Try our new research platform with insights from 80,000+ expert users
Qualys VMDR Logo

Qualys VMDR Reviews

Vendor: Qualys
4.2 out of 5
Badge Ranked 1
Leave a review

What is Qualys VMDR?

Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time. 

Get the Qualys VMDR Buyer's Guide and find out what your peers are saying about Qualys VMDR, Wiz, ServiceNow and more!
Qualys VMDR is the #1 ranked solution in top Risk-Based Vulnerability Management solutions, #2 ranked solution in top Configuration Management Databases, #3 ranked solution in top IT Asset Management solutions, #3 ranked solution in top Vulnerability Management solutions, and #9 ranked solution in Container Security Solutions. PeerSpot users give Qualys VMDR an average rating of 8.4 out of 10. Qualys VMDR is most commonly compared to Wiz: Qualys VMDR vs Wiz. Qualys VMDR is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 16% of all views.
Buyer's Guide
Qualys VMDR
December 2025
Get the report
Helped 880,315 peers since 2012

Featured Qualys VMDR reviews

Read more reviews

Qualys VMDR mindshare

Product category:
Vulnerability Management
As of January 2026, the mindshare of Qualys VMDR in the Vulnerability Management category stands at 5.0%, down from 9.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Vulnerability Management Market Share Distribution
ProductMarket Share (%)
Qualys VMDR5.0%
Wiz7.5%
Tenable Nessus5.2%
Other82.3%
Vulnerability Management

PeerResearch reports based on Qualys VMDR reviews

TypeTitleDate
CategoryVulnerability ManagementJan 15, 2026Download
ProductReviews, tips, and advice from real usersJan 15, 2026Download
ComparisonQualys VMDR vs WizJan 15, 2026Download
ComparisonQualys VMDR vs Tenable NessusJan 15, 2026Download
ComparisonQualys VMDR vs SentinelOne Singularity Cloud SecurityJan 15, 2026Download
Suggested products
TitleRatingMindshareRecommending
Wiz4.57.5%96%33 interviewsAdd to research
ServiceNow4.3N/A91%224 interviewsAdd to research
 
 
Key learnings from peers
Last updated Jan 11, 2026

Valuable Features

Qualys VMDR's most valuable features include the QID part of CentralList, asset view, scheduled scans, automated reporting, straightforward UI, real-time response, patch management integration, built-in threat intelligence, True Risk prioritization, global asset view, and continuous monitoring. The user-friendly design ensures easy use for beginners. It reduces vulnerability exposure time, improves compliance reporting, automates workflows, and provides a unified cloud security posture view. Users highlight efficient task division and customizable dashboards.
  • "The initial setup and onboarding process of Qualys VMDR was quite smooth, as we were able to draft the SOPs from the documentation portal itself and everything was available in the documentation, so it was not a hassle for us to get the integrations done on time."
  • "Qualys VMDR has positively impacted my organization by reducing vulnerability exposure time through faster detection and patching, and it has improved compliance reporting with accurate and up-to-date data."
  • "Qualys VMDR is easy to understand and provides detailed reports."

Room for Improvement

Qualys VMDR could enhance its support response speed, reporting efficiency, automation capabilities, and integration with third-party tools. Users report that improving the user interface, streamlining processes for managing vulnerabilities, and expanding compatibility, such as agent deployment and network scanning, would be beneficial. Enhanced false positive management, advanced features for patching, and better asset management functionalities could also add value. Reducing costs and providing better documentation are noted areas for improvement.
  • "The support has not been very responsive, and we are receiving RCAs a little delayed whenever we raise support cases or communicate with the TAMs."
  • "Qualys doesn't have its own tool to deploy the agents all at once, so we need to use third-party tools such as BigFix or something else to deploy the agents, which is my main concern and should be fixed by the Qualys team."
  • "There were some issues later with Qualys VMDR regarding security, specifically with numerous false positive reports."

ROI

Qualys VMDR provides significant cost savings in time, money, and resources, aiding in compliance and security enhancement. It facilitates efficient vulnerability management and patch processes, reducing breaches by identifying and addressing vulnerabilities promptly. Users report approximately twenty to thirty percent ROI, improved asset visibility, and decreased vulnerability footprints. Despite rising costs, the integration and time savings contribute to risk reduction, ultimately justifying the investment. Users find it valuable from both financial and operational perspectives.

Pricing

Qualys VMDR pricing is generally considered high, especially for smaller enterprises, though it is justified by its comprehensive features and scalability. Larger organizations find it more reasonable, with costs varying based on the number of IP addresses and modules used. Many users negotiate customizable pricing models, benefitting from discounts for annual subscriptions. While some users report that it offers competitive pricing relative to its capabilities, others note that additional features can significantly increase the overall cost.
  • "The solution is reasonably priced for the value it provides."
  • "We have an annual contract for Qualys VMDR. I believe it's for either two years or five years."
  • "The product is more expensive than that of any other vendor."

Popular Use Cases

Qualys VMDR is primarily utilized for vulnerability management, assisting in scanning infrastructure devices, identifying and prioritizing vulnerabilities, and patch management. Organizations leverage it for comprehensive asset detection across cloud and on-premise environments, enabling automated report generation and compliance monitoring. It supports continuous security posture monitoring, integrated patch deployments, and facilitates incident response workflows. Qualys VMDR enhances enterprise visibility by tracking devices and maintaining up-to-date system security configurations.

Service and Support

Many users find Qualys VMDR's customer service satisfactory; however, some experience slow technical support responses. While some commend the promptness and expertise, others face delays and repetitive scripting. Response times could improve, yet many find technical support helpful for troubleshooting and implementing solutions. Accessibility issues arise due to ticket escalation, which can be time-consuming. Remote sessions and email support are beneficial, although some desire more direct interaction. Overall, users see potential for progress in support experience.

Deployment

Users found Qualys VMDR's initial setup straightforward and easy, often completed in days. Clear documentation and support facilitated deployment, while cloud-based management eased maintenance. Some noted complexities, especially in integrating with larger networks or during customization. Scanning was quickly operational, typically requiring minimal personnel. While setup simplicity was lauded, challenges included a steep learning curve and integration issues. Overall, many appreciated its ease and speed relative to other tools.

Scalability

Qualys VMDR demonstrates excellent adaptability, performing effectively for enterprises with tens of thousands of assets. It is cloud-based, enabling seamless deployment across various locations. Users report it manages expansion efficiently, though scaling might impact costs. Instances of smooth operation with numerous users are frequent, and there are seldom issues with functional growth. The system accommodates significant user bases, with most acknowledging its ease in handling sizable infrastructures and variability in user needs.

Stability

Qualys VMDR demonstrates high stability with users rarely facing disruptions. Downtime is minimal and often scheduled. Stability ratings frequently reach eight to nine out of ten. Users report the platform reliably handles vulnerabilities and provides consistent performance. Occasional issues arise, but are quickly addressed. Notifications for updates and maintenance keep stability predictable. During pandemics, connectivity problems were noted, but were linked to external factors. Overall, users find Qualys VMDR a robust and dependable tool.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Qualys VMDR Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business20
Midsize Enterprise8
Large Enterprise56
By reviewers
By visitors reading reviews
Company SizeCount
Small Business576
Midsize Enterprise340
Large Enterprise1339
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
10%
Manufacturing Company
8%
Government
7%
University
5%
Healthcare Company
5%
Retailer
5%
Insurance Company
4%
Media Company
3%
Educational Organization
3%
Comms Service Provider
3%
Energy/Utilities Company
3%
Outsourcing Company
3%
Performing Arts
3%
Real Estate/Law Firm
3%
Construction Company
2%
Wholesaler/Distributor
2%
Non Profit
2%
Legal Firm
2%
Transportation Company
2%
Hospitality Company
2%
Consumer Goods Company
1%
Logistics Company
1%
Pharma/Biotech Company
1%
Recreational Facilities/Services Company
1%
Aerospace/Defense Firm
1%
Marketing Services Firm
1%

Compare Qualys VMDR with alternative products

Go!

Learn more about Qualys VMDR

Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

Qualys VMDR was previously known as Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security.

Qualys VMDR customers

Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx

Related questions

  • 18
Qualys VM vs Tenable Nessus: Comparison
  • 22
How does Tenable Nessus compare with Qualys VM?
  • 55
How does Pentera compare with Qualys VMDR?
  • 18
What are the main differences between Qualys VMDR and Tenable Nessus?
  • 58
How inadvisable is it to use a single vulnerability analysis tool?
  • 33
What are the benefits of continuous scanning for vulnerability management?
  • 31
When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
  • 26
What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
  • 226
What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
  • 104
Which is the best vulnerability scanner tool?

Product Categories

Product Categories
Vulnerability Management
IT Asset Management
Configuration Management Databases
Container Security
Risk-Based Vulnerability Management

Popular Comparisons

Popular Comparisons
Wiz vs Qualys VMDR Logo
Wiz vs Qualys VMDR
ServiceNow vs Qualys VMDR Logo
ServiceNow vs Qualys VMDR
Snyk vs Qualys VMDR Logo
Snyk vs Qualys VMDR
Microsoft Defender for Cloud vs Qualys VMDR Logo
Microsoft Defender for Cloud vs Qualys VMDR
SentinelOne Singularity Cloud Security vs Qualys VMDR Logo
SentinelOne Singularity Cloud Security vs Qualys VMDR
Prisma Cloud by Palo Alto Networks vs Qualys VMDR Logo
Prisma Cloud by Palo Alto Networks vs Qualys VMDR
Tanium vs Qualys VMDR Logo
Tanium vs Qualys VMDR
Zafran Security vs Qualys VMDR Logo
Zafran Security vs Qualys VMDR
Tenable Nessus vs Qualys VMDR Logo
Tenable Nessus vs Qualys VMDR
CrowdStrike Falcon Cloud Security vs Qualys VMDR Logo
CrowdStrike Falcon Cloud Security vs Qualys VMDR
JFrog Xray vs Qualys VMDR Logo
JFrog Xray vs Qualys VMDR
Tenable Security Center vs Qualys VMDR Logo
Tenable Security Center vs Qualys VMDR
Orca Security vs Qualys VMDR Logo
Orca Security vs Qualys VMDR
Tenable Vulnerability Management vs Qualys VMDR Logo
Tenable Vulnerability Management vs Qualys VMDR
Claroty Platform vs Qualys VMDR Logo
Claroty Platform vs Qualys VMDR
See all alternatives
 
Qualys VMDR Reviews Summary
Author infoRatingReview Summary
Soc Lead & Edr Administration at Persistent Systems4.0I use Qualys VMDR to manage vulnerabilities and coordinate remediation, appreciating its True Risk prioritization, though I've faced cloud agent issues, UI latency, and slow support responses; overall, it's effective but needs improvements in query building and stability.
Cyber Security Solution Engineer at a computer software company with 201-500 employees5.0I've used Qualys VMDR for a year to detect and remediate vulnerabilities efficiently, benefiting from its threat intelligence and patch management, though agent deployment for over 1,000 assets needs improvement. Overall, it's been impactful and reliable.
Works at a comms service provider with 1-10 employees4.5We use Qualys VMDR for daily vulnerability management, benefiting from its user-friendly interface and accurate results. The tool’s integration and prioritization features enhance our remediation efforts, though the UI needs some improvement. Switching from Nessus and Rapid7, Qualys offers better pricing.
JMS, RPSG Ventures Limited at RP Sanjiv Goenka Group4.0I find Qualys VMDR valuable for server vulnerability and patch management due to its user-friendly design and detailed reporting. However, I experienced issues with false positive reports and switched solutions, possibly due to pricing decisions by management.
Information Security Analyst at a tech services company with 51-200 employees4.0No summary available
System Admin at a tech services company with 10,001+ employees4.5We used Qualys VMDR to monitor vulnerabilities in our systems, finding its user-friendly interface valuable for report generation and teamwork. While it lacks automated patching without an additional module, it significantly improved our efficiency compared to OpenVAS.
Works at a tech consulting company with 10,001+ employees4.5I use Qualys VMDR for vulnerability management due to its clarity and customizability, offering value by tracking unused assets. It could improve with quicker issue resolution, user-friendly query options, and enhanced EDR features.
Sr. Vice President Group Security at a financial services firm with 10,001+ employees4.0I primarily use Qualys VMDR for vulnerability management due to its ease of use, excellent reporting, integration capabilities, and efficient scanning. Although infrastructure scanning is strong, application security needs improvement. It's superior to competitors like Rapid7 and Nessus.