Qualys CyberSecurity Asset Management Reviews

Name: Qualys CyberSecurity Asset Management
Brand: Qualys
Rating: 4.5 (32 reviews)

Vendor: Qualys

4.5 out of 5

32 reviews
96% willing to recommend

Leave a review

What is Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Get the Qualys CyberSecurity Asset Management Buyer's Guide and find out what your peers are saying about Qualys CyberSecurity Asset Management, CrowdStrike Falcon, Wiz and more!

Qualys CyberSecurity Asset Management is the #3 ranked solution in top Cyber Asset Attack Surface Management (CAASM) solutions, #3 ranked solution in top Attack Surface Management (ASM) solutions, #4 ranked solution in top Patch Management solutions, #4 ranked solution in top Software Supply Chain Security solutions, and #8 ranked solution in top Vulnerability Management solutions. PeerSpot users give Qualys CyberSecurity Asset Management an average rating of 9.0 out of 10. Qualys CyberSecurity Asset Management is most commonly compared to CrowdStrike Falcon: Qualys CyberSecurity Asset Management vs CrowdStrike Falcon. Qualys CyberSecurity Asset Management is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Qualys CyberSecurity Asset Management

December 2025

Get the report

Helped 879,259 peers since 2012

Featured Qualys CyberSecurity Asset Management reviews

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

The alternative solution I used was Tenable. I used to prefer Tenable, thinking of Qualys as the underdog. However, after working more with Qualys, I’ve come to appreciate it more. It's not because it’s more powerful or because it doesn’t have any issues or better features, but because it is more transparent. Tenable is very easy to use, but it doesn’t provide a clear understanding of its inner workings. In contrast, Qualys can be more complex to use due to its numerous settings and the need for additional training, but at least it gives you a clearer idea of what it does. Comparing the two is challenging. Tenable is more powerful, but whether that power is necessary depends on your specific needs. I acknowledge that Tenable is more expensive, as it requires purchasing additional modules. Overall, Qualys is a great option.

Read full review

Arshad N. R.

Cyber Security Specialist at UBS Financial

We use the True Risk Score for vulnerability prioritization, though we do not solely rely upon it since some assets may be decommissioned soon or not in use. From Qualys CyberSecurity Asset Management, we primarily focus on internet-facing assets. We have created separate tasks for internet-facing assets and track the True Risk dashboard specifically for these assets. If the True Risk Score is higher for any internet-facing assets, then we take action accordingly. The True Risk Score is very helpful for prioritization. The initial setup was straightforward and easy. We needed to create customized tags, group them twice, and validate whether the operating system detection was true positive or false positive. We encountered some false positives, which required coordination with the IT team for verification. In six months, we had approximately 20-25 machines that needed verification on a weekly basis. We coordinated with the IT team to identify the exact operating system specifications.

Read full review

Christopher Mateski

SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees

The CMDB Sync affects our mean time to remediation. Using the VMDR module with the CMDB, we sync our vulnerabilities to the CMDB and asset information. We receive asset owner information and application owner information, which helps us understand who we need to work with to remediate vulnerabilities. When we can pull that information from the CMDB, it's very helpful.The TruRisk score helps me prioritize vulnerabilities and assets. The TruRisk score allows us to show where we have our highest risk. When an asset has a very high TruRisk score, it's easy to demonstrate to partners that an asset needs immediate remediation. However, when a TruRisk score is moderate or low and has vulnerabilities on the attack surface, it appears healthier than it is. Our partners might delay addressing these assets due to the lower score, despite their presence on the attack surface making them more vulnerable. Qualys CyberSecurity Asset Management enables us to identify end-of-life and end-of-support software.

Read full review

Qualys CyberSecurity Asset Management mindshare

Product category:

As of December 2025, the mindshare of Qualys CyberSecurity Asset Management in the Cyber Asset Attack Surface Management (CAASM) category stands at 10.4%, up from 5.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cyber Asset Attack Surface Management (CAASM) Market Share Distribution
Product	Market Share (%)
Qualys CyberSecurity Asset Management	10.4%
Axonius	29.1%
Armis	20.6%
Other	39.9%

Cyber Asset Attack Surface Management (CAASM)

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Type	Title	Date
Category	Cyber Asset Attack Surface Management (CAASM)	Dec 29, 2025	Download
Product	Reviews, tips, and advice from real users	Dec 29, 2025	Download
Comparison	Qualys CyberSecurity Asset Management vs Armis	Dec 29, 2025	Download
Comparison	Qualys CyberSecurity Asset Management vs Axonius	Dec 29, 2025	Download

Valuable Features

Qualys CyberSecurity Asset Management offers features like asset inventory, dynamic tagging, real-time monitoring, and risk identification. It provides comprehensive asset discovery, end-of-life tracking, and external attack surface management. The integration with other tools enhances vulnerability management, while TruRisk scoring helps prioritize issues. Users value its ability to manage authorized and unauthorized software, automate patch management, and ensure compliance across cloud and on-premises environments. Its detailed dashboards are also appreciated for providing insightful data.

"I use it primarily with tagging, asset counts, and groups that we can put them in, and we also use it to tell if a device has been merged and seen in Qualys CyberSecurity Asset Management, so that's beneficial for us too."
"The support has been excellent; they are responsive and effectively bring in the appropriate resources to help solve problems."
"The dashboards are my favorite feature; I can pull up information and create my own dashboards specifically for what I'm looking for."

Room for Improvement

Qualys CyberSecurity Asset Management requires cost-effective integration with affordable CMDBs, improved report customization, better user interface and accessibility, enhanced scanning capabilities, and expanded integration with third-party tools and cloud environments. Users suggested improvements in dynamic tagging, query language, and agent processing speed. The stability issues and responsiveness need addressing, and enhanced support for asset mapping and vulnerability context is desired. Expanding learning resources and role-based access control features would help users.

"The activity log is terrible."
"The product stability has notably declined over the last two months, and the performance to fulfill a page request is very slow compared to its previous performance."
"We've received very poor guidance from them, especially after learning several things we need to fix during the Qualys conference."

ROI

Qualys CyberSecurity Asset Management greatly improved efficiency, saving around 45% in time and lowering costs by 35%. It enhanced security infrastructure visibility, decreased security incidents, and reduced labor expenses by about $109,000 annually. Streamlined vulnerability management led to significant ROI through new contracts worth approximately $99,000 and facilitated completion of pen testing tasks faster. It required fewer resources for data consolidation, configuration, and reduced development hours for AWS cloud compatibility.

Pricing

Qualys CyberSecurity Asset Management's pricing is perceived as high and can be a barrier for small organizations, although it offers competitive value for larger enterprises with substantial asset management needs. Its pricing structure is transparent and flexible, accommodating specific user needs. Qualys provides excellent value with its comprehensive toolset, although some users perceive it as expensive due to its requirement as a VMDR add-on. Bundling can enhance its attractiveness.

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"The pricing is market-competitive."

Popular Use Cases

Organizations use Qualys CyberSecurity Asset Management to manage technical debt by identifying end-of-life software and hardware, improve asset tracking, and enhance security posture. They utilize it for vulnerability management, software lifecycle monitoring, and asset categorization. With its cloud-based nature, CSAM aids in prioritizing vulnerabilities, patch management, and ensuring compliance with industry standards through detailed insights. Its functionalities include asset visibility, attack surface management, and reporting capabilities for better cybersecurity management.

Service and Support

Qualys CyberSecurity Asset Management customer service and support receive high ratings for their responsiveness and technical expertise. Users commend the prompt resolution of issues, knowledgeable team, and effective support documentation. Some note delays in complex cases or when redirected to different teams. Many rate the support highly, appreciating the involvement of technical account managers and strong community support. Occasional feedback mentions limitations in prioritizing tickets, but generally, the support is efficient and well-rated by users.

Deployment

Qualys CyberSecurity Asset Management's initial deployment is generally straightforward and seamless, especially for existing VMDR users. Many find it easy with cloud agents and require minimal maintenance. While some setups involve collaboration with Qualys support, experienced users streamline the process. The deployment duration varies, often depending on network complexity and existing infrastructure, with transitions to cloud environments proving smooth. Configuration challenges are more prevalent in larger IT environments, with detailed documentation required.

Scalability

Qualys CyberSecurity Asset Management demonstrates excellent scalability, accommodating environments from small deployments to hundreds of thousands of assets seamlessly. It efficiently supports a diverse array of features and substantial data, facilitating use across multiple countries and varied infrastructure types. Users consistently report a high scalability rating and an absence of limitations, highlighting its ability to manage numerous endpoints and integrate smoothly with existing IT systems, effectively meeting diverse organizational needs.

Stability

Qualys CyberSecurity Asset Management displays reliable stability with occasional syncing issues or slowness, often post-updates. Users rate its stability between seven and ten out of ten. Instances of lagging or crashing are infrequent, and many have faced no significant stability concerns. Some report excellent uptime, while others note increased slowness recently. Overall, it efficiently manages data and remains a stable choice, with only minor discrepancies noticed by some users.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys CyberSecurity Asset Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	23

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	123
Midsize Enterprise	73
Large Enterprise	275

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

13%

Manufacturing Company

Comms Service Provider

Government

Insurance Company

Outsourcing Company

Performing Arts

Retailer

Educational Organization

Transportation Company

Non Profit

Healthcare Company

Media Company

University

Real Estate/Law Firm

Marketing Services Firm

Logistics Company

Construction Company

Energy/Utilities Company

Legal Firm

Wholesaler/Distributor

Consumer Goods Company

Hospitality Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?

Real-time Visibility: Offers continuous insight into asset status and condition.
Dynamic Tagging: Allows for flexible organization and assessment of assets.
External Attack Surface Management: Identifies potential threats from external sources.
Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
Unauthorized Software Management: Detects and manages software not approved for use.
Asset Purge Rule: Automates the removal of obsolete assets from the inventory.

What benefits should users look for in reviews?

Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
Improved Compliance: Assists in meeting industry standards and regulations.
Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Wiz vs Qualys CyberSecurity Asset Management

SentinelOne Singularity Cloud Security vs Qualys CyberSecurity Asset Management

Darktrace vs Qualys CyberSecurity Asset Management

Qualys VMDR vs Qualys CyberSecurity Asset Management

Tanium vs Qualys CyberSecurity Asset Management

Microsoft Configuration Manager vs Qualys CyberSecurity Asset Management

JFrog Xray vs Qualys CyberSecurity Asset Management

Orca Security vs Qualys CyberSecurity Asset Management

NinjaOne vs Qualys CyberSecurity Asset Management

Tenable Vulnerability Management vs Qualys CyberSecurity Asset Management

BigFix vs Qualys CyberSecurity Asset Management

Check Point CloudGuard CNAPP vs Qualys CyberSecurity Asset Management

Trend Vision One - Cloud Security vs Qualys CyberSecurity Asset Management

Cymulate vs Qualys CyberSecurity Asset Management

See all alternatives

Qualys CyberSecurity Asset Management Reviews Summary
Author info	Rating	Review Summary
Information Security Engineer at a manufacturing company with 5,001-10,000 employees	4.0	I found Qualys CyberSecurity Asset Management valuable for asset visibility and automation, though its discovery and integration features need improvement. It's stable, scalable, and offers good value, but exporting data is challenging and setup requires technical effort.
Cyber Security Specialist at UBS Financial	5.0	We use Qualys CyberSecurity Asset Management for daily asset identification, tracking True Risk Scores for vulnerability prioritization, and coordinating with IT to verify machine specifications. Its extensive asset categorization outperforms alternatives like Rapid7 and CrowdStrike.
SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees	4.0	I've used Qualys CyberSecurity Asset Management for 10 months to manage assets and remediation, but issues with inaccurate data, slow performance, and high costs limit its effectiveness, though its integration and TruRisk scoring are valuable.
Vulnerability Management Analyst III at America First Credit Union	4.5	I use Qualys CyberSecurity Asset Management mainly for tagging and asset tracking; it's stable and scalable but needs better activity logs, search features, and manual merging. Support has improved, though the interface and some functionalities remain frustrating.
IT Security Manager at a manufacturing company with 10,001+ employees	4.5	Qualys CyberSecurity Asset Management helps me monitor and manage our environment effectively, though support can be slow at times. Setup was smooth, and I find features like TruRisk scoring and EOL detection especially valuable for prioritizing vulnerabilities.
IT Security Manager at Alter Domus	5.0	We've used Qualys CyberSecurity Asset Management for a few months to gain a holistic view of assets, prioritize vulnerabilities using TruRisk, and support multiple security teams, though the UI still needs improvement for smoother navigation.
Security Delivery Senior Analyst at Accenture	5.0	I've used Qualys CyberSecurity Asset Management for over three years, mainly for VMDR and web app scanning, valuing its accuracy, ease of use, low false positives, strong support, and time-saving capabilities during penetration testing.
Technical Expert at a manufacturing company with 10,001+ employees	4.5	I've used Qualys CyberSecurity Asset Management for eight months to consolidate asset management across our sites, valuing its cloud-based vulnerability tracking, though integration challenges, especially with ServiceNow and complex environments, could be improved.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	136 interviews Add to research
Wiz	4.5	N/A	96%	33 interviews Add to research

Qualys CyberSecurity Asset Management Reviews

What is Qualys CyberSecurity Asset Management?

Featured Qualys CyberSecurity Asset Management reviews

Qualys CyberSecurity Asset Management mindshare

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Related questions

Product Categories

Popular Comparisons