Lumension Logo As IT environments have become increasingly complex, supporting virtual, distributed, and disparate platforms, organizations must now ensure that they maintain stronger control of their endpoints. The first step to improving endpoint control is to standardize endpoint configurations and automate patch management across the entire endpoint environment. By eliminating vulnerabilities in third party applications and heterogeneous operating systems, IT risk can be effectively reduced, while endpoint operations can be improved.

With the browser fast-becoming the new corporate desktop and third party applications being the primary path used by cybercriminals to gain access to corporate network systems, the ability to effectively mitigate IT risk exposures across today's dynamic endpoint environments has become an increasing challenge. In fact, the number one security priority listed by the SANS Institute is patching "client-side software".

Cover Every OS in your Environment:
Get visibility across your entire network environment, including virtual machines.

While there are numerous "free" patch management tools or updaters native to specific applications available today, relying upon such tools could end up costing organizations more due to a lack of IT visibility and control that can lead to increased risk and lost productivity. For example, Microsoft Windows Server Update Service (WSUS) only supports current versions of Microsoft applications, and operating systems with patch content – legacy applications may not be supported and no third party applications are supported, which is problematic as about 80% of all vulnerabilities are from non-Microsoft applications. In fact, a typical endpoint requires at least 12 native updaters to cover all applications installed, and even then total coverage is not guaranteed. Learn more about how relying upon "free" patch management tools could cost more.

To ensure that systems remain configured per IT policy and rapidly remediated against the growing list of application and OS vulnerabilities, a centralized solution is needed that automates discovery, assessment and remediation for heterogeneous endpoint environments and proactively alerts busy system administrators to key issues.

Introducing Lumension® Patch and Remediation

Lumension® Patch and Remediation, provides rapid, accurate and secure patch management for applications and operating systems, allowing you to proactively manage threats and IT risk even in the most complex of environments. IT management control is enhanced by centralizing and automating the patching process from vulnerability identification to patch collection, testing, distribution, remediation and verification reporting. Lumension® Patch and Remediation significantly reduces the exposure to cybercriminal and malware risk while decreasing the cost of endpoint operations and compliance reporting requirements. 


Heterogeneous OS support for easy patch and remediation administration across multiple platforms - Windows, Unix, Linux and Mac OS. Microsoft patch coverage includes both security and non-security content for operating systems back to Windows XP / Server 2003 and applications such as Office.

The industry's broadest third party vulnerability content available, including the largest repository of Adobe vulnerability content.
Integrated asset discovery for full network visibility and continuous control across both physical and virtual environments.
Automated policy baselines to ensure that patches, configurations, remediations, and other tasks are continuously enforced.
Enhanced Wake-on-LAN provides complete control over the patching process and provides IT with the flexibility to determine when patch distributions occur (i.e. during non-work hours), and to bring powered down systems back on-line to ensure a comprehensive distribution of vulnerability patches.
Power management reporting that demonstrates power consumption savings and provides the information necessary to apply for utility rebate programs available through local utility providers. Lumension® Power Reporting and Lumension® Content Wizard Add-ons provide IT with a complete endpoint power management solution. See how much your organization can save with our power management calculator and view an independent benchmarking analysis of the Lumension® Power Management solution.

Success Story

Customer Success Story
MidMichigan Health Secures Patient Data More Effectively and Efficiently
Medical Center sees reduction in malware threats from 2-3 per week to zero and less IT time spent 'putting out fires' with Lumension® Endpoint Management and Security Suite
Click to Play

Lumension Patch Management

Patch Tuesday Resource Center
Click to Visit



Lumension's patented Patch Fingerprinting technology* determines whether an endpoint is patched or un-patched across a wide variety of operating systems and applications – even down to very specific software versions. Patch fingerprints include unique files, file attributes, directories, and registry keys. This unique capability effectively improves endpoint security and reduces operating costs - especially across large and diverse endpoint environments.
Extensibility and customization via Lumension® Content Wizard Add-on including power policy management, software deployment and removal, desktop configuration templates, and custom task scripting to support patch deployment for proprietary in-house systems.
Seamless integration with Lumension® Endpoint Management and Security Suite, which enables organizations to simplify endpoint management and control and reduce the overall expense of managing complex endpoint environments by consolidating different product modules into a single console, single server, single agent platform architecture.
IT risk management integration via Lumension® Risk Manager to automatically assess controls and potential deficiencies for IT risk management prioritization and compliance reporting.