Qualys VMDR Reviews

The primary use cases of this solution are as a scanner. We use it with Azure and AWS. For on-premises, we use physical scanners all over the globe. We have deployed our external scanners in approximately 70 regions.

What I like about Qualys VM is the dashboard presentation. It's very good.

The reporting capability and executive reporting are very good.

Customer support needs to be improved because it was not to our SLA standards.

Suddenly, the scan engine will go down. We don't know what the reason is, or how it goes down. Because of that, the business is impacted.

I had a look at the PCI reports  (policy compliance reports) and I have heard that most memberships have been taken by Azure, although I was not aware of that. I would like to see more documentation or awareness.

I have worked with Qualys VM for the last two years.

This solution is stable.

The scalability is good.

The customer support is very bad. When we submit a ticket, we do not get a response immediately.

Previously, I have used Rapid 7 Nexpose. They are similar solutions although what Qualys is providing, it provides well but requires less. Qualys reporting is better.

Nexpose has upgraded too, and now their reporting is also very good.

The initial setup was straightforward and we didn't have any issues with it.

If you are comparing Nexpose and Qualys, I would prefer Qualys. The UI is good and whatever reports you are getting, are very clear. If you present it to management, the reports are good. They require an executive report that highlights the vulnerability and how many servers are affected. You can customize it also.

Nexpose is coming out with new features, but Qualys has already implemented them.

I would rate this solution an eight out of ten.

Qualys Container Security scans similar to a runtime container and it scans the entire cluster.

The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities.

Qualys Container Security can improve the interface. It could be easier to navigate and be enriched.

In a future release, it would be beneficial if the network and port policies we provided with some kind of automation AML script files. Having configuration files related to Kubernetes environments would be helpful.

I have been using one year.

Qualys Container Security is stable.

The scalability of Qualys Container Security is good.

I have used the support from Qualys Container Security and they could improve their knowledge.

I rate the support from Qualys Container Security a two out of five.

Neutral

I have not used another similar solution prior to Qualys Container Security.

The initial setup of Qualys Container Security is complex. The documentation could improve.

I rate the initial setup of Qualys Container Security a three out of five.

I rate Qualys Container Security a six out of ten.

I mainly use Qualys VM for CSAM, to complement vulnerability management on our assets, and to check for intrusions through our email gateways.

Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an intrusion. It also provides a view of inventories and vulnerabilities in the containers running on my infrastructure, which helps me to do better roadmapping on where I need to put my resources.

Qualys VM's best features are its machine-learning-backed intelligence, real-time inventory of vulnerabilities, backup, threat intelligence exposure database, and that it doesn't hold on to infrastructure resources like memory.

Qualys VM's machine learning and artificial intelligence features could be improved.

I've been using Qualys VM for over a year.

I've had no issues with Qualys VM's stability.

Qualys VM is scalable.

Qualys has an impeccable, readily available technical support team.

Positive

The initial setup is very simple - it's just a deploy-and-run.

Qualys VM is reasonably priced.

I would rate Qualys VM as nine out of ten.

We use this solution mainly for vulnerability management.

Qualys is a well-known name in the market and we use it for different scenarios. We also like the flexibility in their licensing.

The IoT scan is not great and we would like to see some improvements to it.

We have been using this solution for over three years.

It is a stable solution.

It is a scalable solution. We use the test version.

I rate the technical support an eight out of ten. They have really good support.

Positive

I rate the initial setup a nine out of ten. It was very good and easy. 

It has a competitive price. I rate the pricing an eight out of ten.

I rate this solution a ten out of ten. Compared to other solutions, brand awareness and Azure integration are the strong points of Qualys VM. We would like to have some predefined parameters for the setup in regards to security and vulnerability, and how to maximize it. For example, we want scans and management with some predefined parameters that we need to have in the environment prior to deployment and initial setup.

The integrations for this solution are very good. I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product.

Qualys does have an on-prem solution, but it is very expensive. 

I have used this solution for six months. 

I would rate this solution a nine out of ten. 

Qualys VM had a recent upgrade and the newer version is supporting the cloud.

The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions.

I have been using Qualys VM for approximately 10 years.

Qualys VM is highly scalable.

The technical support was very good from Qualys VM.

Qualys VM helps to identify the vulnerabilities on a timely basis. It helps the companies to upgrade their networks and apply patches. In the latest version, it has added the patching capability, it's very useful.

My advice to others is this is one of the top solutions in its category. However, they can evaluate many solutions to see for themselves. 

I would recommend this solution to others to implement it in their network.

I rate Qualys VM an eight out of ten

It is for vulnerability management. I used it in my previous company, and I also used it for my home network.

It is a SaaS platform. So, there is always the latest version.

The vulnerability management feature is what I used the most. It is a good SaaS product. It is easy to use. It has a nice UI where you can see all the assets and vulnerabilities.

Certain integration factors between different options could be improved.

I worked with this solution for two years. 

Its stability and performance are good.

People use it for hundreds and thousands of assets, so it is definitely scalable.

I used to run technical support there. So, I didn't need to go for support.

It is easy and straightforward to set it up. It takes 5 to 10 minutes to set up a new asset.

I used to work there, so I never paid for the product. As an employee, we get a lifetime license for personal use, and that's what I'm using.

It is a comprehensive platform, so there is a lot more to it. There could be other solutions that are probably a little bit cheaper, but it depends on what people need. Different people have different needs. It offers many things on the same platform. If you add all the things up, it should be cheaper, but I have not done any analysis specifically.

It is a good product. I would recommend it to others. It had whatever I needed for my personal use case. There are a lot of features that I have not explored. Some of the features are applicable for corporate networks, and they can't be used for personal use cases.

I would rate it a nine out of 10.

I used this solution for one of my clients and the primary use case was for the compliance mode and scanning. We are customers of Qualys and I am senior vice president information security.

I found the solution quite intuitive and easy going. I have worked with other similar tools and found this simple to use. 

I felt hindered sometimes within reports in that they were lacking somewhat on the customization side in terms of making use of the data. The cloud user interface could be a little more responsive. It was a click and then a wait. 

I used this solution recently for about five months. 

There were a couple of small bugs but the solution was stable. 

I would recommend this solution and rate it a nine out of 10.