PostHole
Compose Login
You are browsing us.zone2 in read-only mode. Log in to participate.
rss-bridge 2026-02-18T21:35:23+00:00

New: AI-Powered Patch Reliability Scoring—Predict Patch Impact Before You Deploy

What do advisory USN-7545-1 and Windows updates KB5065426, KB5063878, KB5055523, and KB5066835 have in common? Based on anonymized Qualys telemetry from 2025, they were among the most frequently rolled-back patches, in other words, patches that had to be undone after deployment. Rollbacks aren’t just inconvenient—they’re disruptive. They burn time, trigger outages, and create security gaps […]

New: AI-Powered Patch Reliability Scoring—Predict Patch Impact Before You Deploy

Eran Livne, Sr Director of Product Management, Qualys

February 19, 2026 - 5 min read

Table of Contents

  • Qualys Patch Reliability Score (AI-Powered)
  • How it works
  • Proof Point: How the Reliability Score Performed Against 2025s Most Rolled-Back Patches
  • Reliability + Mitigation: The Best of Both Worlds
  • Use Patch Reliability Score side-by-side with Qualys mitigation capabilities
  • The Bottom Line
  • How to Experience the Patch Reliability Score
  • Frequently Asked Questions

What do advisory USN-7545-1 and Windows updates KB5065426, KB5063878, KB5055523, and KB5066835 have in common?

Based on anonymized Qualys telemetry from 2025, they were among the most frequently rolled-back patches, in other words, patches that had to be undone after deployment.

Rollbacks aren’t just inconvenient—they’re disruptive. They burn time, trigger outages, and create security gaps while teams scramble to stabilize production. And as patch volumes and critical vulnerabilities keep rising, the old approach—“deploy and hope” or “test everything forever”—doesn’t scale.

That’s why Qualys just released an important new capability in TruRisk Eliminate:

Qualys Patch Reliability Score (AI-Powered)

Patch Reliability Score uses AI to help you answer a question every IT and security team asks right before rollout:

“What are the chances this patch breaks something in my environment?”

Instead of relying solely on release notes, forums, or guesswork, this feature provides an AI-driven reliability score that helps you predict the operational risk of a patch. This enables a risk-based patching strategy: move fast when it’s safe, and slow down when it’s not.

How it works

At any point in a patch’s lifecycle, the reliability engine continuously evaluates large-scale feedback signals gathered from many different public sources across the internet—including technical discussions, release-related feedback, and other real-world indicators that emerge after a patch ships.

The process runs:

  • Immediately after a patch is released, and
  • Continuously for weeks and months (on an adjusted cadence)

Because of this continuous process, the score evolves over time as new information becomes available and the evidence set grows.

The output is simple and actionable:

  • High Reliability Score = Deploy sooner with confidence
  • Low Reliability Score = Run additional testing, stage rollout, or delay broad deployment

Read More

Find out how to eliminate risk at the source. Read the white paper.

Read More

Proof Point: How the Reliability Score Performed Against 2025’s Most Rolled-Back Patches

When Qualys Research analyzed the 2025 patches that were rolled back most often, we used those results to validate the new scoring capability.

The outcome: the AI scored these patches as “Low Reliability”- matching what was ultimately experienced.

Here are a few examples:

Advisory: USN-7545-1

Title: Ubuntu Security Notification for Apport Vulnerability (USN-7545-1)
Reliability Score: Low
Why it mattered: Addressed a vulnerability fix but was associated with regressions and follow-up advisories, increasing the likelihood of operational impact.

KB5063878

Title: August 12, 2025—KB5063878 (OS Build 26100.4946)
Reliability Score: Low
Why it mattered: Customers reported serious post-update instability (crashes, app failures, update/troubleshooter issues) and difficult recovery characteristics in some cases.

KB5065426

Title: September 9, 2025—KB5065426 (OS Build 26100.6584)
Reliability Score: Low
Why it mattered: Reported installation/uninstall complications and operational disruptions (connectivity and system behavior issues) that can derail broad deployments.

KB5055523

Title: April 8, 2025—KB5055523 (OS Build 26100.3775)
Reliability Score: Low
Why it mattered: Deployment failures on some devices and authentication/Windows Hello issues increased the “patch pain” factor.

KB5066835

Title: October 14, 2025—KB5066835 (OS Builds 26200.6899 and 26100.6899)
Reliability Score: Low
Why it mattered: Post-deployment issues reported across scenarios (e.g., recovery environment input devices, authentication/cert workflows, and driver impacts), making staged rollout critical.

Reliability + Mitigation: The Best of Both Worlds

Here’s where this becomes a game-changer:

Sometimes you find a critical vulnerability, but the patch reliability is low.

Historically, teams had to choose whether to:

  • Patch now and risk breaking production or
  • Delay patching and accept exposure

Now you don’t have to choose.

Use Patch Reliability Score side-by-side with Qualys mitigation capabilities

If a critical vulnerability is detected and the patch is low reliability, customers can use Qualys-curated mitigation techniques to reduce or block the security risk while the patch is:

  • thoroughly tested
  • staged
  • and safely deployed

This enables a practical, real-world strategy:

  • Reduce risk immediately (mitigate)
  • Patch safely when ready (deploy confidently)

Access the Getting Started Guide to see how easy it is to get started with TruRisk Mitigate.

Read Now

The Bottom Line

Patch management isn’t just about speed anymore—it’s about predictability.

With the new AI-powered Patch Reliability Score, Qualys helps customers:

  • anticipate patch instability before it becomes an outage
  • prioritize testing effort where it’s most needed
  • deploy faster when confidence is high
  • and stay protected using mitigations when patch risk is high

Less guessing. Fewer rollbacks. Better security outcomes.

How to Experience the Patch Reliability Score

  • If you have Qualys Eliminate, this new capability is already included in your solution.
  • If you don’t, ask your TAM to enable a trial, so you can evaluate Patch Reliability Score in your environment.

Frequently Asked Questions

Q: How do I access the Patch Reliability Score?_A: If you are a Qualys Eliminate customer, this capability is already included. If not, contact your Technical Account Manager (TAM) to enable a trial.

Q: Does the score change over time?_A: Yes. The reliability engine continuously updates the score as new feedback and data become available after the initial patch release.

Q: Can I automate deployments based on the score?_A: Yes. The score effectively enables risk-based patching, allowing teams to set policies that accelerate high-reliability patches and pause low-reliability ones for testing.

Related

Original source

📄 trurisk-mitigate-getting-started-guide.pdf

Reply