Qualys Policy Compliance Reviews

Name: Qualys Policy Compliance
Brand: Qualys
Rating: 4.3 (7 reviews)

4.3 out of 5

7 reviews
100% willing to recommend

177 followers

What is Qualys Policy Compliance?

Qualys Policy Compliance (PC) automates the collection of technical controls from information assets within the enterprise, and maps this information to policies to fix and document compliance with regulations and business mandates. It provides compliance reporting by leveraging a comprehensive knowledge-base that is mapped to prevalent security regulations, industry standards and compliance frameworks.

Get the Qualys Policy Compliance Buyer's Guide and find out what your peers are saying about Qualys Policy Compliance and more!

Buyer's Guide

Qualys Policy Compliance

June 2025

Get the report

Helped 859,129 peers since 2012

Featured Qualys Policy Compliance reviews

Bhupendra Nayak

Cyber Security Consultant at Confidential

We use QualysGuard Policy Compliance for VMDR (Vulnerability Management, Detection and Response). We can use the solution to detect, block, and mitigate vulnerabilities The most valuable feature of QualysGuard Policy Compliance is the automation that can detect real-time threats and decrease…

Read full review

reviewer2508633

Technical Security Solutions Architecture at NTT DATA

I have experience working with this product. I have been working on Qualys Policy Compliance, Prisma Cloud, QRadar, and Splunk. From Qualys Policy Compliance, I have been working with all the services, such as VMDR, assets, container security, and sensors, and I have been involved in PCI compliance and those kinds of compliance tasks. For the policy compliance product, I have been working on PCI and HIPAA compliance and also internal policy compliance against our policy. I rate Qualys Policy Compliance a 9 out of 10.

Read full review

Beatrice Sirchis

Application Security Manager at IDB BAnk

In one platform, we can see the compliance level. It takes time to realize its benefits, but that is not because of the platform. It is related to the enterprise. It depends on how long it takes for the infrastructure team to deploy and maintain the policy for existing assets and new assets and to maintain the Qualys agents and get them up and running. It is also based on the enterprise-wise agreement on how often compliance should be validated. After all these parameters are clear and defined by the enterprise, the platform is straightforward. It allows validation and follow-up for the status.

Read full review

Qualys Policy Compliance mindshare

As of June 2025, the mindshare of Qualys Policy Compliance in the IT Governance category stands at 2.5%, up from 1.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

IT Governance

PeerResearch reports based on Qualys Policy Compliance reviews

Type	Title	Date
Category	IT Governance	Jun 26, 2025	Download
Product	Reviews, tips, and advice from real users	Jun 26, 2025	Download
Comparison	Qualys Policy Compliance vs RSA Archer	Jun 26, 2025	Download
Comparison	Qualys Policy Compliance vs IBM OpenPages	Jun 26, 2025	Download
Comparison	Qualys Policy Compliance vs MetricStream	Jun 26, 2025	Download

Key learnings from peers

Last updated Jun 22, 2025

Valuable Features

Qualys Policy Compliance offers customizable policies with comprehensive, lucid compliance reports. Users value the binary decision-making based on custom policies, integration with SIEM tools, and automation for real-time threat detection. The platform's ability to define enterprise policy, generate clear dashboards, and its extensive reporting enhances understanding. The interface supports asset scanning and automatic patching, and the integration with Confluence, Jira, and ServiceNow adds additional value. Predefined templates simplify compliance requirements application.

"From the Qualys Policy Compliance, the best feature is that they have predefined templates for compliances, allowing easy application of compliance requirements against our products and providing clear reports on whether assets are compliant or not."
"The solution's interface looks good, which enhances asset scanning and ensures automatic patching."
"The reporting and security checks are valuable."

Room for Improvement

Qualys Policy Compliance requires enhancements in reporting capabilities, particularly in management and CI/CD pipelines. Users note challenges with policy versioning and implementation compared to CIS standards, leading to potential support overload. Faster technical support and improved detection features are desired. Users express a need for comprehensive educational resources and better alignment with automation languages like Python or Ansible, emphasizing improvements in policy creation and handling. Training for beginners would enhance user experience.

"They need to improve the reporting part of the CI/CD pipelines and the ability to download scans from pods."
"Some sort of education or knowledge base about the product would be beneficial for beginners."
"The policy creation aspect needs improvement."

ROI

Many customers indicate a return on investment from using Qualys Policy Compliance compared to other options. They find it delivers quick results and offers ease of use and reliability. Calculating ROI precisely can be challenging yet users report efficiency, saving time and effort. Some cannot currently determine its cost-effectiveness or ROI specifics.

Pricing

Qualys Policy Compliance pricing is variable, typically mid-range, based on features and number of devices, though specifics are often confidential due to NDAs. Some perceive costs as high, yet many note it as cost-efficient, highlighting its security features. Companies regard it as a worthwhile investment, with enterprise-level pricing influencing its usage without specific comparison to other solutions. Most firms appreciate its value despite it being rated expensive by some.

"The prices might be a little bit high. I cannot compare it with another product because we did not try any other product, but this is my impression when comparing different modules."
"The solution's pricing is in the mid-range, where it is neither expensive nor very cheap."

Popular Use Cases

Organizations use Qualys Policy Compliance primarily to harden servers based on predefined benchmarks. It is employed for comparing security configurations of operating systems and applications against best practices. This includes policy checks for platforms like Windows and Linux, compliance before deployment, and monitoring vulnerabilities affecting compliance. Users utilize templates such as PCI and FedRAMP, leveraging it for VMDR to detect, block, and manage vulnerabilities, ensuring security standards are upheld.

Service and Support

Customer service and support for Qualys Policy Compliance receive positive ratings, with users highlighting responsiveness and effectiveness. Support is generally rated between eight and nine out of ten. Some experienced slight challenges when providing necessary evidence for issues, but understand its importance for resolution. Despite a few unresolved cases, technical support is mostly seen as commendable. While some hardly require assistance, others acknowledge support's helpful approach, including the potential need for meetings to clarify issues.

Deployment

Organizations find Qualys Policy Compliance's initial setup straightforward and easy, involving simple agent installation. While network scans may require in-depth discussions and can depend on client readiness, basic deployment typically finalizes within days. Importing policies from best practice libraries involves quick customization, and some controls need extra research or support. The platform’s unified features justify the effort, and its installation can be managed individually by knowledgeable users.

Scalability

Users find Qualys Policy Compliance scalable, capable of managing numerous IPs during scans. Although the speed may vary across platforms, it handles cloud, hybrid cloud, and PC integration effectively. Adjustments in licensing are necessary for infrastructure growth. Its scalability is highly rated for cloud agents, scanning capabilities, and integration with ticketing tools. Users, trained in its deployment, report potential improvements in interface speed, yet appreciate its capability in diverse environments.

Stability

Qualys Policy Compliance exhibits exceptional stability and reliability. Users have unanimously noted its robustness and consistent performance, especially during extensive scanning activities. There have been no reports of module crashes, and it is rare for them to encounter performance problems, estimated at a minimal rate of 0.1 to 0.01%. Qualys Policy Compliance earned a stability rating of nine out of ten due to its strong availability and effective report production.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Policy Compliance Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Healthcare Company

19%

Financial Services Firm

17%

Government

Educational Organization

Computer Software Company

Hospitality Company

Insurance Company

Performing Arts

Comms Service Provider

Consumer Goods Company

Manufacturing Company

Outsourcing Company

Real Estate/Law Firm

University

Legal Firm

Logistics Company

Retailer

Qualys Policy Compliance customers

PDX, Cigna

Product Categories

IT Governance

Qualys Policy Compliance Reviews

What is Qualys Policy Compliance?

Featured Qualys Policy Compliance reviews

Qualys Policy Compliance mindshare

PeerResearch reports based on Qualys Policy Compliance reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Top industries

Qualys Policy Compliance customers

Related questions

Product Categories