Analysts and CISOs suggest putting the following considerations on your patch management shopping list. Also see the related in-depth How to Compare Patch Management Software.Evaluation CriteriaThe following are criteria to consider when choosing a patch management system:Range of operating systems supported (Microsoft, Unix, Linux, Mac OS, etc.) Range of applications supported (Adobe, Mozilla, RealNetworks, Apple, Java) Agent-based or agentlessTypes of real-time reporting available (patches deployed, when, by whom, to which endpoints, etc.) ScalabilityAbility to operate on low-bandwidth or globally distributed networksAbility to manage computers on or off the networkChange control (ability to change settings back, pause deployments, etc.) Licensing options (subscription-based, perpetual or both) Ease of useIntegration with other security and configuration management systems and capabilitiesRange of CapabilitiesA full-featured patch management system should do the following:Research: Receive information about new patches from vendors and push this information to the patch server.Asset discovery: Scan the network to produce a full inventory of IT assets, and provide flexible ways to group and classify these assets. Vulnerability assessment and prioritization: Identify vulnerabilities based on the specific endpoints in the environment and rank them in terms of which will have the most impact and which are most important to address. Remediation: Continuously deploy, monitor, detect and enforce patch management policies. Reporting: Provide real-time reports that satisfy the needs for auditing, compliance and management oversight.