Qualys CyberSecurity Asset Management Reviews

Name: Qualys CyberSecurity Asset Management
Brand: Qualys
Rating: 4.6 (23 reviews)

4.6 out of 5

23 reviews
100% willing to recommend

What is Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Get the Qualys CyberSecurity Asset Management Buyer's Guide and find out what your peers are saying about Qualys CyberSecurity Asset Management, CrowdStrike Falcon, Wiz and more!

Qualys CyberSecurity Asset Management is the #3 ranked solution in top Cyber Asset Attack Surface Management (CAASM) solutions, #3 ranked solution in top Attack Surface Management (ASM) solutions, #5 ranked solution in top Software Supply Chain Security solutions, #6 ranked solution in top Patch Management solutions, and #8 ranked solution in top Vulnerability Management solutions. PeerSpot users give Qualys CyberSecurity Asset Management an average rating of 9.2 out of 10. Qualys CyberSecurity Asset Management is most commonly compared to CrowdStrike Falcon: Qualys CyberSecurity Asset Management vs CrowdStrike Falcon. Qualys CyberSecurity Asset Management is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Buyer's Guide

Qualys CyberSecurity Asset Management

August 2025

Get the report

Helped 866,561 peers since 2012

Featured Qualys CyberSecurity Asset Management reviews

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

The alternative solution I used was Tenable. I used to prefer Tenable, thinking of Qualys as the underdog. However, after working more with Qualys, I’ve come to appreciate it more. It's not because it’s more powerful or because it doesn’t have any issues or better features, but because it is more transparent. Tenable is very easy to use, but it doesn’t provide a clear understanding of its inner workings. In contrast, Qualys can be more complex to use due to its numerous settings and the need for additional training, but at least it gives you a clearer idea of what it does. Comparing the two is challenging. Tenable is more powerful, but whether that power is necessary depends on your specific needs. I acknowledge that Tenable is more expensive, as it requires purchasing additional modules. Overall, Qualys is a great option.

Read full review

Scott Frederick

Director of Vulnerability Management at a insurance company with 1,001-5,000 employees

Our favorite features are the tagging and the ability to quickly find assets in the portal. Additionally, I do like the fact that Qualys CSAM is integrated with the rest of our vulnerability scanning utilities. We use the full suite from Qualys. The fact that it is integrated makes it very easy to understand. It shares tagging information with VMDR. That is very nice. Qualys CSAM has discovered assets not previously covered by our vulnerability management program. Primarily, if we have assets without vulnerabilities, they become less visible, but Qualys CSAM alerts us to them because they have IP addresses and are attached to our network. It could discover everything from printers to servers to endpoints. It could discover UPSs, network devices, and across all operating systems. It discovers our security badge readers and digital signage. We have to feed that the IP address ranges, but beyond that, it finds everything in our internal network. We were able to realize its benefits within the first quarter of installing it. We did have to take some time to learn it and understand how to operationally leverage what it was telling us, but it was very quick. In addition to vulnerabilities, Qualys CSAM helps identify other risk factors to a degree. For instance, we can see if servers or assets have incorrect naming standards. We have our network segmented into development model, test, and production, and we have server naming standards that identify which management they should be in. If a production server has the naming standard of a development model server, we can find that. That is one area we have used it for. We are not fully using TruRisk, but we are using the Qualys detection score that is central to our corporate risk prioritization approach. It has completely replaced our homegrown one.

Read full review

Curtis Nielson

Security Operations Manager at Solventum

Defense-in-depth is very important. There are many layers to a network. There are many layers to an operating system, and there are many layers to applications. It is essential to provide security, detection, and prevention at each one of those layers. To a colleague at another company who says they only need to add External Attack Surface Management to their vulnerability management detection/response program but they do not need the full depth of the CSAM offering, I would say that they are likely to get hacked. We do not use Qualys CSAM for the entire attack surface. We primarily use it for production deployments. Our entire attack surface, corporate-wise, is managed elsewhere. It is competitive. It is not the best that I have seen, but it is competitive. TruRisk Scoring helps prioritize vulnerabilities and assets, but we do not use it all that much. Our reporting requirements are tied to CVE rankings. While we sometimes take a look at it, we do not rely on it. We use the solution's CMDB Sync feature, but we use it more as a confirmation of an existing CMDB tool we have. I would rate Qualys CSAM an eight out of ten.

Read full review

Qualys CyberSecurity Asset Management mindshare

Product category:

As of September 2025, the mindshare of Qualys CyberSecurity Asset Management in the Cyber Asset Attack Surface Management (CAASM) category stands at 10.6%, up from 3.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cyber Asset Attack Surface Management (CAASM) Market Share Distribution
Product	Market Share (%)
Qualys CyberSecurity Asset Management	10.6%
Axonius	32.7%
Armis	22.7%
Other	34.0%

Cyber Asset Attack Surface Management (CAASM)

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Type	Title	Date
Category	Cyber Asset Attack Surface Management (CAASM)	Sep 5, 2025	Download
Product	Reviews, tips, and advice from real users	Sep 5, 2025	Download
Comparison	Qualys CyberSecurity Asset Management vs Armis	Sep 5, 2025	Download
Comparison	Qualys CyberSecurity Asset Management vs Axonius	Sep 5, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	135 interviews Add to research
Wiz	4.5	N/A	95%	22 interviews Add to research

Valuable Features

Key features of Qualys CyberSecurity Asset Management include dynamic tagging, Asset Purge Rule, comprehensive asset discovery, and external attack surface management. It provides real-time visibility, end-of-life information, and integration with vulnerability scanning utilities. The platform enhances risk identification, efficient tagging, unauthorized software management, and network compliance by offering detailed asset information, including operating systems, applications, and vendor support. It allows for proactive security measures, streamlined vulnerability management, and accurate risk prioritization.

"The asset management part is very simple and essential, and Qualys CyberSecurity Asset Management was particularly effective because the information was available exactly where needed, enabling automation and quick access to necessary answers."
"The support is extremely helpful, deserving a 10 out of 10 rating."
"Overall, I would give Qualys CyberSecurity Asset Management a nine out of ten."

Room for Improvement

Qualys CyberSecurity Asset Management requires enhancements such as improved user interface design, better scan frequency control in the EASM module, more efficient agent processing, refined reporting capabilities, and expanded integration options. Users find the tagging system unintuitive and face challenges with asset discovery and customization. Reports could be more customizable, allowing direct customization before downloading, and integration capabilities with various tools need development. Overall, users desire an intuitive platform with robust role-based access control.

"With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system."
"We encountered some false positives, which required coordination with the IT team for verification."
"The deployment is somewhat complicated and could be made more user-friendly for most users."

ROI

Qualys CyberSecurity Asset Management significantly increased ROI through efficient vulnerability management, reducing costs by 35% and labor expenses by $109,000 annually. It automated tasks, saving 45% of time and resources while enhancing visibility into security infrastructure. Improved client trust generated $99,000 in new contracts, contributing to 150% business growth. It minimized the need for development and configuration changes, reducing hours spent on data handling from different tools, and decreased security incidents.

Pricing

Enterprise users of Qualys CyberSecurity Asset Management report mixed experiences with pricing. While some view the costs as high, others find the pricing fair and competitive, especially for organizations managing over 4,000 assets. The tool offers significant value with transparent, flexible pricing options that align with specific needs. Bundling with services like VMDR enhances its value proposition. Qualys is considered effective and reliable, providing a centralized solution which justifies its cost for many organizations.

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"The pricing is market-competitive."

Popular Use Cases

Organizations use Qualys CyberSecurity Asset Management for asset tracking, vulnerability management, and enhancing security posture. It identifies end-of-life software, detects zero-day vulnerabilities, and categorizes assets. Users benefit from improved visibility into on-premises and cloud environments, facilitating compliance and asset inventory management. The platform provides detailed insights into installed software, configurations, and risk assessments, helping to prioritize vulnerabilities based on criticality and business impact. Customizable tags and external attack surface management enhance its utility.

Service and Support

Qualys CyberSecurity Asset Management customer support is praised for its knowledge and responsiveness. Support features include prompt responses, knowledgeable staff, and effective resolution for complex issues. Governance calls and detailed documentation are available. Users appreciate quick contact with support executives, although occasional delays and team redirects occur. The community and forums provide added assistance. Most users rate support between nine and ten out of ten.

Deployment

Qualys CyberSecurity Asset Management's initial setup is generally straightforward and quick, especially for those already using VMDR. Deployment varies in time, often taking one week to a month. Experienced teams find installation easier, and cloud-based features reduce maintenance needs. Licensing activation is simple, with cloud agents and passive sensors facilitating data collection. Setup complexity depends on existing infrastructure and personnel experience. Qualys documentation and vendor support are valuable for resolving issues efficiently.

Scalability

Qualys CyberSecurity Asset Management is noted for its high scalability, effectively accommodating various deployment sizes. Many users rate its scalability between nine to ten, successfully supporting diverse environments with thousands of endpoints and assets. Its cloud-based structure facilitates seamless integration and expansion across multiple geographical locations. The platform manages substantial data efficiently, offering a comprehensive asset management view, and demonstrating proven performance for both smaller and larger enterprise needs.

Stability

Qualys CyberSecurity Asset Management demonstrates strong stability. Users frequently rate it between seven and ten for stability. While some encounter slowness or issues post-updates, many report smooth operation and consistent uptime. Occasional syncing issues and query crashes are sometimes noted. Most appreciate its reliability, robust design, and ability to handle vast data. Many enjoy timely updates and note minimal disconnections or significant instability. Integration with various sources appears well-managed, leading to high satisfaction.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys CyberSecurity Asset Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	2
Large Enterprise	15

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	97
Midsize Enterprise	61
Large Enterprise	226

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

14%

Government

Manufacturing Company

Comms Service Provider

Retailer

Outsourcing Company

Insurance Company

Performing Arts

Educational Organization

Healthcare Company

Non Profit

University

Media Company

Real Estate/Law Firm

Transportation Company

Energy/Utilities Company

Logistics Company

Legal Firm

Wholesaler/Distributor

Construction Company

Consumer Goods Company

Hospitality Company

Pharma/Biotech Company

Marketing Services Firm

Recreational Facilities/Services Company

Leisure / Travel Company

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?

Real-time Visibility: Offers continuous insight into asset status and condition.
Dynamic Tagging: Allows for flexible organization and assessment of assets.
External Attack Surface Management: Identifies potential threats from external sources.
Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
Unauthorized Software Management: Detects and manages software not approved for use.
Asset Purge Rule: Automates the removal of obsolete assets from the inventory.

What benefits should users look for in reviews?

Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
Improved Compliance: Assists in meeting industry standards and regulations.
Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Wiz vs Qualys CyberSecurity Asset Management

Darktrace vs Qualys CyberSecurity Asset Management

Qualys VMDR vs Qualys CyberSecurity Asset Management

Tanium vs Qualys CyberSecurity Asset Management

Orca Security vs Qualys CyberSecurity Asset Management

Tenable Vulnerability Management vs Qualys CyberSecurity Asset Management

JFrog Xray vs Qualys CyberSecurity Asset Management

NinjaOne vs Qualys CyberSecurity Asset Management

Microsoft Defender Vulnerability Management vs Qualys CyberSecurity Asset Management

Lacework FortiCNAPP vs Qualys CyberSecurity Asset Management

Armis vs Qualys CyberSecurity Asset Management

Amazon Inspector vs Qualys CyberSecurity Asset Management

Axonius vs Qualys CyberSecurity Asset Management

Mandiant Advantage vs Qualys CyberSecurity Asset Management

See all alternatives

Qualys CyberSecurity Asset Management Reviews Summary
Author info	Rating	Review Summary
Information Security Lead at a consultancy with 10,001+ employees	5.0	I use Qualys CSAM for comprehensive asset visibility and security monitoring. Its EASM module and IoT asset discovery are valuable, though scan frequency control and improved software mapping in reports would enhance its utility. AssetView lacked these crucial features.
Android Developer at Droidforge	4.0	At our Android development company, Qualys CyberSecurity Asset Management provides real-time visibility and protection for digital assets, reduces security incidents, streamlines vulnerability management, and boosts trust, though improvements in UI, reporting, and integration could enhance its effectiveness.
Information Security Engineer at a manufacturing company with 5,001-10,000 employees	4.0	I found Qualys CyberSecurity Asset Management valuable for asset visibility and automation, though its discovery and integration features need improvement. It's stable, scalable, and offers good value, but exporting data is challenging and setup requires technical effort.
Cyber Security Specialist at UBS Financial	5.0	We use Qualys CyberSecurity Asset Management for daily asset identification, tracking True Risk Scores for vulnerability prioritization, and coordinating with IT to verify machine specifications. Its extensive asset categorization outperforms alternatives like Rapid7 and CrowdStrike.
Director of Vulnerability Management at a insurance company with 1,001-5,000 employees	4.5	We use Qualys CSAM to collect asset information and tag on-premises assets. It integrates well with our vulnerability tools and enhances visibility. However, software categorization could improve, and dynamic rules are needed. It replaced our previous CMDB solution.
Security Operations Manager at Solventum	4.0	We use Qualys CSAM primarily for scanning and vulnerability management to meet StateRamp compliance. Its cloud-based nature reduces management effort, though agent configuration poses challenges. It has improved AWS integration and reduced development hours compared to previous solutions.
Information Security - Manager at Infosys	5.0	No summary available
Analyst III - Information Security and Compliance at a financial services firm with 201-500 employees	4.5	I use Qualys CyberSecurity Asset Management to enhance asset tracking and security posture. It excels in asset discovery and delivers robust ROI. Though cloud syncing presents challenges, its interface and support surpass competitors like Tenable Nessus and Rapid7.

Qualys CyberSecurity Asset Management Reviews

What is Qualys CyberSecurity Asset Management?

Featured Qualys CyberSecurity Asset Management reviews

Qualys CyberSecurity Asset Management mindshare

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Related questions

Product Categories

Popular Comparisons