Qualys VMDR Primary Use Case
We mostly use Qualys VMDR for vulnerability management and compliance practices. Every week, my team and I run automated scans that are scheduled, and we share whatever vulnerabilities are found with the infrastructure team to remediate them.
View full review »The primary use case of Qualys VMDR was to monitor around two hundred users, servers, and VMs weekly. We needed to ensure that all vulnerabilities were tracked and addressed. Our users were mainly developers using various applications, and we needed to ensure compliance with client requirements. The goal was to keep our systems up-to-date and secure.
View full review »We use Qualys VMDR for daily vulnerability management, scanning vulnerabilities, identifying vulnerabilities, reporting, creating dashboards, and the whole vulnerability management process. We also use it for patch management.
View full review »Buyer's Guide
Qualys VMDR
June 2025

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,170 professionals have used our research since 2012.
LG
Lakshay Grover
Works at a tech consulting company with 10,001+ employees
We have multiple modules, including Qualys VMDR solution and Qualys TotalCloud solution. We use them in our organization, like VMDR, for vulnerability management, detection, and response, as well as policy compliance to amend policies according to CIA benchmarks and other frameworks.
We also use the web application module and the Qualys Gateway module to ensure that scanner appliances are functioning properly. These modules allow us to check various scenarios and initiate scans, either on-demand or as per a scheduled plan.
My primary work is with VMDR module. In my previous organization, I worked with TotalCloud, but right now, I am focused only on VMDR and other modules.
View full review »It's primarily for vulnerability management. We use VMDR to deploy the cloud agents and scanners in our environment to cover everything holistically. We also use it for service integration so that vulnerabilities can be tracked through there. So, it's more or less vulnerability management.
View full review »We use continuous monitoring to schedule scans for all the applications in our organization. We create a parent tag and sub-tags for each application and schedule scans based on our requirements, such as every alternate day, weekly, or monthly. This helps us identify vulnerabilities in the web applications, especially those that are public-facing.
View full review »I am working for an IT firm where I use Qualys VMDR for my clients. I specifically use it for vulnerability detection and vulnerability remediation as part of our vulnerability assessment team. We scan all the assets for vulnerabilities, both servers and client-side, and then share the vulnerability reports with the relevant teams for remediation planning.
View full review »We are managing hundreds of AWS and several on-premises accounts using Qualys agents and scanners to provide data inputs for Qualys. We are using several of the Qualys modules, VMDR, Cloud Agents, Connectors along with Global Asset View (GAV). GAV dynamic tagging is valuable for tracking owners of assets.
Qualys' main function is to provide us with vulnerability management information for our end users and is a major input to our CMDB. We rely on a combination of agents and scans to provide us with the system data.
View full review »The primary focus of this solution is to identify and detect vulnerabilities in real time and use that information to patch them using Qualys VMDR task management module. We have a variety of devices within our network, including network devices, firewalls, vCenters, VMs, web applications, and endpoints. We deploy cloud agents on workstations and servers where possible, and we scan network devices using a virtual scanner where we cannot deploy the cloud agent. Additionally, we perform web application scanning for our web apps. We also use the tool to manage our cloud security and container security.
View full review »Qualys VMDR is used as a vulnerability management tool. We have more than a thousand users in our company, and we have integrated Qualys with their machines to help update software and measure known or unknown risks, prioritize them, and patch the devices. We monitor and mitigate alerts, and we find vulnerabilities in specific machines or systems, which we then address.
View full review »RN
Nabanita Roy
JMS, RPSG Ventures Limited at RP Sanjiv Goenka Group
My main use cases for Qualys VMDR are for server vulnerability and missing patches.
View full review »Our primary use case of the product is comprehensive vulnerability management and asset inventory across a hybrid environment consisting of both cloud and on-premises deployments. We manage approximately 45,000 endpoints spread across multiple geographical locations.
View full review »SV
Saivarun Varun
IT Team Lead at a consultancy with 10,001+ employees
The primary use case for Qualys VMDR is for infrastructure vulnerability management. It assists devices, including all infrastructure devices like serverless network devices and development environments.
View full review »We use the product for enterprise network infrastructure scanning.
View full review »We use Qualys VMDR to scan our public websites and products, anywhere that is publicly available. We deploy it through Qualys's cloud scanner.
View full review »Our use cases are primarily on-premises vulnerability management and remediation, external attack surface management and vulnerability scanning.
View full review »The use cases would be for scanning purposes, for identifying assets, identifying and viewing assets, and setting up scan schedules. I use it primarily as a vulnerability management and scanning tool.
View full review »We use it for vulnerability management and report generation mostly. I am trying to solve the issue wherein the stakeholders can get automated vulnerability reports to their mailbox.
View full review »I primarily use Qualys VMDR for daily scans, onboarding assets, scanning, reporting, and managing the entire vulnerability management process, including test management.
View full review »Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the network scan to discover the devices on our network.
View full review »Qualys has many products. However, the prominent one is for scanning the vulnerabilities on endpoints, including servers and desktops. The other can be for using multiple other products, like taking the certificate, inventory, and software inventory of endpoints through scanning.
Additionally, we use the solution for web application scanning. When they have web applications, they can scan applications for various vulnerabilities and give recommendations.
View full review »We do vulnerability management mostly with the agents and sometimes with the scanner.
We use it to install for around 20 or 30 clients right now so that we can remotely monitor their vulnerability status and help them improve their patch management processes. When certain critical things come up, we help clients with the Log4J, identifying where they need to remediate some of the super trendy critical things that come out and identifying end-of-life operating systems and software that need to be updated.
View full review »Using the solution, I go through the reports and advise my organization on what needs to be done and how to go about it.
We use this solution to manage compliance and to verify the gap between the policy defined by the company and the ones that are implemented in the system. We also use Qualys for vulnerability management of assets in the cloud or on-prem.
View full review »DJ
DivyaJyoti
0
In our DLP operations, we use the tool to address stability issues and implement fixes suggested by it. This helps manage risk levels and decide whether to fix issues or implement workarounds.
View full review »We use the solution for vulnerability management.
View full review »AZ
AvaisZaidi
Assistant Manager Solutions at Mutex Systems Pvt. Ltd.
We're using the entire suite except for Patch Management. I use Qualys VM for my production environment on Amazon AWS. I also use it for my endpoints and some BDI solutions that require on-premise solutions, and I use it for both.
View full review »Qualys VM is used for vulnerability scanning.
View full review »I primarily use Qualys VM to manage vulnerability tickets.
View full review »Qualys' main function is to scan IT systems. It does the scanning of computer systems.
View full review »JT
Jerome TOUTEE
Former Employee of Orange Business Services as Head of Security Engineering at a comms service provider with 5,001-10,000 employees
We use the solution for vulnerability management. It helps us identify potentially vulnerable assets. Thus, we can prioritize patching based on a risk score.
View full review »We use the solution for vulnerability and policy scan.
View full review »This is a virtual scanner appliance. We have both physical and virtual options.
I'm still in training and getting the hang of the solution. I do not know what features the company uses the most. They generally use it to scan all the AWS workloads and Azure workloads.
View full review »We use this solution to scan the servers on the network. It is used predominantly by our information security team.
View full review »Our customers use Qualys for vulnerability management, it's a way for them to discover the kinds of vulnerabilities they have on their systems. We are a partner with Qualys and I'm an infrastructure security consultant. We currently have 20 clients using Qualys.
AL
AntonyLai
Sr Security Engineer at a tech services company with 10,001+ employees
I use Qualys VM for vulnerability scanning, enterprise management, web application scanning, and patch deployment.
View full review »We primarily use the solution for full enterprise visibility from both an asset detection perspective and vulnerability detection perspective. Basically, we are tracking all the devices over agents, including PCs and servers, et cetera.
We are able to understand what our current situation is on the devices. At the second stage, we are able to catch the devices which do not have agents or which are not in the inventory, with on-premise scanners.
We are running security configuration hardening assessments or compliance with CIA security benchmarks.
In addition to that, we are also utilizing the cloud assessment solution of the Qualys, to ensure compliance with CIA security standards. For example, the Amazon cloud platform is configured compliantly with the CIA security benchmark. These are the four pillars utilized.
Qualys VMDR is a vulnerability management and detection response tool. It belongs to the first generation of vulnerability assessment tools. It enables us to manually identify vulnerable keys and fix them. It is built as a cutting-edge continuous platform where we can detect and protect. With this product, we can respond to specific vulnerabilities, going beyond just using artificial intelligence features. We have implemented VMDR across our cloud, physical interfaces, endpoints, and log servers. It's a good digital product for our organization.
View full review »We use this solution mainly for vulnerability management.
It is a SaaS solution with agents distributed at endpoints.
View full review »I mainly use Qualys VM for vulnerability management to carry out vulnerability scans on IT assets to find out which are vulnerable and what is needed to patch them. We also use it for policy compliance scans and in tablet for web application scans.
View full review »AH
ASHRAF ALI HASSAN
Senior Manager Network Design at MEEZA, Managed IT Services Provider
We use bother on-premise and cloud deployments of Qualys VM. For my clients in the cloud, we use a cloud solution, which is a bring your own license model. Additionally, We have our own deployment of Qualys VM.
We are using Qualys VM to provide a VM service.
View full review »We use Qualys Virtual Scanner Appliance for the big scan.
View full review »I used this solution for one of my clients and the primary use case was for the compliance mode and scanning. We are customers of Qualys and I am senior vice president information security.
NS
Nagaraj Sheshachalam
Lead Cyber Security engineer at a manufacturing company with 10,001+ employees
We use Qualys Asset Inventory for doing infrastructure level scans or server inventory, or saving the server database or asset database.
View full review »We are using Qualys VM, as our scanner tool. We also use it for Application Security and Policy Compliance.
We use it for the identification of vulnerabilities for all of our devices on the network. This includes Windows workstations, servers, and Linux machines. We also use it for cloud, and external use as well.
View full review »We are currently using Qualys for vulnerability detection, as part of our security solution. We're moving towards Defender ATP because I am looking more at the Operational Technology (OT) side of things than I am at the Information Technology (IT) side.
View full review »We're primarily using the solution for vulnerability assessment of internal server as well as the external server.
View full review »The primary use cases of this solution are as a scanner. We use it with Azure and AWS. For on-premises, we use physical scanners all over the globe. We have deployed our external scanners in approximately 70 regions.
View full review »Qualys Container Security scans similar to a runtime container and it scans the entire cluster.
View full review »I mainly use Qualys VM for CSAM, to complement vulnerability management on our assets, and to check for intrusions through our email gateways.
View full review »It is for vulnerability management. I used it in my previous company, and I also used it for my home network.
It is a SaaS platform. So, there is always the latest version.
View full review »It was responsible for vulnerability scanning. It enforces vulnerability management websites.
View full review »It's used for vulnerability assessments, assessment of IT equipment, PCs, servers. It's supposed to help prioritize which security patches need to be deployed on that equipment.
View full review »OO
Omar ORta
Director Transformación Digital at oesia
We use this product for vulnerability management.
View full review »HH
Engineer10496
Network and security Pre-sales Engineer at a tech services company with 51-200 employees
We are a system integrator. We implement Qualys for our customers for vulnerability management and policy compliance. We are not using Qualys as a product in our company. We have public, private, and hybrid cloud as well as on-premises deployments.
View full review »We are consultants and resellers of Qualys VM.
I use Qualys to review the validity of legacy applications, infrastructure, and simple data operating systems.
We use Qualys to check the status of our security posture.
View full review »We are a solution provider and this is one of the products that we implement for our clients. We do a lot of work with containers. With respect to containerization, security is important for us and we regularly check the market to see what solutions are available in these areas.
This solution is primarily used for container security and compliance. Moving into any environment, in particular, one that is cloud-based, our clients want to make sure that things are okay from a compliance perspective. We generate reports and they can see whether there are any violations. If they see violations or security breaches during the audit then they have to be addressed.
View full review »Our primary uses for this solution are security vulnerability detection and policy compliance.
View full review »PK
Piotr Koryczan
Technology Security Expert at T-Mobile Polska (Deutsche Telekom)
Our primary use case is vulnerability assessment.
View full review »The primary use for the solution is vulnerability management.
View full review »Datacenters which are in different locations.
View full review »The primary use case is using this as the infrastructure scanner for an enterprise vulnerability programme in a customer organization.
View full review »It mainly scans the model against all of our online websites.
View full review »MW
SecuritySpec783
Information Security Specialist at a manufacturing company with 10,001+ employees
My primary use case is to actually fill out forms, ensure that they are being closed in a timely manner. This is why we use these one point solutions.
View full review »SS
Sujit Sharma
Information Security Engineer at a tech services company with 1,001-5,000 employees
My primary use case is for the web application scans of websites. I also made some new search profiles and other scanning profiles.
View full review »RR
RaghunandanRaju
Senior Vulnerability Analyst at a comms service provider with 10,001+ employees
It improves the continuous monitoring of the systems on-premises.
View full review »Our primary use case is to manage vulnerabilities, scan web applications, and report assets throughout the network. Also, we create reports based on this data.
View full review »I primarily use Qualys VM for vulnerability management, security configuration, and management and asset inventory.
View full review »We use Qualys VMDR for vulnerability management and operations, such as scanning assets to identify vulnerabilities and updating the reports for different teams.
View full review »Buyer's Guide
Qualys VMDR
June 2025

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,170 professionals have used our research since 2012.