No more typing reviews! Try our Samantha, our new voice AI agent.

Qualys VMDR vs Tanium comparison

Qualys and Tanium are both solutions in the Vulnerability Management category. Qualys is ranked #3 with an average rating of 8.6, while Tanium is ranked #26 with an average rating of 8.1. Qualys holds a 3.9% mindshare in VM, compared to Tanium’s 1.6% mindshare. Additionally, 94% of Qualys users are willing to recommend the solution, compared to 80% of Tanium users who would recommend it.
Sponsored
Qualys TotalCloud
Read 39 Qualys TotalCloud reviews
  • 5,336 Views
  • 3,148 Comparison Views
100% willing to recommend
Qualys VMDR
Read 96 Qualys VMDR reviews
  • 16,306 Views
  • 10,762 Comparison Views
94% willing to recommend
Tanium
Read 22 Tanium reviews
  • 15,362 Views
  • 3,994 Comparison Views
80% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jun 3, 2026

Qualys VMDR and Tanium compete in the cybersecurity market focusing on vulnerability management and endpoint protection. Qualys VMDR has an advantage in cloud agents and real-time asset discovery, while Tanium excels in real-time endpoint data and robust inventory capabilities.

Features: Qualys VMDR provides comprehensive vulnerability management, policy compliance, and scalability options. It includes prebuilt CIS templates, patch supersedence, and an updated IP asset registry. Tanium covers IT and security operations across endpoints, supporting multiple operating systems with comprehensive threat intelligence and wide coverage.

Room for Improvement: Qualys VMDR needs an enhanced vulnerability database to reduce false positives, improved asset tagging, and better reporting capabilities. Tanium requires improved integration capabilities, faster policy applications, and a reduction in false positives.

Ease of Deployment and Customer Service: Qualys VMDR offers flexible deployments across different cloud environments, with customer service ranging from excellent to needing improvement. Tanium provides on-premises and cloud deployment options, receiving positive feedback for global support and technical expertise.

Pricing and ROI: Qualys VMDR is competitively priced with a flexible model, although considered expensive for license users and additional modules. Tanium, while costly, delivers extensive functionality, making it a justified investment with significant ROI in risk reduction and compliance management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Qualys VMDR vs. Tanium Report (Updated: June 2026).
Buyer's Guide
Qualys VMDR vs. Tanium
June 2026
Download the complete report
Helped 902,417 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Qualys VMDR
Ranking in Vulnerability Management
3rd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
96
Ranking in other categories
IT Asset Management (3rd), Configuration Management Databases (3rd), Container Security (9th), Risk-Based Vulnerability Management (1st)
Tanium
Ranking in Vulnerability Management
26th
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (4th), Endpoint Protection Platform (EPP) (17th), Endpoint Detection and Response (EDR) (22nd), Unified Endpoint Management (UEM) (7th)
 

Mindshare comparison

As of June 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.0%, up from 0.9% compared to the previous year. The mindshare of Qualys VMDR is 3.9%, down from 7.6% compared to the previous year. The mindshare of Tanium is 1.6%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys VMDR3.9%
Qualys TotalCloud1.0%
Tanium1.6%
Other93.5%
Vulnerability Management
 

Featured Reviews

RO
Robert Orłowski
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Read full review
Vaibhav Ghule - PeerSpot reviewer
Vaibhav Ghule
Soc Lead & Edr Administration at Persistent Systems
Continuous risk-based monitoring has strengthened incident response and vulnerability prioritization
I haven't explored Qualys VMDR's vulnerability lifecycle automation yet. One of my analysts mentioned that queries lack grouping operators in Qualys VMDR. From my experience, I would appreciate improvements in the query options in Qualys VMDR, specifically in the query-building process where I would need more features and operators. Additionally, we have been facing issues with Qualys on the cloud level. We cannot download the configuration profile from the cloud agent, and it is showing a pending action for download. During 2025, we noticed outages of Qualys a couple of times. I want to mention that there is an issue with receiving timely RCA deliveries. While this is not necessarily about the tool, it relates to support. The support has not been very responsive, and we are receiving RCAs a little delayed whenever we raise support cases or communicate with the TAMs. Additionally, the UI has a slight latency, which I and my team have experienced. They have also reported this latency issue when navigating through different pages.
Read full review
MA
Mairajuddin Ahmed
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"Qualys TotalCloud provides unified vulnerability and threat assessment for IaaS and SaaS and a single prioritized view of risk, which helps reduce my workload by not having to combine multiple sources."
"TruRisk Insights is the most important innovation they've released this year."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
More Qualys TotalCloud pros
"Qualys VM has greatly helped us to improve and maintain our posture of security."
"Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported."
"The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management."
"The platform's most valuable features include its robust vulnerability detection capabilities and automated remediation workflows."
"Use it. It is a great product."
"Continuous monitoring is a crucial feature that we use more frequently."
"Vulnerability management is the most valuable one and it’s a must in every organization."
More Qualys VMDR pros
"Tanium's most valuable features are patch management, inventory, and distribution software."
"I would say Tanium is the best tool for vulnerability management."
"Tanium's most valuable feature is its instant discovery aspect."
"It's definitely not complex, it is pretty user-friendly and it's a solid tool enterprise to use."
"I find the inventory and compliance features of Tanium to be the most impressive."
"The product is granular and can build complex roles compared to other EDR vendors."
"Tanium is a very good product and I would rate it eight or nine out of ten."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
More Tanium pros
 

Cons

"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"We encountered challenges identifying the correct resource category for certain items, such as those in containers or storage."
"There is room for improvement in the support."
"The cost of Qualys TotalCloud is high and could be more competitive."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
More Qualys TotalCloud cons
"I’m convinced it could be possible to do a simpler interface."
"From the application security perspective, Qualys has a way to go."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"Improve the API speed."
"I'd like to see additional security for the app."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
More Qualys VMDR cons
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"The problem or challenge is a pre-sales and go-to strategy for the SMB market delivered through a channel or model. It's very convoluted and vague, which leads to some confusion about the various types of modules, and the device-to-seat cost is extremely difficult to calculate."
"Tanium required local admin or root rights on Mac devices, which did not comply with our security policies. This made the solution less suitable for our restrictive environment."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"We set a policy to block USB access. The moment a device is being set up on the network, I apply the policy, but it does not come into effect immediately."
"The solution needs to improve the reporting and tracking capabilities."
More Tanium cons
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"The cost is high, but it meets our organizational needs."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
More Qualys TotalCloud pricing and cost advice
"The solution is reasonably priced for the value it provides."
"There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price."
"The solution is costly."
"Qualys VM is quite expensive. It's a subscription-based license, and it's yearly. Right now, it's open for me, and I don't have any limitations or caps on the licenses. They are seeing if the product is viable for 4500 users. I can add as much as I want, and at the end of the subscription, they'll let me know how many licenses were actually used and bill me accordingly. On a scale from one to five, I would give their pricing a three. It's still expensive."
"The solution is expensive."
"In Nigerian Naira, we spend about roughly four to five million to use this solution and this is expensive compared to solutions like Nessus."
"Qualys Virtual Scanner Appliance isn't expensive right now. But the price for their product bundles could be better."
"Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
More Qualys VMDR pricing and cost advice
"The solution offers value for money."
"The solution is expensive but it's a good investment."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"It is higher than some competitors in the market."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"It's an expensive solution. It would be nice if the cost were lower."
"There is an annual license required to use this solution."
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
902,417 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
16%
Manufacturing Company
7%
Computer Software Company
7%
Construction Company
6%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise12
Large Enterprise70
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
 

Questions from the Community

What is your experience regarding pricing and costs for Qualys TotalCloud?
The price is very expensive, actually.
See all answers
What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
See all answers
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
See all answers
What is your experience regarding pricing and costs for Qualys VMDR?
My experience with pricing, setup cost, and licensing shows that we can consider both time and money saved.
See all answers
What needs improvement with Qualys VMDR?
I haven't explored Qualys VMDR's vulnerability lifecycle automation yet. One of my analysts mentioned that queries la...
See all answers
What advice do you have for others considering Qualys VMDR?
I have some understanding about PeerSpot, and I have visited the website. PeerSpot is similar to TrustRadius. It take...
See all answers
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
See all answers
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
See all answers
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
See all answers
 

Comparisons

Wiz vs Qualys TotalCloud Logo
Wiz vs Qualys TotalCloud
Compared 11% of the time
Microsoft Defender for Cloud vs Qualys TotalCloud Logo
Microsoft Defender for Cloud vs Qualys TotalCloud
Compared 8% of the time
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud Logo
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud
Compared 6% of the time
JupiterOne vs Qualys TotalCloud Logo
JupiterOne vs Qualys TotalCloud
Compared 5% of the time
Orca Security vs Qualys TotalCloud Logo
Orca Security vs Qualys TotalCloud
Compared 3% of the time
More Qualys TotalCloud Competitors
Rapid7 InsightVM vs Qualys VMDR Logo
Rapid7 InsightVM vs Qualys VMDR
Compared 6% of the time
Tenable Nessus vs Qualys VMDR Logo
Tenable Nessus vs Qualys VMDR
Compared 5% of the time
Tenable Security Center vs Qualys VMDR Logo
Tenable Security Center vs Qualys VMDR
Compared 4% of the time
Rapid7 Metasploit vs Qualys VMDR Logo
Rapid7 Metasploit vs Qualys VMDR
Compared 3% of the time
Tenable Vulnerability Management vs Qualys VMDR Logo
Tenable Vulnerability Management vs Qualys VMDR
Compared 2% of the time
More Qualys VMDR Competitors
CrowdStrike Falcon vs Tanium Logo
CrowdStrike Falcon vs Tanium
Compared 6% of the time
Microsoft Defender for Endpoint vs Tanium Logo
Microsoft Defender for Endpoint vs Tanium
Compared 4% of the time
BigFix vs Tanium Logo
BigFix vs Tanium
Compared 4% of the time
NinjaOne vs Tanium Logo
NinjaOne vs Tanium
Compared 3% of the time
Symantec Endpoint Security vs Tanium Logo
Symantec Endpoint Security vs Tanium
Compared 2% of the time
More Tanium Competitors
 

Product Reports

Buyer's Guide
Qualys TotalCloud
June 2026
Qualys TotalCloud reportDownload Qualys TotalCloud product report
Buyer's Guide
Qualys VMDR
June 2026
Qualys VMDR reportDownload Qualys VMDR product report
Buyer's Guide
Tanium
May 2026
Tanium reportDownload Tanium product report
 

Also Known As

Qualys TotalCloud with FlexScan
Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security
Tanium Inc Cloud, Tanium XEM
 

Overview

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?
  • Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
  • Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
  • Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
  • Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
  • Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
  • Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
  • FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
  • Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.
What benefits and ROI should users look for?
  • Improved Security Posture: Enhances threat detection and response across clouds.
  • Time Savings: Automation reduces time spent on manual vulnerability management.
  • Resource Efficiency: Better allocation of resources through streamlined workflows.
  • Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
  • Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys

Qualys VMDR is a comprehensive cybersecurity tool offering vulnerability management, patch management, and continuous monitoring with real-time asset discovery. It delivers scalable, cloud-based solutions that enhance security operations without additional infrastructure.

Qualys VMDR provides a robust platform for enterprise security, integrating vulnerability management, compliance, and asset inventory for full visibility across cloud and on-premises environments. It features a comprehensive dashboard with threat intelligence-driven prioritization and remediation capabilities. Users benefit from accurate assessments via agent-based scanning and appreciate the intuitive, customizable scanning and reporting interface. However, there's room for improvement in false positive reduction, UI simplification, and integration capabilities, along with enhancements in asset management for large-scale deployments and the vulnerability database. Enhancing technical support speed, patch management, compliance standards, and inter-module navigation would further enrich user experience.

What are the key features of Qualys VMDR?
  • Vulnerability Management: Identifies and manages security vulnerabilities across environments.
  • Patch Management: Ensures systems are updated with the latest patches.
  • Continuous Monitoring: Offers real-time insights into security posture.
  • Asset Discovery: Provides up-to-date asset inventory and visibility.
  • Threat Intelligence: Enhances prioritization and remediation processes.
  • Customizable Dashboard: Facilitates easier scanning and reporting through an intuitive interface.
What benefits can users expect when evaluating Qualys VMDR?
  • Scalability: Cloud-based deployment offers easy, cost-effective expansion.
  • Accurate Assessment: Agent-based scanning keeps security data current.
  • Enhanced Security Operations: Comprehensive features streamline vulnerability management.
  • Advanced Reporting: Facilitates detailed insights for better security decision-making.

Qualys VMDR is widely used in industries needing stringent security and compliance measures, offering comprehensive vulnerability and compliance management. It is deployed to secure web applications, servers, and crucial assets, supporting a wide range of sectors by ensuring policy adherence and vulnerability tracking through its powerful cloud platform.

Qualys

Tanium offers robust endpoint protection, patching, and inventory management, consolidating the functions of tools like BigFix with capabilities in incident response, network security, and cloud or on-premise deployments.

Known for real-time capabilities, Tanium provides detailed analytics, security features, and device management. Users benefit from quick implementation, real-time updates, and patching campaigns. Despite its strengths, integration and custom plugin expansion remain areas to improve, along with data visualization and network optimization. Reporting enhancements and user training could advance its usability, and some UI elements may require updates for clarity and security.

What are the essential features of Tanium?
  • Detailed Analytics: Provides actionable insights for better decision-making.
  • Security Capabilities: Offers strong defense measures against threats.
  • Real-Time Queries: Facilitates immediate information access.
  • Patch Management: Streamlines software updates across devices.
  • Device Management: Efficiently handles comprehensive inventory and monitoring tasks.
What benefits should users expect?
  • Ease of Use: Simplifies complex IT tasks.
  • Scalability: Adapts to growing IT infrastructure needs.
  • Integration Flexibility: Merges with existing systems effortlessly.
  • Real-Time Updates: Ensures current data availability for informed actions.

Tanium's deployment spans industries focusing on endpoint protection and compliance, ensuring reliable device and server management in settings where safety and quick adaptation are critical. Organizations use it for application deployment, compliance checks, and integrating it as an EDR solution, enhancing overall security and operational efficiencies.

Tanium
 

Sample Customers

Information Not Available
Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Buyer's Guide
Qualys VMDR vs. Tanium
June 2026
Free Report: Qualys VMDR vs. Tanium
Find out what your peers are saying about Qualys VMDR vs. Tanium and other solutions. Updated: June 2026.
DOWNLOAD NOW
902,417 professionals have used our research since 2012.
See our Qualys VMDR vs. Tanium report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.