In enterprise environments patch management is much complicated than just using a patch deployment tool to install patches on all hosts. Post-deployment health check and manually patching the vulnerabilities, however, costs system administrators much time. This thesis introduces previous observations for an automated patch management. Moreover, this paper presents an add-on tool to automate the installation of missing patches on hosts, which were not able to be patched by a patch deployment tool. This add-on was developed in C# and PowerShell and uses QualysGuard’s XML exported report as input. This tool was developed and tested on a virtualized Windows domain.
Though the add-on for QualysGuard works well, a human interaction in patch management should not be omitted.
Previous studies have just focused on presenting their own tool and idea for patch management automation, however this thesis provides information about previous ideas for patch management automation and introduces an add-on for QualysGuard that does not yet exist and might help system administrators, who have purchased QualysGuard, to save time.