Try our new research platform with insights from 80,000+ expert users

Qualys VMDR Primary Use Case

Ankesh Raj - PeerSpot reviewer
Information Security Analyst at a tech services company with 51-200 employees

We mostly use Qualys VMDR for vulnerability management and compliance practices. Every week, my team and I run automated scans that are scheduled, and we share whatever vulnerabilities are found with the infrastructure team to remediate them.

View full review »
Shubhajit Saha - PeerSpot reviewer
System Admin at a tech services company with 10,001+ employees

The primary use case of Qualys VMDR was to monitor around two hundred users, servers, and VMs weekly. We needed to ensure that all vulnerabilities were tracked and addressed. Our users were mainly developers using various applications, and we needed to ensure compliance with client requirements. The goal was to keep our systems up-to-date and secure.

View full review »
reviewer2588394 - PeerSpot reviewer
Works at a comms service provider with 1-10 employees

We use Qualys VMDR for daily vulnerability management, scanning vulnerabilities, identifying vulnerabilities, reporting, creating dashboards, and the whole vulnerability management process. We also use it for patch management.

View full review »
Buyer's Guide
Qualys VMDR
June 2025
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,390 professionals have used our research since 2012.
LG
Works at a tech consulting company with 10,001+ employees

We have multiple modules, including Qualys VMDR solution and Qualys TotalCloud solution. We use them in our organization, like VMDR, for vulnerability management, detection, and response, as well as policy compliance to amend policies according to CIA benchmarks and other frameworks. 

We also use the web application module and the Qualys Gateway module to ensure that scanner appliances are functioning properly. These modules allow us to check various scenarios and initiate scans, either on-demand or as per a scheduled plan.

My primary work is with VMDR module. In my previous organization, I worked with TotalCloud, but right now, I am focused only on VMDR and other modules.

View full review »
MohitGupta2 - PeerSpot reviewer
Sr. Vice President Group Security at a financial services firm with 10,001+ employees

It's primarily for vulnerability management. We use VMDR to deploy the cloud agents and scanners in our environment to cover everything holistically. We also use it for service integration so that vulnerabilities can be tracked through there. So, it's more or less vulnerability management.

View full review »
Venkata Kalla - PeerSpot reviewer
Information & security engineer at Infosys

We use continuous monitoring to schedule scans for all the applications in our organization. We create a parent tag and sub-tags for each application and schedule scans based on our requirements, such as every alternate day, weekly, or monthly. This helps us identify vulnerabilities in the web applications, especially those that are public-facing.

View full review »
VIKAS KUMAR YADAV - PeerSpot reviewer
Solutions Architect at a consultancy with 10,001+ employees

I am working for an IT firm where I use Qualys VMDR for my clients. I specifically use it for vulnerability detection and vulnerability remediation as part of our vulnerability assessment team. We scan all the assets for vulnerabilities, both servers and client-side, and then share the vulnerability reports with the relevant teams for remediation planning.

View full review »
Harold Jensen - PeerSpot reviewer
Senior Cybersecurity Engineer at 3M Health Information Systems

We are managing hundreds of AWS and several on-premises accounts using Qualys agents and scanners to provide data inputs for Qualys. We are using several of the Qualys modules, VMDR, Cloud Agents, Connectors along with Global Asset View (GAV).  GAV dynamic tagging is valuable for tracking owners of assets.   

Qualys' main function is to provide us with vulnerability management information for our end users and is a major input to our CMDB.  We rely on a combination of agents and scans to provide us with the system data.   

View full review »
PratikDesai - PeerSpot reviewer
Senior Global IT Security Specialist at a manufacturing company with 1,001-5,000 employees

The primary focus of this solution is to identify and detect vulnerabilities in real time and use that information to patch them using Qualys VMDR task management module. We have a variety of devices within our network, including network devices, firewalls, vCenters, VMs, web applications, and endpoints. We deploy cloud agents on workstations and servers where possible, and we scan network devices using a virtual scanner where we cannot deploy the cloud agent. Additionally, we perform web application scanning for our web apps. We also use the tool to manage our cloud security and container security.

View full review »
Vikram Chakravarthy - PeerSpot reviewer
T&S Specialist - Investigation and Prevention at Amazon

Qualys VMDR is used as a vulnerability management tool. We have more than a thousand users in our company, and we have integrated Qualys with their machines to help update software and measure known or unknown risks, prioritize them, and patch the devices. We monitor and mitigate alerts, and we find vulnerabilities in specific machines or systems, which we then address.

View full review »
RN
JMS, RPSG Ventures Limited at RP Sanjiv Goenka Group

My main use cases for Qualys VMDR are for server vulnerability and missing patches.

View full review »
reviewer2388546 - PeerSpot reviewer
Server Services Operation Head at a logistics company with 10,001+ employees

Our primary use case of the product is comprehensive vulnerability management and asset inventory across a hybrid environment consisting of both cloud and on-premises deployments. We manage approximately 45,000 endpoints spread across multiple geographical locations.

View full review »
SV
IT Team Lead at a consultancy with 10,001+ employees

The primary use case for Qualys VMDR is for infrastructure vulnerability management. It assists devices, including all infrastructure devices like serverless network devices and development environments.

View full review »
KiranReddy - PeerSpot reviewer
Head of IT at a manufacturing company with 10,001+ employees

We use the product for enterprise network infrastructure scanning.

View full review »
reviewer2561502 - PeerSpot reviewer
Senior Application Security Engineer at a real estate/law firm with 501-1,000 employees

We use Qualys VMDR to scan our public websites and products, anywhere that is publicly available. We deploy it through Qualys's cloud scanner.

View full review »
Ruan Kotze - PeerSpot reviewer
Head: Cloud Platform Security at BCX Namibia

Our use cases are primarily on-premises vulnerability management and remediation, external attack surface management and vulnerability scanning.

View full review »
Nabhanyu Halgeri - PeerSpot reviewer
Cyber Security Specialist at a tech services company with 51-200 employees

The use cases would be for scanning purposes, for identifying assets, identifying and viewing assets, and setting up scan schedules. I use it primarily as a vulnerability management and scanning tool.

View full review »
reviewer2592618 - PeerSpot reviewer
Security Engineer at a consultancy with 10,001+ employees

We use it for vulnerability management and report generation mostly. I am trying to solve the issue wherein the stakeholders can get automated vulnerability reports to their mailbox.

View full review »
Koketso Ditlhage - PeerSpot reviewer
Information Communication Technology Specialist at UNIVERSITY OF JOHANNESBURG

I primarily use Qualys VMDR for daily scans, onboarding assets, scanning, reporting, and managing the entire vulnerability management process, including test management.

View full review »
reviewer2019471 - PeerSpot reviewer
Security Expert at a insurance company with 10,001+ employees

Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the network scan to discover the devices on our network.

View full review »
Venugopal Potumudi - PeerSpot reviewer
Senior Consultant at Tata Consultancy

Qualys has many products. However, the prominent one is for scanning the vulnerabilities on endpoints, including servers and desktops. The other can be for using multiple other products, like taking the certificate, inventory, and software inventory of endpoints through scanning. 

Additionally, we use the solution for web application scanning. When they have web applications, they can scan applications for various vulnerabilities and give recommendations.

View full review »
reviewer1324734 - PeerSpot reviewer
Information Security Manager at a outsourcing company with 51-200 employees

We do vulnerability management mostly with the agents and sometimes with the scanner.

We use it to install for around 20 or 30 clients right now so that we can remotely monitor their vulnerability status and help them improve their patch management processes. When certain critical things come up, we help clients with the Log4J, identifying where they need to remediate some of the super trendy critical things that come out and identifying end-of-life operating systems and software that need to be updated.

View full review »
LUKEMONYUSSUF - PeerSpot reviewer
Information Technology Security Analyst at Culina Group Limited

Using the solution, I go through the reports and advise my organization on what needs to be done and how to go about it.


View full review »
JoaoManso - PeerSpot reviewer
CIO / IT Consultant at RedShift

We use this solution to manage compliance and to verify the gap between the policy defined by the company and the ones that are implemented in the system. We also use Qualys for vulnerability management of assets in the cloud or on-prem. 

View full review »
DJ
0

In our DLP operations, we use the tool to address stability issues and implement fixes suggested by it. This helps manage risk levels and decide whether to fix issues or implement workarounds.

View full review »
Edward Manuel - PeerSpot reviewer
Risk & Security Admin at Goodyear Tire & Rubber Company

We use the solution for vulnerability management.

View full review »
AZ
Assistant Manager Solutions at Mutex Systems Pvt. Ltd.

We're using the entire suite except for Patch Management. I use Qualys VM for my production environment on Amazon AWS. I also use it for my endpoints and some BDI solutions that require on-premise solutions, and I use it for both.

View full review »
reviewer2004561 - PeerSpot reviewer
Security Specialist at a financial services firm with 1,001-5,000 employees

Qualys VM is used for vulnerability scanning.

View full review »
Minh-Do - PeerSpot reviewer
Product Manager (Journey Expert) - ANZ Deposits at Anz

I primarily use Qualys VM to manage vulnerability tickets.

View full review »
reviewer1708782 - PeerSpot reviewer
Senior Security Consultant at a tech services company with 10,001+ employees

Qualys' main function is to scan IT systems. It does the scanning of computer systems.

View full review »
JT
Former Employee of Orange Business Services as Head of Security Engineering at a comms service provider with 5,001-10,000 employees

We use the solution for vulnerability management. It helps us identify potentially vulnerable assets. Thus, we can prioritize patching based on a risk score.

View full review »
PranjalGargava - PeerSpot reviewer
Cyber Security Engineer at a transportation company with 5,001-10,000 employees

We use the solution for vulnerability and policy scan. 

View full review »
Swami Govindan - PeerSpot reviewer
Security Architect at a tech vendor with 5,001-10,000 employees

This is a virtual scanner appliance. We have both physical and virtual options. 

I'm still in training and getting the hang of the solution. I do not know what features the company uses the most. They generally use it to scan all the AWS workloads and Azure workloads.

View full review »
Gabriel Clement - PeerSpot reviewer
Lead IT Security and Remediation at ARM Holdings Company

We use this solution to scan the servers on the network. It is used predominantly by our information security team.

View full review »
Jan Vobruba - PeerSpot reviewer
Infrastructure Security Consultant at ANECT

Our customers use Qualys for vulnerability management, it's a way for them to discover the kinds of vulnerabilities they have on their systems. We are a partner with Qualys and I'm an infrastructure security consultant. We currently have 20 clients using Qualys. 

View full review »
AL
Sr Security Engineer at a tech services company with 10,001+ employees

I use Qualys VM for vulnerability scanning, enterprise management, web application scanning, and patch deployment.

View full review »
reviewer1675638 - PeerSpot reviewer
Cyber Security Director at a manufacturing company with 5,001-10,000 employees

We primarily use the solution for full enterprise visibility from both an asset detection perspective and vulnerability detection perspective. Basically, we are tracking all the devices over agents, including PCs and servers, et cetera. 

We are able to understand what our current situation is on the devices. At the second stage, we are able to catch the devices which do not have agents or which are not in the inventory, with on-premise scanners. 

We are running security configuration hardening assessments or compliance with CIA security benchmarks. 

In addition to that, we are also utilizing the cloud assessment solution of the Qualys, to ensure compliance with CIA security standards. For example, the Amazon cloud platform is configured compliantly with the CIA security benchmark. These are the four pillars utilized.

View full review »
reviewer2201862 - PeerSpot reviewer
Information Security Engineer at a university with 1,001-5,000 employees

Qualys VMDR is a vulnerability management and detection response tool. It belongs to the first generation of vulnerability assessment tools. It enables us to manually identify vulnerable keys and fix them. It is built as a cutting-edge continuous platform where we can detect and protect. With this product, we can respond to specific vulnerabilities, going beyond just using artificial intelligence features. We have implemented VMDR across our cloud, physical interfaces, endpoints, and log servers. It's a good digital product for our organization.

View full review »
Dharmendra Kr. Chauhan - PeerSpot reviewer
Manager|Cloud Security & Solution Architect| CloudOps|AppSec | DevSecOps | DevOps | CapOps | FinOps at Wipro

We use this solution mainly for vulnerability management.

View full review »
Tim Cranny - PeerSpot reviewer
Principal at Cranny Group

It is a SaaS solution with agents distributed at endpoints.

View full review »
reviewer1145985 - PeerSpot reviewer
Manager, Info Security Planning & Architecture at a comms service provider with 10,001+ employees

I mainly use Qualys VM for vulnerability management to carry out vulnerability scans on IT assets to find out which are vulnerable and what is needed to patch them. We also use it for policy compliance scans and in tablet for web application scans.

View full review »
AH
Senior Manager Network Design at MEEZA, Managed IT Services Provider

We use bother on-premise and cloud deployments of Qualys VM. For my clients in the cloud, we use a cloud solution, which is a bring your own license model. Additionally, We have our own deployment of Qualys VM.

We are using Qualys VM to provide a VM service.

View full review »
Renato Jager - PeerSpot reviewer
CIO at Oakmount

We use Qualys Virtual Scanner Appliance for the big scan. 

View full review »
reviewer1636329 - PeerSpot reviewer
Senior Vice President | Information Security at a financial services firm with 1,001-5,000 employees

I used this solution for one of my clients and the primary use case was for the compliance mode and scanning. We are customers of Qualys and I am senior vice president information security.

View full review »
NS
Lead Cyber Security engineer at a manufacturing company with 10,001+ employees

We use Qualys Asset Inventory for doing infrastructure level scans or server inventory, or saving the server database or asset database.

View full review »
reviewer1248798 - PeerSpot reviewer
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

We are using Qualys VM, as our scanner tool. We also use it for Application Security and Policy Compliance.

We use it for the identification of vulnerabilities for all of our devices on the network. This includes Windows workstations, servers, and Linux machines. We also use it for cloud, and external use as well.

View full review »
reviewer1460919 - PeerSpot reviewer
Global Infrastructure Architect at a energy/utilities company with 5,001-10,000 employees

We are currently using Qualys for vulnerability detection, as part of our security solution. We're moving towards Defender ATP because I am looking more at the Operational Technology (OT) side of things than I am at the Information Technology (IT) side.

View full review »
reviewer1421982 - PeerSpot reviewer
AVP - Information Security at a financial services firm with 10,001+ employees

We're primarily using the solution for vulnerability assessment of internal server as well as the external server.

View full review »
Anusha Sadasivani - PeerSpot reviewer
Enterprise Security Architect at a energy/utilities company with 10,001+ employees

The primary use cases of this solution are as a scanner. We use it with Azure and AWS. For on-premises, we use physical scanners all over the globe. We have deployed our external scanners in approximately 70 regions.

View full review »
Absar Shaik - PeerSpot reviewer
DevOps Engineer at a financial services firm with 501-1,000 employees

Qualys Container Security scans similar to a runtime container and it scans the entire cluster.

View full review »
reviewer1820922 - PeerSpot reviewer
President and CEO at a non-profit with 11-50 employees

I mainly use Qualys VM for CSAM, to complement vulnerability management on our assets, and to check for intrusions through our email gateways.

View full review »
reviewer1258674 - PeerSpot reviewer
Director for global support at a tech vendor with 1,001-5,000 employees

It is for vulnerability management. I used it in my previous company, and I also used it for my home network.

It is a SaaS platform. So, there is always the latest version.

View full review »
Mahmoud Elhamaymy - PeerSpot reviewer
Professional services team lead at a tech services company with 1,001-5,000 employees

It was responsible for vulnerability scanning. It enforces vulnerability management websites.

View full review »
reviewer1500162 - PeerSpot reviewer
Chief Information Officer/Senior Vice President at a tech services company with 51-200 employees

It's used for vulnerability assessments, assessment of IT equipment, PCs, servers. It's supposed to help prioritize which security patches need to be deployed on that equipment.

View full review »
OO
Director Transformación Digital at oesia

We use this product for vulnerability management.

View full review »
HH
Network and security Pre-sales Engineer at a tech services company with 51-200 employees

We are a system integrator. We implement Qualys for our customers for vulnerability management and policy compliance. We are not using Qualys as a product in our company. We have public, private, and hybrid cloud as well as on-premises deployments.

View full review »
it_user1189266 - PeerSpot reviewer
Consultant at a tech services company with 11-50 employees

We are consultants and resellers of Qualys VM. 

View full review »
reviewer1342815 - PeerSpot reviewer
Consultant at a media company with 51-200 employees

I use Qualys to review the validity of legacy applications, infrastructure, and simple data operating systems.

View full review »
reviewer1307133 - PeerSpot reviewer
IT Consultant Supervisor at a financial services firm with 5,001-10,000 employees

We use Qualys to check the status of our security posture.

View full review »
reviewer1228836 - PeerSpot reviewer
Solutions Architect at a tech services company with 10,001+ employees

We are a solution provider and this is one of the products that we implement for our clients. We do a lot of work with containers. With respect to containerization, security is important for us and we regularly check the market to see what solutions are available in these areas.

This solution is primarily used for container security and compliance. Moving into any environment, in particular, one that is cloud-based, our clients want to make sure that things are okay from a compliance perspective. We generate reports and they can see whether there are any violations. If they see violations or security breaches during the audit then they have to be addressed.

View full review »
reviewer1248798 - PeerSpot reviewer
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

Our primary uses for this solution are security vulnerability detection and policy compliance.

View full review »
PK
Technology Security Expert at T-Mobile Polska (Deutsche Telekom)

Our primary use case is vulnerability assessment.

View full review »
Dr. SureshHungenahally - PeerSpot reviewer
Chief Executive Officer at a consultancy with 1-10 employees

The primary use for the solution is vulnerability management.

View full review »
it_user1017003 - PeerSpot reviewer
Information Technology Analyst at Tata Consultancy Services

Datacenters which are in different locations.

View full review »
it_user1004325 - PeerSpot reviewer
Works at Tata Consultancy Services

The primary use case is using this as the infrastructure scanner for an enterprise vulnerability programme in a customer organization.

View full review »
Reviewer214 - PeerSpot reviewer
Senior Information Security Engineer at a financial services firm with 501-1,000 employees

It mainly scans the model against all of our online websites.

View full review »
MW
Information Security Specialist at a manufacturing company with 10,001+ employees

My primary use case is to actually fill out forms, ensure that they are being closed in a timely manner. This is why we use these one point solutions.

View full review »
SS
Information Security Engineer at a tech services company with 1,001-5,000 employees

My primary use case is for the web application scans of websites. I also made some new search profiles and other scanning profiles.

View full review »
RR
Senior Vulnerability Analyst at a comms service provider with 10,001+ employees

It improves the continuous monitoring of the systems on-premises.

View full review »
it_user875820 - PeerSpot reviewer
Junior Information Security Analyst at Visma

Our primary use case is to manage vulnerabilities, scan web applications, and report assets throughout the network. Also, we create reports based on this data. 

View full review »
reviewer1399569 - PeerSpot reviewer
Senior Consultant at a tech services company with 11-50 employees

I primarily use Qualys VM for vulnerability management, security configuration, and management and asset inventory.

View full review »
reviewer2564316 - PeerSpot reviewer
System Engineer at a financial services firm with 1-10 employees

We use Qualys VMDR for vulnerability management and operations, such as scanning assets to identify vulnerabilities and updating the reports for different teams.

View full review »
Buyer's Guide
Qualys VMDR
June 2025
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,390 professionals have used our research since 2012.