and Software Selection Guides).
Understanding the Selection Initiative
Objective |
Vendor Selection Criteria |
|---|---|
[Redacted] is looking for a best-of-breed vulnerability and patch management solution to enable automated identification of system vulnerabilities and patching, to ensure smooth and secure operation of current software. Currently, there is no system in place for automated patch management. Tenable and CrowdStrike Spotlight are currently used to manually scan endpoint vulnerabilities. The new vendor must have an intuitive platform, extensive customization capabilities, control over AI capabilities and strong levels of automation. The goal of this research is to assist the selection of the best-suited vendor going forward, minimizing the time spent on patching endpoints. |
In evaluating the marketspace for Vulnerability and Patch Management Software, Info-Tech's analysts looked at the following vendor attributes:
|
Selection Rigor Matters.Enterprise software is a key driver of digital transformation - having a strong approach to vendor selection is essential. Info-Tech's research shows that 70% of application selections fail because of poorly defined requirements and inadequate vendor validation. |
|
Defining the Market
Market Definition
Vulnerability and Patch Management Software is an essential tool in bolstering an organization's cybersecurity. Vulnerability Management consists of the complete process from monitoring, identification and remediation. Patch management is part of this process, providing automated fixes for vulnerabilities.
Leading solutions can automate the complete process from identifying endpoint risks and deploying patches. Typical features of software in this space include monitoring endpoint vulnerabilities, deploying patches, customization, reporting, software integrations.
The primary drivers for these software are helping organizations reduce the time taken on managing vulnerabilities in security, and ensuring accurate action is taken to patch them. The chosen software must focus on providing a multi-functional, customizable and easy to use experience for an established and growing organization.
Key Trends in the Vulnerability and Patch Management Market
Some of the top trends impacting the industry in 2024: |
|||
|---|---|---|---|
SBOM Adoption |
Cloud Based Patch Management |
Predictive Patching |
Zero Trust Security |
Source: ITSM Tools
Proactive Solutions
72% of IT leaders prefer developing cybersecurity tools in a proactive over reactive approach.
Source: CFO
71% of IT professionals find patching to be overly complex and time consuming.
Source: Ivanti
Top Level Features
Feature Name |
Description |
|---|---|
Vulnerability Management |
Constant endpoint monitoring with automatic vulnerability scanning, software misconfigurations, prioritization and maintaining compliance. |
Patch Management |
Automated identification of required patches and deployment across endpoints. Includes multi-platform support, synchronizing vulnerabilities, downloading patches, testing, patch rollback, approvals. |
Customization |
The platform must support frequent customizations, can support custom workflows between groups in ISD. The platform must be resource-light and can be run with limited resources. |
Integrations |
The platform must be able to integrate with major software including ServiceNow for ticketing, Tenable and CrowdStrike Spotlight for vulnerability visibility and MECM for deployment. |
Intuitive Platform |
The platform must be easy to use, with clear dashboards and quoting forms, easy communication/follow-up and role-based management. |
Security Compliance |
The platform must meet major security certifications including FedRAMP, SIMM, all major security standards. |
AI Limitation |
The platform must have limited AI capabilities, or the ability to control and omit AI from its functionality. |
Reporting |
Must be able to monitor and provide reports on status of vulnerabilities and patches, with clear dashboards and information. |
Key Players
Info-Tech identified 8 platforms applicable to the use case. The platforms are listed in alphabetical order.
