Qualys CyberSecurity Asset Management Reviews

Name: Qualys CyberSecurity Asset Management
Brand: Qualys
Rating: 4.5 (35 reviews)

Vendor: Qualys

4.5 out of 5

35 reviews
97% willing to recommend

Leave a review

What is Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management provides key features including asset inventory management, end-of-life tracking, dynamic tagging, and integration with CMDB, offering extensive visibility and support for proactive threat response.

Get the Qualys CyberSecurity Asset Management Buyer's Guide and find out what your peers are saying about Qualys CyberSecurity Asset Management, CrowdStrike Falcon, SentinelOne Singularity Cloud Security and more!

Qualys CyberSecurity Asset Management is the #2 ranked solution in top Attack Surface Management (ASM) solutions, #2 ranked solution in top Software Supply Chain Security solutions, #3 ranked solution in top Cyber Asset Attack Surface Management (CAASM) solutions, #5 ranked solution in top Patch Management solutions, and #7 ranked solution in top Vulnerability Management solutions. PeerSpot users give Qualys CyberSecurity Asset Management an average rating of 9.0 out of 10. Qualys CyberSecurity Asset Management is most commonly compared to CrowdStrike Falcon: Qualys CyberSecurity Asset Management vs CrowdStrike Falcon. Qualys CyberSecurity Asset Management is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.

Buyer's Guide

Qualys CyberSecurity Asset Management

April 2026

Get the report

Helped 892,383 peers since 2012

Featured Qualys CyberSecurity Asset Management reviews

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

The alternative solution I used was Tenable. I used to prefer Tenable, thinking of Qualys as the underdog. However, after working more with Qualys, I’ve come to appreciate it more. It's not because it’s more powerful or because it doesn’t have any issues or better features, but because it is more transparent. Tenable is very easy to use, but it doesn’t provide a clear understanding of its inner workings. In contrast, Qualys can be more complex to use due to its numerous settings and the need for additional training, but at least it gives you a clearer idea of what it does. Comparing the two is challenging. Tenable is more powerful, but whether that power is necessary depends on your specific needs. I acknowledge that Tenable is more expensive, as it requires purchasing additional modules. Overall, Qualys is a great option.

Read full review

Christopher Mateski

SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees

The CMDB Sync affects our mean time to remediation. Using the VMDR module with the CMDB, we sync our vulnerabilities to the CMDB and asset information. We receive asset owner information and application owner information, which helps us understand who we need to work with to remediate vulnerabilities. When we can pull that information from the CMDB, it's very helpful.The TruRisk score helps me prioritize vulnerabilities and assets. The TruRisk score allows us to show where we have our highest risk. When an asset has a very high TruRisk score, it's easy to demonstrate to partners that an asset needs immediate remediation. However, when a TruRisk score is moderate or low and has vulnerabilities on the attack surface, it appears healthier than it is. Our partners might delay addressing these assets due to the lower score, despite their presence on the attack surface making them more vulnerable. Qualys CyberSecurity Asset Management enables us to identify end-of-life and end-of-support software.

Read full review

Leah Gray

Vulnerability Management Analyst III at America First Credit Union

I do not have a favorite feature. I do not know if Qualys CyberSecurity Asset Management identifies all other risk factors for our assets in addition to vulnerabilities. We don't use CMDB Sync, which is a feature that they have. As far as I know, it covers all of our domains regarding External Attack Surface Management. We haven't actually gone to TruRisk yet; we're kind of in the middle of getting that set up. We're probably just beginning in many ways. We used passive sensors a couple of times, but we just couldn't get them placed where we needed to get them placed. They were giving us all kinds of incorrect IPs, so we stopped. I don't think it was difficult at all when I first started using Qualys CyberSecurity Asset Management. I'm still somewhat learning about it, but I do remember how long it took me to fully understand the interface and all the intricacies. There's no maintenance on Qualys CyberSecurity Asset Management, as far as I know, other than our own. I would rate this product a 9 out of 10.

Read full review

Qualys CyberSecurity Asset Management mindshare

Product category:

As of April 2026, the mindshare of Qualys CyberSecurity Asset Management in the Cyber Asset Attack Surface Management (CAASM) category stands at 10.6%, up from 6.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cyber Asset Attack Surface Management (CAASM) Mindshare Distribution
Product	Mindshare (%)
Qualys CyberSecurity Asset Management	10.6%
Axonius	27.8%
Armis	15.6%
Other	46.0%

Cyber Asset Attack Surface Management (CAASM)

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Type	Title	Date
Category	Cyber Asset Attack Surface Management (CAASM)	Apr 30, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Armis	Apr 30, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Axonius	Apr 30, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs JumpCloud	Apr 30, 2026	Download

Valuable Features

Qualys CyberSecurity Asset Management offers invaluable features such as detailed asset discovery, tagging, end-of-life tracking, and dynamic asset management. It enhances risk identification, allows integration with third-party tools, and provides visibility into vulnerabilities. With real-time monitoring, External Attack Surface Management, and TruRisk scoring, it aids efficient prioritization and remediation. Users appreciate its user-friendly interface, automated processes, comprehensive inventory, and alignment with security standards, optimizing cybersecurity operations effectively.

"ESAM covers the entire attack surface, discovers more, and provides complete details about the assets, such as the external interface and internal interface, correlating them so we get the complete details of the assets, which were not given by the other solution."
"Regarding return on investment, I first look at the reality of the environment and the decrease in critical vulnerabilities with Qualys CyberSecurity Asset Management, which equals a positive return on investment."
"Getting different kinds of modules and inventory in one solution is good enough."

Room for Improvement

Price and CMDB Sync limitations affect adoption. Integration with non-ServiceNow systems is needed. Improved reporting and user interface are crucial for ease of use. Users seek customizable features and enhanced scan capabilities. The agent's resource consumption and platform responsiveness require improvement. Enhanced tagging, role access, and asset discovery processes are necessary. Better integration and support for third-party tools would enhance functionality. Training resources and query language consistency are essential for effective use.

"They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword."
"In the best practice for categorizing assets with the C-SAM module in Qualys CyberSecurity Asset Management, I see potential for improvement with integration of other CMDB systems in creating a relationship with Qualys and other solutions."
"Qualys CyberSecurity Asset Management is moderately good, while Rapid7 is slightly much better."

ROI

Qualys CyberSecurity Asset Management led to a significant reduction in critical vulnerabilities and costs, optimizing resource allocation. It streamlined processes, reducing tagging time and manual efforts by up to 45% and cutting costs by 35%. There was an observed ROI of about 95% while decreasing labor costs by approximately $109,000 annually. Enhanced client trust resulted in around $99,000 in new contracts. Efficiency improvements were seen in vulnerability management and compatibility adjustments with AWS cloud.

Pricing

Enterprise users find Qualys CyberSecurity Asset Management pricing somewhat high, especially as an add-on to VMDR, yet many acknowledge its competitive and transparent pricing model. They appreciate the value and comprehensive features it offers, despite some finding it suitable mainly for larger organizations. While some mention that bundling with other services could enhance its appeal, others suggest pricing could be adjusted for small organizations. Overall, it is deemed fair for its value and features.

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"The pricing is market-competitive."

Popular Use Cases

Organizations primarily use Qualys CyberSecurity Asset Management for asset tracking, vulnerability management, and enhanced security visibility. It helps in identifying and categorizing hardware and software assets, monitoring external attack surfaces, and addressing zero-day vulnerabilities. It enables effective patch management and compliance through real-time insights, facilitating risk reduction. By collecting detailed asset information, it supports asset lifecycle management and security posture improvement, ensuring comprehensive governance across IT environments.

Service and Support

Users find Qualys CyberSecurity Asset Management's customer support timely, effective, and knowledgeable. Their technical team efficiently resolves complex issues, offering comprehensive documentation and responsive forums. Though occasional delays and redirections occur, support generally rates high, with ratings often reaching nine or ten out of ten. Customer service assigns support executives quickly, and user-friendly resources such as a ticketing system and training programs enhance support experiences, providing consistent, dedicated assistance for various technical needs.

Deployment

Initial deployment of Qualys CyberSecurity Asset Management is generally straightforward and efficient, especially for VMDR users who find activation quick. Existing networks benefit from seamless transitions, while larger distributed environments may encounter challenges. Cloud deployment proves easier due to minimal maintenance needs. Documentation assists in understanding configurations, and support from experienced professionals eases the process. Deployment times vary based on environment size and prior experience, with some organizations completing it within a week.

Scalability

Qualys CyberSecurity Asset Management is praised for scaling effectively across diverse environments, from small setups to extensive networks exceeding tens of thousands of endpoints. Users highlight its ability to handle large datasets and integrate seamlessly as deployment scales. Organizations across various locations report successful scalability, with ratings often reaching the higher end. Its cloud-based nature allows smooth scaling and adaptability, making it highly satisfactory for managing substantial assets globally. Scalability issues are rarely encountered.

Stability

Qualys CyberSecurity Asset Management is consistently stable, with many users rating its stability between eight to ten out of ten. Occasional issues like syncing or slowness are usually linked to updates or network. Users appreciate its reliability, noting few severe performance issues over time. Stability is generally high, though some users mentioned recent declines in performance, experiencing slower page requests and access issues, but these instances are limited and usually promptly addressed.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys CyberSecurity Asset Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	2
Large Enterprise	23

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	184
Midsize Enterprise	89
Large Enterprise	297

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

10%

Manufacturing Company

Comms Service Provider

Outsourcing Company

Insurance Company

Government

Marketing Services Firm

Construction Company

Healthcare Company

Retailer

Educational Organization

Performing Arts

Transportation Company

Media Company

Energy/Utilities Company

Non Profit

University

Wholesaler/Distributor

Real Estate/Law Firm

Logistics Company

Consumer Goods Company

Hospitality Company

Legal Firm

Recreational Facilities/Services Company

Pharma/Biotech Company

Leisure / Travel Company

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Qualys offers comprehensive visibility across hardware and software assets, aiding in tracking unauthorized applications and facilitating automated vulnerability remediation. Its user-friendly interface and dynamic risk scoring enhance security posture management. Users leverage it for vulnerability management and compliance, benefiting from real-time risk identification and efficient operations in cloud and on-premises environments.

What are the key features of Qualys CyberSecurity Asset Management?

Asset Inventory Management: Provides detailed visibility over hardware and software assets.
End-of-Life Tracking: Helps identify technical debt by pinpointing outdated hardware and software.
Dynamic Tagging: Allows flexible classification and categorization of assets.
Real-Time Risk Identification: Detects risks as they arise, enhancing threat response capabilities.
CMDB Integration: Streamlines data integration for comprehensive asset insights.

What benefits should users look for in Qualys reviews?

Improved Security Posture: Enables proactive threat management and streamlined operations.
Efficient Remediation: Automates vulnerability management and patch deployment.
User-Friendly Operations: Simplifies cybersecurity operations with an intuitive interface.
Comprehensive Asset Visibility: Offers unparalleled insight into organizational assets.
Scalable Solutions: Facilitates asset tracking across cloud and on-premises environments.

Cybersecurity teams in various industries, such as financial services, healthcare, and manufacturing, utilize Qualys to manage technical debt through end-of-life tracking and facilitate robust patch management. It supports compliance and visibility initiatives, essential for maintaining data integrity and operational security in dynamic environments.

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

SentinelOne Singularity Cloud Security vs Qualys CyberSecurity Asset Management

Wiz vs Qualys CyberSecurity Asset Management

Darktrace vs Qualys CyberSecurity Asset Management

Qualys VMDR vs Qualys CyberSecurity Asset Management

Tanium vs Qualys CyberSecurity Asset Management

Microsoft Configuration Manager vs Qualys CyberSecurity Asset Management

NinjaOne vs Qualys CyberSecurity Asset Management

TrendAI Vision One vs Qualys CyberSecurity Asset Management

Tenable Nessus vs Qualys CyberSecurity Asset Management

Orca Security vs Qualys CyberSecurity Asset Management

BigFix vs Qualys CyberSecurity Asset Management

JFrog Xray vs Qualys CyberSecurity Asset Management

TrendAI Vision One – Cloud Security vs Qualys CyberSecurity Asset Management

Tenable Vulnerability Management vs Qualys CyberSecurity Asset Management

See all alternatives

Qualys CyberSecurity Asset Management Reviews Summary
Author info	Rating	Review Summary
Information Security Engineer at a manufacturing company with 5,001-10,000 employees	4.0	I found Qualys CyberSecurity Asset Management valuable for asset visibility and automation, though its discovery and integration features need improvement. It's stable, scalable, and offers good value, but exporting data is challenging and setup requires technical effort.
SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees	4.0	I've used Qualys CyberSecurity Asset Management for 10 months to manage assets and remediation, but issues with inaccurate data, slow performance, and high costs limit its effectiveness, though its integration and TruRisk scoring are valuable.
Vulnerability Management Analyst III at America First Credit Union	4.5	I use Qualys CyberSecurity Asset Management mainly for tagging and asset tracking; it's stable and scalable but needs better activity logs, search features, and manual merging. Support has improved, though the interface and some functionalities remain frustrating.
IT Security Manager at a manufacturing company with 10,001+ employees	4.5	Qualys CyberSecurity Asset Management helps me monitor and manage our environment effectively, though support can be slow at times. Setup was smooth, and I find features like TruRisk scoring and EOL detection especially valuable for prioritizing vulnerabilities.
IT Security Manager at Alter Domus	5.0	We've used Qualys CyberSecurity Asset Management for a few months to gain a holistic view of assets, prioritize vulnerabilities using TruRisk, and support multiple security teams, though the UI still needs improvement for smoother navigation.
Cyber Security Specialist at a financial services firm with 10,001+ employees	5.0	We use Qualys CyberSecurity Asset Management for daily asset identification, tracking True Risk Scores for vulnerability prioritization, and coordinating with IT to verify machine specifications. Its extensive asset categorization outperforms alternatives like Rapid7 and CrowdStrike.
Technical Expert at a manufacturing company with 10,001+ employees	4.5	I've used Qualys CyberSecurity Asset Management for eight months to consolidate asset management across our sites, valuing its cloud-based vulnerability tracking, though integration challenges, especially with ServiceNow and complex environments, could be improved.
Security Delivery Senior Analyst at Accenture	5.0	I've used Qualys CyberSecurity Asset Management for over three years, mainly for VMDR and web app scanning, valuing its accuracy, ease of use, low false positives, strong support, and time-saving capabilities during penetration testing.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	140 interviews Add to research
SentinelOne Singularity Cloud Security	4.4	N/A	99%	123 interviews Add to research

Qualys CyberSecurity Asset Management Reviews

What is Qualys CyberSecurity Asset Management?

Featured Qualys CyberSecurity Asset Management reviews

Qualys CyberSecurity Asset Management mindshare

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Related questions

Product Categories

Popular Comparisons