Qualys CyberSecurity Asset Management Reviews

Qualys CyberSecurity Asset Management serves multiple purposes. It provides comprehensive asset details, including serial numbers, UALs, UASs, and DTLSs, which are crucial for tracking updates and configurations. We can access detailed information like BIOS UI and installed software, enabling us to identify authorized, unauthorized, and missing applications. This comprehensive approach to asset management ensures that we have a clear understanding of our IT environment.

Qualys is a vulnerability management tool that utilizes agent scans to gather in-depth information about assets. This data includes details like installed software, their versions, and locations, which can be used for various purposes such as asset inventory, identifying end-of-life software, or tracking specific applications. By downloading this information in list format, Qualys helps address a range of asset management and security needs.

We use Qualys CyberSecurity Asset Management to manage our entire external attack surface. We've integrated our primary domain and all its subdomains into EASM, leveraging its full functionality. This integration allows us to gather crucial data. While we utilize existing features, we anticipate a new filter that will reduce noise from agent-based scans. This will help us identify vulnerabilities in any external-facing assets with public IPs and exposed ports. By pinpointing these vulnerabilities, we gain a clearer understanding of our infrastructure's security posture from an external perspective.

Some of the assets discovered by EASM include IP addresses, DNS lookups associated with those IPs, and the corresponding domain. EASM captures information based on the integrated ESAM profile. If an agent is already present, EASM merges the scan information with the agent data, and an ESAM symbol indicates this source. In addition to cloud-based assets, EASM also identifies on-premise assets with publicly exposed IPs.

Customers using Qualys CyberSecurity Asset Management for organizational purposes and formal reporting can submit requests to management, whether related to administrative or organizational perspectives. These requests are reviewed with consideration for their potential benefit to other Qualys customers. Therefore, any enhancements or requests made for our organization are also considered by the vendor providing the solution.

Qualys provides risk and threat intelligence monitoring with a built-in prioritization mechanism. This mechanism helps us prioritize exposed risk factors, such as vulnerabilities with varying levels of severity, low, ongoing, or emerging. The system monitors these vulnerabilities and allows for prioritized support. Additionally, the Qualys score increases based on the risk factor, ensuring that users are notified of critical vulnerabilities.

Qualys' TrueRisk scoring helps prioritize vulnerabilities in assets by considering multiple factors. These factors include asset criticality, which is determined by the asset's importance, e.g., critical server vs. UAT server and can be customized through tagging mechanisms. The scoring also incorporates Qualys' QDS code, vulnerability severity, and the presence of unpatched software. Additionally, factors like public IP exposure and the potential impact of even low-critical vulnerabilities are evaluated. By combining these elements, Qualys provides a comprehensive TrueRisk score that accurately reflects the overall risk posed by each asset.

Qualys Cybersecurity Asset Management utilizes deployed cloud agents as passive sensors, enabling real-time detection of network-connected assets. This functionality identified numerous devices sharing identical multicast or broadcast IP addresses and revealed asset details like hostname, IP address, MAC address, and operating system, contingent on protocol availability, e.g., DNS.

My favorite feature of Qualys CyberSecurity Asset Management is its ability to target missing software. Instead of applying the tool to all assets, we can tag specific groups of assets that require a certain application. This allows us to generate a QQL query to identify any assets missing from the software. By correlating this with QDS scores, we can accurately assess the risk level of high or low QDS scores associated with each asset and monitor them accordingly.

Qualys could improve by enhancing its dynamic tagging and role-based access control features, and by refining its user interface for a more intuitive and efficient user experience.

Qualys is currently not able to identify assets lacking DNS information. Collaboration with Qualys is underway to explore alternative protocols for hostname identification and enhance asset visibility.

I have been using Qualys CyberSecurity Asset Management for two years.

This platform demonstrates excellent stability with consistent 100 percent uptime and no glitches observed. Qualys CyberSecurity Asset Management is a reliable and stable choice.

I would rate the scalability of Qualys CyberSecurity Asset Management a nine point five out of ten.

We receive excellent technical support from Qualys, characterized by quick response times and the dedicated assistance of a Technical Account Manager who ensures the prompt resolution of critical issues.

Positive

The initial deployment of Qualys CyberSecurity Asset Management is straightforward.

I would rate Qualys CyberSecurity Asset Management ten out of ten.

We have Qualys Cybersecurity Asset Management deployed in multiple locations on various operating systems in a large scale environment.

I recommend Qualys Cybersecurity Asset Management due to its superior asset information collection capabilities, including comprehensive hardware and software inventorying. CSAM is continuously updated to encompass new technologies like GPUs and provides increased stability with reduced network noise. These ongoing enhancements make CSAM the optimal choice for effective asset management.

I suggest going for a full package that includes both external attack surface management and CyberSecurity Asset Management. The combination offers comprehensive protection and asset management.

Currently, we have 70,000 to 80,000 assets in our infrastructure. We have installed Qualys agents and started receiving vulnerability details. We use the TruRisk score and send reports to respective stakeholders and ask them to close them on priority. If they do not address vulnerabilities promptly, we quarantine the assets from the infrastructure. We also use Qualys CSAM along with VRM for handling vulnerabilities.

Qualys CSAM has provided insights into critical application vulnerabilities in our assets, which has helped us quarantine machines to prevent them from getting attacked. It has improved our ability to handle asset vulnerabilities efficiently in our infrastructure. It helped detect about 10,000 vulnerabilities so far. We do not have any high-risk vulnerability.

It discovered any open source, end-of-life, or end-of-support applications with critical or high vulnerabilities. Everything was discovered. We got them remediated.

We use the TruRisk score, but we also have our own criteria or formula for risk levels. We are using both.

With Qualys CSAM, we can see which assets have critical application vulnerabilities. This feature helps us prioritize and address these vulnerabilities more efficiently.

All required features are available in Qualys CSAM. However, it would be helpful if Qualys CSAM started incorporating AI models. An inclusion of threat details for AI and LLM-related risks would be beneficial.

We are not facing any issues with stability. Everything is smoothly managed by a different team, and our scheduled scans run without interruptions. The reports are automated, and the scans are scheduled. The reports are automatically sent to respective stakeholders. 

If there is going to be any downtime, they inform us in advance.

I have no issues with scalability. Everything is fine, and all necessary processes are in place.

We recently had some issues related to the continuous monitoring of the SaaS module. I am working with someone from the Qualys support team. He is helping us to resolve all the issues. One request is still open with the team because the risk scan was not happening at the application level. We opened a ticket and requested them to schedule a call. It might happen next week.

The support provided by Qualys is good. Their SMEs have sufficient knowledge, and if they are not the right contact, they quickly redirect us to someone who can help resolve issues. The only minor issue is occasionally being redirected to multiple teams, causing slight delays. I would rate their support a ten out of ten.

Positive

We have not used any alternatives to Qualys CSAM. Qualys CSAM is our primary tool.

A separate team within our organization manages its initial setup, deployment, and administration, so I do not have visibility on this process.

It is our main tool, and I find it better than others. 

I would rate Qualys CSAM a ten out of ten.

Qualys Cybersecurity Asset Management helps us manage our technical debt by identifying end-of-life and end-of-service software and hardware within our IT infrastructure.

Qualys CSAM is primarily a cloud-based solution. The only optional on-premise component is a passive sensor that monitors network traffic at our egress point. This sensor collects data and sends it to the Qualys Cloud interface for analysis, but it's not essential for using CSAM.

The external attack surface management identified unexpected assets, suggesting some exist outside our known inventory. While these may not be directly managed by us, the process has brought valuable awareness to the fact that our core servers are externally hosted, prompting a review of similar situations.

An external attack surface management scan revealed several outsourced name services, along with one unexpected third-party-linked IP. It's unclear if this was due to past consulting work or a registration error, but since it wasn't relevant to our company, it was easily excluded from future scans.

The benefits of Qualys CyberSecurity Asset Management are immediate. We already had the cloud agents installed. They were already on all the servers and workstations. Once we upgraded from the VMDR included GAV (Global AssetView) to CSAM, it was no time before I could see the end-of-life, end-of-service software, and hardware.

In addition to vulnerabilities, CSAM provides a better view of other risk factors, but VMDR is very powerful. VMDR was already seeing our limitations in hardening our vulnerabilities. CSAM enhanced our view by adding more visibility and insight into what we have.

TruRisk scoring goes beyond traditional vulnerability scoring like CVSS to prioritize both vulnerabilities and assets based on real-world exploitability and industry targeting. This provides a clearer picture of our actual risk by considering factors like published exploits and what attackers are currently focusing on, allowing us to quickly identify critical issues and avoid wasting time on vulnerabilities with a high theoretical risk but low real-world threat.

Qualys Cloud Agents can now be configured as passive sensors to discover all devices on our network in real-time, eliminating the requirement for separate virtual or physical passive sensor appliances. These cloud agent sensors monitor network broadcasts instead of egress traffic, and they can even designate a secondary sensor to take over if the primary becomes unavailable, ensuring continuous asset discovery and populating our CSAM platform with managed and unmanaged devices.

The end-of-life and end-of-service software and hardware are some of my favorite features. The insight into the endpoints with the cloud agent is also valuable. We get more value than we do with the global asset view that comes with VMDR.

The CMDB Sync feature currently only works with ServiceNow, which is common in larger organizations. If the feature could integrate with other, more affordable CMDB options, like those used by smaller businesses, we would be more likely to use it.

Qualys CyberSecurity Asset Management could be more cost-effective by offering a much lower price point or including it with existing VMDR subscriptions. Additionally, providing more pre-built reports would improve accessibility for organizations by reducing the need for custom report creation.

I have been using Qualys CyberSecurity Asset Management for one year.  however, I have been using Qualys solutions for over 20 years.

Qualys CyberSecurity Asset Management has been very reliable, with only occasional syncing issues following major updates, which is common for cloud-based software. Overall, I've been impressed with its stability.

Qualys CyberSecurity Asset Management is designed to scale effectively for environments of all sizes. While our environment may be on the smaller side, the solution is proven to handle deployments ranging from just a hundred devices to well over ten thousand, ensuring smooth operation regardless of our specific needs.

I've been a long-time Qualys user, so my technical support interactions tend to involve complex issues. For example, when the CSAM component was new and I encountered a bug, their team promptly cleared the back-end database, resolving the problem. Their expertise and willingness to help have been consistently impressive.

Positive

The initial deployment is easy, especially if a client is already on VMDR, to enable CSAM we only need a license.

One person can deploy VMDR and CSAM if they have the necessary access and permissions. For complex deployments with separate network management duties, involving the right personnel for whitelisting is crucial. Deployment time varies: for existing VMDR users, it's nearly immediate; for new implementations, it can take a bit longer, depending on team size and experience. Working with experienced professionals can expedite the process.

Qualys CyberSecurity Asset Management can be expensive since it is an add-on to VMDR. The cost seems to be a barrier to entry for some organizations, and a lower price point might lead to more automatic adoption of CSAM.

I would rate Qualys CyberSecurity Asset Management ten out of ten.

Qualys Cybersecurity Asset Management seems to offer a more comprehensive solution than what I've seen from competitors like Tenable and Rapid7. While I haven't reviewed their offerings recently, in the past they primarily focused on vulnerability scanning, which isn't as extensive as Qualys CSAM's asset management capabilities.

No maintenance is required. Everything is self-updating from Qualys. From cloud agents to sensors, all of those are automatically updated.

Organizations that rely solely on external attack surface management for vulnerability management are making a dangerous assumption. This approach presumes complete knowledge of their assets, which is unrealistic without full visibility into internal and external environments. Companies with a 'we're secure' attitude often have poor security, while those welcoming security assessments tend to have a strong security posture.

CSAM's tagging features, especially dynamic tagging with its easy-to-use rules, can significantly improve your efficiency across various tasks like patch and vulnerability management. By automating manual work, dynamic tags free up your time. Take advantage of the free CSAM training and consider consulting a trusted partner to accelerate your learning and implementation – their experience can save you weeks of effort.

We use it to collect all software-related information, including external attack surface information. All of this information is validated here.

We were facing issues with collecting information about external facing assets and getting vulnerabilities for assets not managed by us. We also wanted visibility into particular IP address configurations or domain-based information. Qualys CyberSecurity Asset Management helps us with visibility into the assets that we do not know about or that someone is misusing.

Other than that, we are using it for software inventory purposes. We can see whether any unauthorized software is registered on any machine or whether any required security tool is not installed on the machine. We can also see if any specific assets are critical and if there is anything we need to focus on from a network perspective. From the portal, we can get all this information as a report.

The visibility into all the assets is the main improvement. We are able to see any new external-facing assets, as well as the assets that we do not manage. For example, for the asset that we do not manage, we could get information about a particular port being open on an IP address or operating system. It helped us with about 20% of our assets.

Management of unmanaged assets enhances the organization's risk assessment capabilities.

The TruRisk mechanism helps us in some scenarios by giving an asset criticality score. It helps us focus on critical assets.

Qualys CyberSecurity Asset Management helps us identify any end-of-life software or unmanaged assets. With the CAPS mechanism, the Qualys agent can validate unmanaged assets and provide information.

Authorized and unauthorized software visibility is the best feature for me. It helps me understand security controls on our network and where we lack visibility. With a single security tool, we are able to get an extensive list. 

Additionally, I can verify version controls and port details for major applications.

There can be further simplification to reduce the overall noise and provide ESAM-related data. Some data modification might also be required, but that is not as critical as noise reduction.

I have used Qualys CyberSecurity Asset Management for over three years.

Its stability is good. I do not have an issue with it. I would rate it a ten out of ten for stability.

Its scalability is good. I would rate it a ten out of ten for scalability.

We are located in different countries. It is being used by our admin team with more than 50 people.

I would rate their support a nine out of ten. We might not always get a good solution. We might get only a workaround.

Positive

From the start, I have been using this solution in this organization.

It is very easy for me to deploy. There is no complexity. 

Its implementation takes about a week, but it can vary.  

Being a SaaS solution, it does not require much maintenance. It has an uptime of 99.9%. It is working perfectly with the scheduled information.

It has reduced resources and the time spent on gathering and combining data from different tools into a single tool. It used to be a tedious job, but it has now been reduced with the single software.

I would recommend this solution if you want a unique software to collect all the inventory data and have information about the attack surface.

I would rate Qualys CyberSecurity Asset Management a nine out of ten.

We use Qualys CSAM for information related to EOL and EOS applications. For the machines connected to Qualys CSAM, we have information about the serial number and hardware ID. We have some integration mechanisms with AD. All these helped us to make sure the agents and applications that we use are good enough to run in our infrastructure.

We have a mechanism called authorized and unauthorized applications inside our organization. Qualys CSAM helps us implement this by reporting unauthorized applications through pop-ups or alerts. This mechanism ensures that any unauthorized application is quickly identified, and appropriate measures are taken swiftly. The tool provides valuable insights into our infrastructure.

For external attack surface management, we have a configuration profile that we configure with the domain name. With this domain name, we get all the information from Qualys. They have integration with Shodan and their own scanning mechanism to get publicly exposed IPs or domains for our organization and its subsidiaries. 

It is a useful solution for us for IT-related or security-related activities. We get information about all the assets in our organization, and we also get to know if any ports are open or exposed to the Internet.

It helps us with risk prioritization. It highlights any vulnerabilities that are exploitable. We have various reports. We can see EOL or EOS software or any unauthorized applications. All these reports are triggered in a daily manner. We get the latest list every day. We can also use the dashboard.

In addition to the asset criticality score that we have configured, we have the TruRisk score. All this data helps us to prioritize the assets and vulnerabilities. 

The most valuable features of Qualys CSAM include the ability to manage authorized and unauthorized applications efficiently. This feature helps in validating applications and maintaining a secure environment. 

Additionally, Qualys CSAM offers comprehensive data, including serial numbers, BIOS information, and software details related to EOL and EOS. These capabilities are crucial for ensuring infrastructure readiness and security.

In my opinion, the area that needs improvement is the role-based access control (RBAC). The access privilege management needs to be more robust and streamlined to enhance user access management. Additionally, improvements to the user interface could be beneficial.

I have been using Qualys CSAM for one and a half years.

I would rate the stability of Qualys CSAM a ten out of ten. The agent-related stability is excellent, and we have not experienced any lags.

The scalability of Qualys CSAM is good. It is a SaaS platform. I would rate it a nine out of ten for scalability.

We have it at multiple locations and countries. We have multiple networks and subsidiaries. We have about 300k users.

The customer service is excellent. I would rate them a nine out of ten. Although there have been occasional delays in response time, the support generally addresses issues promptly and effectively.

Positive

I have only used Qualys CSAM in this organization and have not switched from any previous solutions.

We have a hybrid setup. The initial setup is straightforward, requiring a single code within an agent file, making the deployment process very easy.

Other than the upgrades, it does not require any maintenance from our side.

I would strongly recommend Qualys CSAM to other users because of its reliable detection logic and high level of support. We have not seen any glitches with it. In the case of any issues, we can get them resolved promptly, maintaining efficiency. 

I would rate the Qualys CSAM a ten out of ten for its overall performance.

Our primary tool for asset inventory is Qualys CyberSecurity Asset Management, which our software asset management team also utilizes to check our software library.

We deploy Qualys Cloud agents as passive sensors to gain comprehensive asset visibility and identify gaps in policy agent coverage. Additionally, we are collaborating with our cyber defense center team to enhance external service management.

Our cyber defense center team effectively utilizes Qualys CSAM, an external service management tool, to cover the entire attack surface.

The external service management tool has helped discover over 6,000 assets that were previously discovered.

We immediately saw the benefits of Qualys CyberSecurity Asset Management. As platform owners, we collaborate with the validation and cyber defense center teams to ensure asset availability and address any discrepancies.

Qualys CyberSecurity Asset Management helps identify all risk factors using the TruRisk score.

TruRisk Insights assists in identifying vulnerabilities and prioritizing them from highest to lowest risk.

We have begun utilizing Qualys Cloud agents as passive sensors and are currently investigating the necessary protocols to maximize the effectiveness of this feature. 

Our cybersecurity, IT, and cloud software teams effectively use Qualys to gain comprehensive visibility into our software environment, aided by excellent support. This visibility enables us to integrate Qualys into various facets of our operations, including our internal tools, allowing us to efficiently share updates with both the IT team and end-users, thus streamlining our workflow.

The most valuable feature is the Management sensor, which helps identify gaps in policy agent availability, thereby improving agent utilization. Additionally, the tool's code aids in risk identification and mitigation.

The Qualys CAPS service requires further exploration and improvement, particularly in its handling of protocols and reactivity with MAC and IP addresses for CAP agents. Enhanced functionality in these areas would increase the service's effectiveness and efficiency. We anticipate updates that will address these issues and optimize our use of the service.

We have been using CSAM for more than two years. 

We have not encountered significant stability issues with Qualys CyberSecurity Asset Management. The design appears robust, and we have not experienced any latency problems.

Qualys Cybersecurity Asset Management has proven to be a highly scalable solution for us over the past couple of years, seamlessly integrating new features as we have expanded from a few licenses to a much larger deployment.

We receive excellent support from Qualys. Our Technical Account Manager is very responsive and helpful in addressing any concerns that arise.

Positive

The initial deployment was straightforward. We integrate CSAM with other Qualys modules including VMDR.

The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage.

I would rate Qualys CyberSecurity Asset Management ten out of ten.

Qualys CyberSecurity Asset Management does not require maintenance on our end.

To gain comprehensive visibility and reporting within the policy, new users should deploy the agent. This action provides a complete overview of vulnerabilities and support statuses, offering valuable insights for both IT management and cybersecurity purposes.

I have been working with Qualys for approximately two and a half years. I have used this module to manage security postures in cloud environments, and it is essentially used for hybrid management systems. This allows me to adhere to security practices across cloud environments.

I appreciate the feature that simplifies cloud security posture, offering insights into vulnerabilities, and reducing the complexity of managing the security program. It provides a proactive security posture, identifying risks before attempts are made. It is also scalable in hybrid management, offering dynamic capabilities in cloud environments, providing visibility to thousands of assets. Additionally, it is beneficial in discovering what's occurring in the cloud environment and provides visibility in asset discovery. It helps monitor assets continuously, granting real-time visibility, which aids the IT environment in maintaining these assets. External attack surface management allows me to consider things from an attacker's perspective. I've improved on faster remediation and reduced risk breaches, as the module enables me to quickly identify vulnerabilities and take necessary actions. Decision-making is straightforward, allowing risk prioritization and action accordingly.

Qualys is continually developing, adding new features each year. Previously, there was no on-demand scan feature in a cloud agent, but multiple features have since been added to my cloud agent module. In CSAM as well, I expect features that make security and IT team tasks easier, eliminating manual efforts. Features enhancing the interaction with IT or security teams should be added, such as a ticketing feature that, if an issue arises in the CSAM module, enables direct ticket creation in systems like ServiceNow. This would streamline assigning tickets to appropriate teams.

I have used the solution for two and a half years.

I do not think there are any issues.

It's scalable. I do not face any limitations.

I would rate the technical support nine out of ten. They are effective; if I raise a ticket, they directly contact me and solve my problems, whether related to deployment or unresolved vulnerabilities.

Positive

I have been using Qualys from the beginning and have not used any other solution extensively. However, I have some familiarity with Rapid7, but it lacked the level of detail found in Qualys.

The initial setup was smooth, particularly with the cloud agent installation and sensor deployment. After the initial stage and the licensing part were completed, I became involved in creating user IDs and as an administrator, I managed user access, including giving privileges to admins. I coordinated with the Linux, Windows, and Mac teams to download and install the agent and conduct testing.

I received assistance from the Qualys support team, specifically from the ACCPL team provided by Qualys. It was a third-party team.

As mentioned earlier, it saves time and facilitates direct communication with real issues I have faced.

At present, I do not think so; however, I may consider CrowdStrike as it has some features, though not as detailed.

The CSAM module is great and continually improving with updates. I would rate it nine out of ten. However, based on the company's budget, Qualys offers limited features, which can also be utilized in other environments. I rate the overall solution nine out of ten.

Currently, we are using it for asset inventory to determine how many Windows machines and how many Linux machines there are. Accordingly, we categorize them. 

We prioritize the assets according to vulnerability and risk score, identifying the most critical and vulnerable assets. We obtain this information from Qualys CyberSecurity Asset Management and use it for vulnerability remediation and prioritization.

We have visibility into public-facing IPs and open ports. It helps us in covering the entire attack surface.

We are able to discover various assets such as servers, endpoints, and different operating systems. It is connected to the VMDR console, patch management module, and cloud agent. We can see all the information through the console. We are able to see any outdated versions of software or end-of-support devices. We can then take action accordingly.

We were able to see its benefits immediately. Previously, we used a formula, but now, CSAM enables vulnerability prioritization without spending time creating or applying formulas.

TruRisk Score provides insight into an asset, indicating its risk score and vulnerability. If the score exceeds a particular threshold, we focus on the asset and consider a risk exception. If vulnerabilities are not remediated, we attempt remediation by consulting the TruRisk dashboard. This dashboard is also used to showcase to management without needing customization.

It provides most of the information needed regarding the assets, including the operating system and whether the assets are network devices or servers. The device type is available as well. We can prioritize vulnerabilities and assign a risk score. 

The main aspect that needs improvement is the user interface, which should be more intuitive. It is not easy for a new user because it provides a lot of details. Capturing information quickly is difficult. The user interface should be improved to make information more accessible.

I have been using it for two years. We got it along with our VMDR.

There are no stability issues, and I would rate it a ten out of ten.

I would rate it a seven out of ten in scalability.

Sometimes, when I encounter challenges or discrepancies in the console data, I communicate with support and receive good responses. The technical support of Qualys is noteworthy, as I have not experienced delayed responses.

Positive

We have not used any other solution before.

Deployment is easy because we do not need to configure much on CSAM. It automatically populates data, requiring us to only focus on cloud agent deployment and scanning, which makes it very easy.

The full implementation took about a month. We had 2,500 assets. Initially, we only onboarded servers. That was easy. After that, we onboarded endpoints. Overall, it took three to four months to populate all the data.

It does not require any maintenance from our end because we are using the cloud version.

The entire team, consisting of four people, worked on the Qualys implementation.

The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution.

Qualys offers an automated solution for asset inventory. I would recommend it to anyone looking for a similar solution.

I would rate the solution an eight out of ten.