Guide to Patch and Vulnerability Management
Top trends in the patch management market
Patch management is becoming 'vulnerability management'by Network World Staff
Patch management has since grown to include vulnerability management. Patch management is focused on the automation and management of patches. Vulnerability management is slightly broader and is used for products that offer more functions, from asset identification to vulnerability classification, as they apply the software patch. This wider scope, plus the pressures of compliance continues to drive both growth and innovation in the market, IDC says. In fact, IDC predicts that by 2011, three submarkets of security and vulnerability management will each exceed $0.7 billion in vendor revenue. These are policy and compliance, security information and event management, and patching and remediation.
Maintaining secure clients has become increasingly complicated, as well, Forrester points out. The situation isn't expected to get easier anytime soon. The wider variety of clients, uptake in the options available for client operating systems coupled with today's distributed environment, makes controlling the PC a difficult task. In addition, PC environments remain a hefty cost associated with the corporate network. Tools that automate operating system patch management, software vulnerability assessments and systems management promise to help IT to manage their PC environment with more reliability and less head count. The big management players, namely CA, HP and Symantec, own most of the client-management market, but aren't necessarily the right fit for every company. Smaller, younger vendors like many listed in this Buyer's Guide offer some very compelling solutions, Forrester says.