No more typing reviews! Try our Samantha, our new voice AI agent.
Qualys Policy Compliance Logo

Qualys Policy Compliance Reviews

Vendor: Qualys
4.4 out of 5
Leave a review

What is Qualys Policy Compliance?

Qualys Policy Compliance offers seamless compliance management featuring real-time threat detection, policy customization, and integration with SIEM and ticketing tools. It supports both on-premises and cloud assets, ensuring comprehensive security management.

Get the Qualys Policy Compliance Buyer's Guide and find out what your peers are saying about Qualys Policy Compliance, RSA Archer, IBM OpenPages and more!
Qualys Policy Compliance is the #2 ranked solution in top IT Governance solutions. PeerSpot users give Qualys Policy Compliance an average rating of 8.8 out of 10. Qualys Policy Compliance is most commonly compared to RSA Archer: Qualys Policy Compliance vs RSA Archer. Qualys Policy Compliance is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a healthcare company, accounting for 13% of all views.
Buyer's Guide
Qualys Policy Compliance
April 2026
Get the report
Helped 892,383 peers since 2012

Featured Qualys Policy Compliance reviews

Read more reviews

Qualys Policy Compliance mindshare

As of April 2026, the mindshare of Qualys Policy Compliance in the IT Governance category stands at 4.0%, up from 2.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.
IT Governance Mindshare Distribution
ProductMindshare (%)
Qualys Policy Compliance4.0%
RSA Archer22.0%
MetricStream15.3%
Other58.7%
IT Governance

PeerResearch reports based on Qualys Policy Compliance reviews

TypeTitleDate
CategoryIT GovernanceApr 30, 2026Download
ProductReviews, tips, and advice from real usersApr 30, 2026Download
ComparisonQualys Policy Compliance vs RSA ArcherApr 30, 2026Download
ComparisonQualys Policy Compliance vs IBM OpenPagesApr 30, 2026Download
ComparisonQualys Policy Compliance vs MetricStreamApr 30, 2026Download
Suggested products
TitleRatingMindshareRecommending
RSA Archer4.022.0%92%42 interviewsAdd to research
IBM OpenPages3.614.5%71%9 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Qualys Policy Compliance offers customizable policies with comprehensive, lucid compliance reports. Users value the binary decision-making based on custom policies, integration with SIEM tools, and automation for real-time threat detection. The platform's ability to define enterprise policy, generate clear dashboards, and its extensive reporting enhances understanding. The interface supports asset scanning and automatic patching, and the integration with Confluence, Jira, and ServiceNow adds additional value. Predefined templates simplify compliance requirements application.
  • "The solution's interface looks good, which enhances asset scanning and ensures automatic patching."
  • "It is easy, fast, and reliable."
  • "We have tightened our infrastructure using the solution and it's a safer environment from cyber crime and cyber attacks."

Room for Improvement

Qualys Policy Compliance requires enhancements in reporting capabilities, particularly in management and CI/CD pipelines. Users note challenges with policy versioning and implementation compared to CIS standards, leading to potential support overload. Faster technical support and improved detection features are desired. Users express a need for comprehensive educational resources and better alignment with automation languages like Python or Ansible, emphasizing improvements in policy creation and handling. Training for beginners would enhance user experience.
  • "Some sort of education or knowledge base about the product would be beneficial for beginners."
  • "The reporting needs improvement. While the tool is really good at doing the assessment, it's not as good at reporting various compliance states."
  • "We are not entirely satisfied with technical support but it's not bad."

ROI

Many customers indicate a return on investment from using Qualys Policy Compliance compared to other options. They find it delivers quick results and offers ease of use and reliability. Calculating ROI precisely can be challenging yet users report efficiency, saving time and effort. Some cannot currently determine its cost-effectiveness or ROI specifics.

Pricing

Qualys Policy Compliance pricing is variable, typically mid-range, based on features and number of devices, though specifics are often confidential due to NDAs. Some perceive costs as high, yet many note it as cost-efficient, highlighting its security features. Companies regard it as a worthwhile investment, with enterprise-level pricing influencing its usage without specific comparison to other solutions. Most firms appreciate its value despite it being rated expensive by some.
  • "The prices might be a little bit high. I cannot compare it with another product because we did not try any other product, but this is my impression when comparing different modules."
  • "The solution's pricing is in the mid-range, where it is neither expensive nor very cheap."

Popular Use Cases

Organizations use Qualys Policy Compliance primarily to harden servers based on predefined benchmarks. It is employed for comparing security configurations of operating systems and applications against best practices. This includes policy checks for platforms like Windows and Linux, compliance before deployment, and monitoring vulnerabilities affecting compliance. Users utilize templates such as PCI and FedRAMP, leveraging it for VMDR to detect, block, and manage vulnerabilities, ensuring security standards are upheld.

Service and Support

Customer service and support for Qualys Policy Compliance receive positive ratings, with users highlighting responsiveness and effectiveness. Support is generally rated between eight and nine out of ten. Some experienced slight challenges when providing necessary evidence for issues, but understand its importance for resolution. Despite a few unresolved cases, technical support is mostly seen as commendable. While some hardly require assistance, others acknowledge support's helpful approach, including the potential need for meetings to clarify issues.

Deployment

Organizations find Qualys Policy Compliance's initial setup straightforward and easy, involving simple agent installation. While network scans may require in-depth discussions and can depend on client readiness, basic deployment typically finalizes within days. Importing policies from best practice libraries involves quick customization, and some controls need extra research or support. The platform’s unified features justify the effort, and its installation can be managed individually by knowledgeable users.

Scalability

Users find Qualys Policy Compliance scalable, capable of managing numerous IPs during scans. Although the speed may vary across platforms, it handles cloud, hybrid cloud, and PC integration effectively. Adjustments in licensing are necessary for infrastructure growth. Its scalability is highly rated for cloud agents, scanning capabilities, and integration with ticketing tools. Users, trained in its deployment, report potential improvements in interface speed, yet appreciate its capability in diverse environments.

Stability

Qualys Policy Compliance exhibits exceptional stability and reliability. Users have unanimously noted its robustness and consistent performance, especially during extensive scanning activities. There have been no reports of module crashes, and it is rare for them to encounter performance problems, estimated at a minimal rate of 0.1 to 0.01%. Qualys Policy Compliance earned a stability rating of nine out of ten due to its strong availability and effective report production.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Qualys Policy Compliance Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Healthcare Company
13%
Marketing Services Firm
12%
Government
10%
Financial Services Firm
10%
Outsourcing Company
8%
Construction Company
7%
Insurance Company
5%
Comms Service Provider
5%
Hospitality Company
5%
Consumer Goods Company
3%
Manufacturing Company
3%
Computer Software Company
3%
Real Estate/Law Firm
3%
Performing Arts
3%
University
2%
Legal Firm
2%
Logistics Company
2%
Pharma/Biotech Company
2%
Retailer
2%

Compare Qualys Policy Compliance with alternative products

Go!

Learn more about Qualys Policy Compliance

Qualys Policy Compliance provides a streamlined approach to compliance through its predefined templates and frequent vulnerability updates, supporting the compliance needs of organizations managing diverse infrastructures. Its interface allows effective management of security policies and straightforward compliance verification. Users benefit from enhanced security management with its automation features and asset scanning capabilities. Integration with cloud infrastructure and seamless policy management across platforms like Windows, Linux, and networking appliances make it indispensable for enterprises seeking minimal vulnerabilities.

What are the key features of Qualys Policy Compliance?
  • Comprehensive Reports: Offers detailed compliance reports for informed decision-making.
  • Policy Customization: Easily customizable policies to align with specific organizational requirements.
  • Real-time Threat Detection: Automated detection of threats to respond swiftly.
  • Integration Capabilities: Seamlessly integrates with SIEM and ticketing tools.
  • Predefined Templates: Includes templates for quick and effective deployment of policies.
What benefits and ROI should users expect?
  • Increased Security Management: Enhanced visibility and control over security compliance.
  • Efficiency in Compliance Checks: Simplifies the compliance verification process.
  • Cost Management: Reduces potential security breach costs through proactive monitoring.
  • Improved System Hardening: Ensures systems are secure against benchmarks and best practices.

Banks and organizations utilize Qualys Policy Compliance for server hardening and security configuration verification. Loading it with security policies, they ensure PCI compliance and effective vulnerability management. It's particularly effective across Windows, Linux, and networking appliances with basic scans for compliance checks.

Qualys Policy Compliance customers

PDX, Cigna

Related questions

  • 109
What is your recommended automated audit software for internal and external audit?
  • 45
SailPoint IdentityIQ vs. CA Identity Governance
  • 52
What aspect does Symantec Control Compliance Solution cover in IT Governance, Risk and Compliance?
  • 78
Why is Identity Governance and Administration (IGA) important?
  • 16
When evaluating IT Governance, what aspect do you think is the most important to look for?
  • 48
How many ISO norms do we have in the entire ISO27k security family standards?
  • 20
Why is IT Governance important for companies?

Product Categories

Product Categories
IT Governance

Popular Comparisons

Popular Comparisons
RSA Archer vs Qualys Policy Compliance Logo
RSA Archer vs Qualys Policy Compliance
IBM OpenPages vs Qualys Policy Compliance Logo
IBM OpenPages vs Qualys Policy Compliance
Diligent One Platform (formerly Highbond) vs Qualys Policy Compliance Logo
Diligent One Platform (formerly Highbond) vs Qualys Policy Compliance
Broadcom Control Compliance Suite vs Qualys Policy Compliance Logo
Broadcom Control Compliance Suite vs Qualys Policy Compliance
eIQnetworks SecureVue vs Qualys Policy Compliance Logo
eIQnetworks SecureVue vs Qualys Policy Compliance
See all alternatives
 
Qualys Policy Compliance Reviews Summary
Author infoRatingReview Summary
Information Security Analyst at a tech services company with 11-50 employees5.0I've used Qualys Policy Compliance for four years to support PCI compliance across our cloud infrastructure, finding it reliable and effective, though vulnerability labeling and historical reporting could improve; overall, it's met our needs well.
Technical Security Solutions Architecture at a tech vendor with 10,001+ employees4.5I assessed Qualys Policy Compliance, finding its predefined compliance templates and customer support valuable. However, improvements are needed in wrapper certificates and automation alignment. I evaluated other options, but Qualys proved more compatible than Azure and Amazon. ROI remains unclear.
Application Security Manager at IDB BAnk4.0I use Qualys Policy Compliance to define hardening policies for various platforms, benefiting from features like enterprise policy definition, compliance checking, and reporting. Challenges include implementing CIS controls, but overall, I'm satisfied with its comprehensive functionality and time efficiency.
Information Security Engineer at a university with 1,001-5,000 employees4.5I use Qualys for compliance, valuing its good interface, automatic patching, strong reporting, and scalability across hybrid clouds. While expensive, it's stable and has great support. I only wish there was more beginner training available for new users.
Cyber Security Analyst at a tech vendor with 10,001+ employees4.5I use Qualys Policy Compliance for pre-deployment server checks, finding its reporting and security scans valuable despite needing more knowledge in policy creation. It's efficient compared to my prior manual testing, saving time and effort.
CEO at Foresight Cyber Ltd5.0I rate Qualys Policy Compliance 10/10. It's a simple, customizable, and reliable solution for security hardening, with easy setup and quick results. My main criticisms are the need for improved reporting and policy versioning, plus occasional web UI lag.
Head of Information Security Department at a financial services firm with 201-500 employees4.0We use this excellent solution for server hardening, significantly tightening our infrastructure and improving cyber security. It offers comprehensive compliance reports, and setup was easy. We're satisfied, though customer support could improve.
Cyber Security Consultant at Confidential4.0We use QualysGuard Policy Compliance for VMDR, appreciating its automation for real-time threat detection and SIEM integration. While we've achieved ROI, faster technical support and enhanced vulnerability detection are desired improvements. No alternative solutions were considered.