What is Patch Management?

Patch Management is a process to acquire, test and install multiple patches (code changes) on the existing applications and software tools of the user's computer system. Patch management enables systems to stay updated on the existing patches. It helps decide the patches that are appropriate, and are installed as and when required.

Implement Patch Management with these 8 Easy Steps:

What is Patch Management?

Security and Patch Information Sources

In general, IT administrators know which security issues and software updates are relevant to their environment. To support you, Comodo's industry-leading Patch Management Operation Team monitors sources of intelligence from:

Automatic System Discovery

Comodo ONE performs automatic discovery of Windows systems (using Active Directory) and Linux systems to deliver intelligence that gives you a real-time view of your network:

Prioritization and Scheduling

In-built categorization allows you to prioritize your patch deployments based on details like severity, vendor or type.

Critical patches and security patches can be automated and scheduled to run daily right out-of-the-box whereas, all other patches could be scheduled for the regular periodic maintenance window.


Patches can be deployed out-of-the-box or a workflow can be applied to validate them before auto installation. You can run tests on desired systems first in order to approve either single or bulk patches. Once satisfied you can mark them as approved or unapproved.

Your automation policies can deploy all patches matching the criteria you defined or only the approved patches matching the criteria you defined per policy.

Although Comodo does extensive and deep testing, we also empower our users to perform their own tests.

Change Management

Comodo ONE Platform enables you to track all changes done through your endpoint patch policies and the latest status of your network. Administrators can generate reports to track the applied patches as well as the missing patches and check the patch procedure details to see the successful operations as well as any failed deployment attempts.

Installation and Deployment

The patches are deployed based on the delta between endpoint and latest patch intelligence gathered. When configured on-demand or by policy, the agent applies the relevant updates and patches to create an efficient and fast process. The status of deployment is then updated in real-time in Comodo ONE.

The installation process can be scheduled or triggered on-demand based on existing procedure or selected patches and devices such as:

Audit and Assessment

Every single application can be tracked and patched over your network in real-time and it provides:

Consistency and Compliance

Comodo ONE Platform enables you to stay compliant on your entire network

Our Promise to you: We will Patch everything you have, automatically! and for FREE.

The Ins and Outs of Patch Management using Comodo ITSM