IT Central Station is now PeerSpot: Here's why
Global Infrastructure Architect at a energy/utilities company with 5,001-10,000 employees
Real User
Top 20
Good technical support that is always there when you need them, but the prioritization of vulnerabilities needs to be improved
Pros and Cons
  • "Technical support is great and we've never really had a problem."
  • "We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."

What is our primary use case?

We are currently using Qualys for vulnerability detection, as part of our security solution. We're moving towards Defender ATP because I am looking more at the Operational Technology (OT) side of things than I am at the Information Technology (IT) side.

What is most valuable?

What I like best about this product is that it does what it is supposed to do, which is vulnerability scanning.

What needs improvement?

We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at. In general, I would like to see some better analytics and prioritization of vulnerabilities.

For how long have I used the solution?

We have been working with Qualys VM for three years.
Buyer's Guide
Qualys VM
June 2022
Learn what your peers think about Qualys VM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,229 professionals have used our research since 2012.

What do I think about the stability of the solution?

Qualys VM is a stable solution.

What do I think about the scalability of the solution?

This is a stable product.

How are customer service and support?

Technical support is great and we've never really had a problem. They're always there if we need them.

Which solution did I use previously and why did I switch?

We did not work with another similar solution prior to Qualys.

How was the initial setup?

The initial setup is straightforward. Our setup involved some on-premises deployments but ultimately, it uses the cloud.

What's my experience with pricing, setup cost, and licensing?

They have recently changed the pricing model, which is now better than it was before.

Which other solutions did I evaluate?

Right now, we don't have anything in our OT environment, and this is what I am particularly interested in. I am currently having discussions about new solutions with Qualys, Tenable, and Forescout.

What other advice do I have?

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager, Info Security Planning & Architecture at a comms service provider with 10,001+ employees
Real User
A great help to improve and maintain security
Pros and Cons
  • "The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
  • "Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."

What is our primary use case?

I mainly use Qualys VM for vulnerability management to carry out vulnerability scans on IT assets to find out which are vulnerable and what is needed to patch them. We also use it for policy compliance scans and in tablet for web application scans.

How has it helped my organization?

Qualys VM has greatly helped us to improve and maintain our posture of security.

What is most valuable?

The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning.

What needs improvement?

Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once. I think cloud-based solutions like Qualys VM should be prepared to throw more resources in to ensure they don't get overwhelmed like this.

For how long have I used the solution?

I've been using Qualys VM for about six years.

What do I think about the stability of the solution?

The stability and performance have been fine.

What do I think about the scalability of the solution?

Qualys VM is very easy to scale - that's one of the benefits of cloud-based solutions.

How are customer service and support?

Qualys' technical support is very responsive.

How was the initial setup?

Qualys VM is straightforward to set up.

What about the implementation team?

The deployment was done in-house.

What other advice do I have?

I would advise anybody looking into using Qualys to go online to also check on Gartner and Forrester. From a planning perspective, you need to look at your estate to determine what kind of tool you need. I would rate Qualys VM eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Qualys VM
June 2022
Learn what your peers think about Qualys VM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,229 professionals have used our research since 2012.
Senior Consultant at a tech services company with 11-50 employees
Consultant
Connects threat intelligence information with identified vulnerabilities, so you can prioritize vulnerabilities according to actual attacks
Pros and Cons
  • "The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks."
  • "Some of the older features could be polished instead of focusing on releasing new features."

What is our primary use case?

I primarily use Qualys VM for vulnerability management, security configuration, and management and asset inventory.

What is most valuable?

The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks.

What needs improvement?

Some of the older features could be polished instead of focusing on releasing new features.

For how long have I used the solution?

I've been using Qualys VM for around eighteen years.

What do I think about the stability of the solution?

We've had no problems with stability.

What do I think about the scalability of the solution?

Qualys VM is quite easy to scale, and you can cover a large number of instances.

How are customer service and support?

The technical support is pretty good, though sometimes the response time could be better.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is quite simple.

What's my experience with pricing, setup cost, and licensing?

Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers. With the SaaS version, you're buying a license for use per asset, so the price can differ, and there are additional fees for features like patch management and EDR policy compliance.

Which other solutions did I evaluate?

We also tested Tenable and Rapid7.

What other advice do I have?

I would rate Qualys VM as nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Senior Manager Network Design at a tech services company with 501-1,000 employees
Real User
Top 5Leaderboard
Versatile features, highly scalable, and beneficial reports
Pros and Cons
  • "The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe. It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment"
  • "Qualys VM could improve by having more skilled support personnel."

What is our primary use case?

We use bother on-premise and cloud deployments of Qualys VM. For my clients in the cloud, we use a cloud solution, which is a bring your own license model. Additionally, We have our own deployment of Qualys VM.

We are using Qualys VM to provide a VM service.

What is most valuable?

The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe.  It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment

For how long have I used the solution?

I have been using Qualys VM for approximately five years.

What do I think about the stability of the solution?

Qualys VM is a highly stable solution.

How are customer service and support?

Qualys VM could improve by having more skilled support personnel.

How was the initial setup?

The initial setup of Qualys VM is straightforward. The full implementation took us approximately one day.

What about the implementation team?

We have approximately 100 people who are part of our technical team. We did the implementation of this solution.

What's my experience with pricing, setup cost, and licensing?

There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price.

What other advice do I have?

I would recommend this solution to others.

I rate Qualys VM a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Omar ORta - PeerSpot reviewer
Director Transformación Digital at oesia
Real User
Top 20
A feature-rich, complete product, and the multilingual technical support is good
Pros and Cons
  • "I like Qualys because it is a very complete product, more so than Tenable."

    What is our primary use case?

    We use this product for vulnerability management.

    What is most valuable?

    I like Qualys because it is a very complete product, more so than Tenable. It has vast capabilities.

    For how long have I used the solution?

    We have been working with Qualys VM for a very short time, perhaps six months.

    What do I think about the stability of the solution?

    This is a stable solution.

    What do I think about the scalability of the solution?

    Scalability-wise, this is a good product.

    How are customer service and technical support?

    The technical support is very good and they have it both in Spanish and English.

    Which solution did I use previously and why did I switch?

    We are also working with Tenable SC. Qualys is both more complete and for us, better in terms of pricing.

    How was the initial setup?

    For a beginning, the initial setup is complex. You have to have some knowledge for setting it up and using it.

    What's my experience with pricing, setup cost, and licensing?

    The price of Qualys for us is better than Tenable, although that is only because we are partners. The retail price of Qualys is higher than that of tenable. The pricing and licensing for Qualys could be improved.

    What other advice do I have?

    Overall, this is a good product and I recommend it, mainly because of the capabilities and the management using a single console. I can even create a calendar for activities from the main screen.

    I would rate this solution a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
    Real User
    Top 5Leaderboard
    The reporting and GUI need improvement but it's reliable
    Pros and Cons
    • "Qualys VM is very stable."
    • "The reporting and the GUI need improvements."

    What is our primary use case?

    It was responsible for vulnerability scanning. It enforces vulnerability management websites.

    What needs improvement?

    The reporting and the GUI need improvements. Tenable dominated in these two areas: reporting and graphical user interface.

    For how long have I used the solution?

    Qualys VM was used once for one of our customers.

    We were using the latest version.

    What do I think about the stability of the solution?

    Qualys VM is very stable.

    What do I think about the scalability of the solution?

    I didn't have all of the necessary information regarding the scalability or how to scale this solution, but all vulnerability management solutions have the same idea. 

    I believe that it is easy to scale.

    How are customer service and support?

    I did not contact technical support.

    Which solution did I use previously and why did I switch?

    I have also used Rapid7, which is very similar to Qualys VM.

    Scaling is more difficult with Rapid7. When it comes to scaling, Rapid7 is not my first choice.

    How was the initial setup?

    I did not implement this solution, I performed one scan for our client.

    What other advice do I have?

    We have regulations in place in Saudi Arabia and Egypt that require all vulnerability management solutions to be implemented on-premise.

    I would recommend this solution to others but Tenable is my preferred option.

    I would rate Qualys VM a five out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Consultant at a tech services company with 11-50 employees
    Reseller
    Provides excellent security for scanning, flexible with good integration

    What is our primary use case?

    We are consultants and resellers of Qualys VM. 

    What is most valuable?

    I like the solution's web application security for scanning, the solution is flexible with good integration. 

    What needs improvement?

    I'd like to see additional security for the app. The product lacks integrations for third party solutions or automation integration for other tools.

    For how long have I used the solution?

    I've been using this solution for six months. 

    What do I think about the stability of the solution?

    The product is 100% stable. There are five users in the company who deal with operations and security analysis. There are four people in the company who deploy and provide support.

    How are customer service and technical support?

    I've never used the technical support. Documentation is simple and complete. 

    Which solution did I use previously and why did I switch?

    I've previously worked with Tenable IO and Rapid 7. We switched because of Qualys's web application feature.

    How was the initial setup?

    The initial setup is straightforward. Initial deployment takes between two and four hours. We did it ourselves. 

    What other advice do I have?

    I would recommend this solution. 

    I would rate this solution a 10 out of 10. 

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Microsoft Azure
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    Technical Architect at a outsourcing company with 1,001-5,000 employees
    Real User
    Great vulnerability management but doesn't pick up every vulnerability
    Pros and Cons
    • "Qualys VM's best feature is vulnerability management."
    • "Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."

    What is most valuable?

    Qualys VM's best feature is vulnerability management.

    What needs improvement?

    Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap. Their reporting could also be more user-friendly. In the next release, I would like Qualys to include basic policy and compliance checks in the basic licensing. 

    For how long have I used the solution?

    I've been using Qualys VM for almost two years.

    What do I think about the stability of the solution?

    Qualys VM is quite stable - we've had no problems with it.

    What do I think about the scalability of the solution?

    Qualys VM's scalability depends on the license that you use.

    Which solution did I use previously and why did I switch?

    Previously we used Nessus, but only Qualys does intrusive scanning.

    What about the implementation team?

    We used an in-house team.

    What's my experience with pricing, setup cost, and licensing?

    An annual license for a single scanner costs around $3,000.

    What other advice do I have?

    Qualys VM is a really good tool for vulnerability scanning, and it has different sets of profiles that can be utilized for your own requirements. I would rate Qualys VM as seven out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Buyer's Guide
    Download our free Qualys VM Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2022
    Product Categories
    Vulnerability Management
    Buyer's Guide
    Download our free Qualys VM Report and get advice and tips from experienced pros sharing their opinions.