Guide to Patch and Vulnerability Management

Top trends in the patch management market

Patch management is becoming 'vulnerability management'

by Network World Staff 

Patch management has since grown to include vulnerability management. Patch management is focused on the automation and management of patches. Vulnerability management is slightly broader and is used for products that offer more functions, from asset identification to vulnerability classification, as they apply the software patch. This wider scope, plus the pressures of compliance continues to drive both growth and innovation in the market, IDC says. In fact, IDC predicts that by 2011, three submarkets of security and vulnerability management will each exceed $0.7 billion in vendor revenue. These are policy and compliance, security information and event management, and patching and remediation.  

Maintaining secure clients has become increasingly complicated, as well, Forrester points out. The situation isn't expected to get easier anytime soon. The wider variety of clients, uptake in the options available for client operating systems coupled with today's distributed environment, makes controlling the PC a difficult task. In addition, PC environments remain a hefty cost associated with the corporate network. Tools that automate operating system patch management, software vulnerability assessments and systems management promise to help IT to manage their PC environment with more reliability and less head count. The big management players, namely CA, HP and Symantec, own most of the client-management market, but aren't necessarily the right fit for every company. Smaller, younger vendors like many listed in this Buyer's Guide offer some very compelling solutions, Forrester says.  

Related:
Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Security Watch Newsletter

Comments