Try our new research platform with insights from 80,000+ expert users
Qualys Policy Compliance Logo

Qualys Policy Compliance Reviews

Vendor: Qualys
4.2 out of 5
176 followers
Start review

What is Qualys Policy Compliance?

Qualys Policy Compliance (PC) automates the collection of technical controls from information assets within the enterprise, and maps this information to policies to fix and document compliance with regulations and business mandates. It provides compliance reporting by leveraging a comprehensive knowledge-base that is mapped to prevalent security regulations, industry standards and compliance frameworks.
Get the IT Governance Buyer's Guide and find out what your peers are saying about Qualys Policy Compliance and more!
Buyer's Guide
IT Governance
May 2025
Get the category report
Helped 856,873 peers since 2012

Featured Qualys Policy Compliance reviews

Read more reviews

Qualys Policy Compliance mindshare

As of June 2025, the mindshare of Qualys Policy Compliance in the IT Governance category stands at 2.5%, up from 1.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.
IT Governance
 
 
Key learnings from peers

Valuable Features

Qualys Policy Compliance is valued for its comprehensive compliance reports and real-time threat detection. Users highlight its high customization, capability to handle unique policies, and seamless integration with SIEM and ticketing tools like Confluence and Jira. Features include defining enterprise policies, automatic compliance checks, comprehensive reporting, and automated patching. The platform's scalability and integration with hybrid clouds are also emphasized. Its intuitive interface enhances asset scanning and increases user expertise through issue investigation.
  • "The solution's interface looks good, which enhances asset scanning and ensures automatic patching."
  • "The reporting and security checks are valuable."
  • "The platform allows multiple features that are very useful. The first one is being able to define the enterprise policy. The second one is to be able to automatically check the compliance level based on that policy, and the third one is that it allows us to generate reports and dashboards to see the compliance level easily."

Room for Improvement

Qualys Policy Compliance requires enhanced reporting capabilities, management reporting, policy version migration, and faster technical support. Reporting on compliance states needs clarity. Versioning of policies and transitions between industry practices should be smoother. Detection features need improvements for immediate action. The policy implementation process is complex, especially for CIS standards, leading to increased support calls. Beginners need more resources, such as training and a knowledge base, to assist with policy creation and management.
  • "Some sort of education or knowledge base about the product would be beneficial for beginners."
  • "The policy creation aspect needs improvement."
  • "There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides."

Pricing

Qualys Policy Compliance pricing is variable, with costs often perceived as mid-range. Users appreciate the solution's cost-efficiency and comprehensive security features, making it a popular choice among enterprises seeking value. While some consider it expensive, its potential to replace other platforms justifies the investment. Pricing details may vary and are confidential, influenced by a sliding scale based on particular requirements and agreements.
  • "The prices might be a little bit high. I cannot compare it with another product because we did not try any other product, but this is my impression when comparing different modules."
  • "The solution's pricing is in the mid-range, where it is neither expensive nor very cheap."

Popular Use Cases

Qualys Policy Compliance is primarily used by organizations to harden servers in alignment with specific benchmarks, evaluate security configurations against best practices, enable detection and mitigation of vulnerabilities, and ensure compliance requirements are fulfilled prior to server deployment. It assists in defining hardening policies for various platforms like Windows, Linux, and networking appliances, verifies compliance checks, and addresses vulnerabilities to maintain secure assets and support VMDR efforts.

Service and Support

Qualys Policy Compliance offers reliable customer service and technical support, scoring eight to nine out of ten. Some users find technical support responsive and helpful, though challenges arise when providing necessary evidence. While response times are generally quick with adaptable solutions, a few instances require innovative approaches. Most customers appreciate the professionalism, finding the support team usually adequate for resolving issues effectively.

Deployment

Qualys Policy Compliance's initial setup is described as straightforward and easy. Users find that installing an agent is uncomplicated, yet it involves some organizational discussions when network scans are needed. Policy importing is quick, often completed in hours. Some controls are easy to define, while others require additional research or support. Although initial configurations can be challenging, the effort is deemed worthwhile as it offers time-saving benefits for organizations.

Scalability

Qualys Policy Compliance scales effectively with diverse platforms, handling large IP volumes. It offers ease of deployment via cloud agents or scanning, adapting swiftly when infrastructure expands. Integration with ticketing tools is present but requires license adjustments as host numbers increase. Users note slight performance issues on different cloud platforms, particularly with web UI speed, suggesting potential improvements.

Stability

Qualys Policy Compliance is praised for its stability, with multiple users highlighting its reliable performance. Reports are consistently produced without issues, and there are no occurrences of crashes. It is described as completely stable, maintaining reliability even during extended scanning operations. Users commend its availability and consider its stability rating to be nine out of ten. Feedback indicates that users have confidence in its dependable functionality without encountering problems.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our IT Governance Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews
Healthcare Company
19%
Financial Services Firm
17%
Government
9%
Educational Organization
8%
Computer Software Company
8%
Hospitality Company
6%
Insurance Company
6%
Comms Service Provider
4%
Consumer Goods Company
4%
Outsourcing Company
4%
Performing Arts
4%
Real Estate/Law Firm
4%
Manufacturing Company
4%
Logistics Company
2%
Retailer
2%
Legal Firm
2%

Qualys Policy Compliance customers

PDX, Cigna

Related questions

  • 48
What is your recommended automated audit software for internal and external audit?
  • 4
SailPoint IdentityIQ vs. CA Identity Governance
  • 7
What aspect does Symantec Control Compliance Solution cover in IT Governance, Risk and Compliance?
  • 13
Why is Identity Governance and Administration (IGA) important?
  • 1
When evaluating IT Governance, what aspect do you think is the most important to look for?
  • 2
How many ISO norms do we have in the entire ISO27k security family standards?
  • 2
Why is IT Governance important for companies?

Product Categories

Product Categories
IT Governance