Vicarius vRx Reviews

As a managed service provider, we offer a compliance package that includes Vicarius vRx. This comprehensive solution addresses PCI and HIPAA requirements, fulfills cybersecurity insurance needs, and tackles node vulnerabilities through scanning and patching. By bundling Vicarius vRx with other tools, we answer the compliance questions.

Vicarius vRx stood out because it combines vulnerability discovery, prioritization, and remediation into one platform. Unlike other scan-only options, vRx automates much of the work, which is crucial for our small two-person company that wouldn't have the resources to manually address everything a traditional scan uncovers.

While Vicarius vRx hasn't directly prevented security incidents for our well-maintained environment, it allows us to confidently answer "yes" to client security questionnaires regarding vulnerability monitoring and remediation, a valuable asset for companies needing to comply with regulations like PCI and HIPAA.

Vicarius vRx significantly improved our mean time to remediate vulnerabilities. Automation handles most tasks, freeing me up to focus on the bigger picture. While some manual review remains necessary, vRx allows me to patch applications like Adobe across all clients and organizations at once, instead of individually selecting computers or companies.

Vicarius vRx's value lies in preventative security. Like a securely locked house, it might seem uneventful because there are no break-in attempts, but that doesn't negate its effectiveness. Just as leaving your door open invites trouble, unaddressed vulnerabilities do the same. While there's no guarantee a cyberattack wouldn't happen anyway, just like with strong passwords and two-factor authentication, vRx minimizes the risk to ensure our clients' environments are as secure as possible without hindering their work.

While our clients might not be aware of it, Vicarius vRx's patchless protection offers a significant advantage. Even without a patch from a software vendor like Adobe, vRx can still safeguard our clients. This sets it apart from competitors who rely solely on scanning and manual fixes or use multiple tools. Patchless protection is a powerful selling point, allowing us to ensure our clients' security even when traditional solutions fall short.

Vicarius vRx complements my existing patching tools by potentially saving me an additional five percent of the time on patching tasks. While other tools have already reduced my workload, vRx can address any remaining gaps, making a significant difference in the long run.

While other vulnerability scanners overwhelm us with a huge list of problems after a scan, Vicarius vRx goes beyond that. It automates patching where possible, but even more impressively, it can lock down unpatched software like a zero-day vulnerability in Adobe until a fix is available. This extra layer of protection is what truly sets vRx apart.

While I appreciate the automation of vulnerability management, Vicarius vRx's current manual patchless application is a point for improvement. Ideally, the software would autonomously implement patchless solutions while monitoring its resource usage to prevent negatively impacting the user's computer.

I have been using Vicarius vRx for two months.

Vicarius vRx has been stable overall. While I initially encountered an issue where version five wouldn't deploy, deploying version four successfully auto-upgraded to version five, making the initial problem a minor inconvenience. I expect this to be resolved by now, as it was a few months ago.

Scaling is easy because I have a price point per agent making it simple to scale up or down.

Vicarius vRx's main competitor is Tenable Nessus, which traditionally focused solely on vulnerability scanning and required separate tools for remediation. While Nessus might have added remediation features since I used it five years ago, its strength lies in broader platform scanning both network devices and endpoints. In contrast, vRx currently relies on installing agents on endpoints for vulnerability detection.

Vicarius vRx seems like a strong option, but Tenable's experience in the vulnerability management space suggests they might be the leader. However, Tenable's remediation capabilities are unclear to me.

I used an RMM tool to push out vRx to all my endpoints.

While I spent time on introductions and video tutorials, learning Vicarius vRx itself only took a day or two with some help from their team. I completed the deployment process in one day.

After an initial call with Vicarius' technical team to learn the ropes and integrate vRx with my RMM tool, I was able to deploy it for my first client collaboratively. Now, onboarding new clients is a breeze - it only takes about 15-20 minutes to get them set up with vRx.

Vicarius vRx's per-asset pricing makes it easy for me to market to clients as it scales with their needs. Tenable, on the other hand, uses a subscription model that can be cost-effective for larger MSPs with many clients, but for smaller providers with a limited client base, the upfront cost of a Nessus subscription might be prohibitive.

I would rate Vicarius vRx nine out of ten.

Our maintenance routine focuses on reviewing unpatched issues, identifying critical problems or fixes, and then manually applying those patches. We already have automated solutions in place to handle certain tasks.

I would ask a colleague who's considering vRx but already has a patch management solution, what their remediation process is. And if they have a manual process that requires several tools, I would tell them that this could replace three or four tools into one.

New users deploying software should ensure they have an RMM tool for a streamlined process. If not, they need a method for quick and easy mass deployment to all their endpoints. This emphasizes speed and ease of distribution as the key concern.

We primarily use Vicarius vRx for vulnerability detection and patch management. Its support services, interface, and scripting capabilities are all quite good. The network functionality and audit compliance features are valuable assets that our end customers frequently request.

Vicarius vRx is an excellent platform for consolidating vulnerability discovery, prioritization, and remediation. The vRx agent, deployed on endpoints, detects vulnerabilities at both the OS and application level. It prioritizes these vulnerabilities based on various criteria, including Vicarius's xTag system, which considers application usage and network activity. This automated prioritization, ranging from critical to low, eliminates the need for manual intervention. After installation, the agent automatically scans for vulnerabilities every 15 minutes and plans for remediation.

We automated the installation of critical OS patches and browser updates, as well as updates for essential applications used in every environment, such as Microsoft Word, Excel, and important server-level applications.

The time saved by using the automation depends on the environment and the number of endpoints we have.

The vSociety forum fosters collaboration among Vicarius members, customers, partners, and industry analysts to address vulnerabilities and emerging security needs. For example, when a recent CrowdStrike Falcon update presented an issue, the vSociety community swiftly decided on a mitigation strategy, and carriers remediated the problem within hours, benefiting all end customers.

The benefits of Vicarius were immediately apparent, with no downtime ensuring continuous performance. Patches could be deployed to computers as soon as agents were installed on the endpoints.

As a security engineer, I believe all endpoints and applications should be patched regularly, ideally weekly or monthly. Unpatched systems are inherently vulnerable to security threats. Automated tools like Vicarius can help streamline the patching process and ensure comprehensive security coverage.

Vicarius's patchless protection is a valuable feature that uses a dedicated engine to protect applications from vulnerabilities, especially when patches are unavailable. Many applications have exposed APIs, which malicious actors can exploit to bypass security measures. Vicarius's patchless protection monitors application activity for exploitation attempts and blocks them in protector monitor mode, effectively mitigating the risk of exposed APIs and other vulnerabilities.

A scripting engine allows the creation of custom scripts to mitigate threats, which is especially useful for those with in-house applications. Since these applications aren't publicly available, a repository is needed for patching, and the scripting engine facilitates this. Additionally, the engine can be used to deploy or uninstall third-party applications on endpoints.

Vicarius vRx reduces the mean time to remediate by automatically remediating vulnerabilities in critical applications such as Microsoft Edge and Office within 24 hours of detection.

Vicarius vRx significantly reduced our patching time by 50 percent by automating what was previously a manual process.

Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status. This simplifies updates for IT managers and executives.

Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process.

I have been using Vicarius vRx for almost three years.

While we have not experienced any stability problems, a recent issue with login tokens caused a two-hour system outage.

Vicarius vRx is scalable and it continues to improve in their roadmap.

We have contacted the support several times, and they have always resolved our issues within one or two phone calls. 

Positive

While I've used Qualys and ManageEngine, Vicarius vRx offers patchless protection, a key performance indicator of data security that the other two solutions lack.

Deployment is straightforward using Vicarius's one-line PowerShell script installer, which automatically installs the vRx software on edge and endpoint devices. Vicarius also supports deployment through other tools like Microsoft Intune MDM.

The deployment, on average, takes two days to complete. 

Vicarius vRx offers a competitive price point for the features it provides.

I would rate Vicarius vRx eight out of ten.

Vicarius vRx is a more robust remediation solution compared to other tools, offering excellent support, features, and performance. We have experienced no downtime with this solution.

Periodic maintenance for vRx is required on the cloud service and for agent updates.

Vicarius vRx is a user-friendly patch management solution that allows for centralized vulnerability management. Through a single portal, users can identify and automatically remediate vulnerabilities.

We use Vicarius vRx as a vulnerability detection or overall vulnerability management system. Their agents discover and report vulnerabilities on Windows endpoints, and their solution assists in patching endpoints.

Our previous solution was doing well with vulnerability detection and reporting. However, we wanted to try an agent-based patching system. That particular product would have doubled the cost. My supervisor discovered Vicarius, and he wanted to try a POC. So, the primary reason was that we wanted to include the ability to patch endpoints based on vulnerability discovery.

Vicarius is valuable because it combines vulnerability discovery, prioritization, and remediation into a single platform. Traditionally, these functions are separated and often managed by different teams, such as security teams handling discovery and infrastructure teams responsible for patching. This division requires significant coordination and communication regarding vulnerabilities, necessary patches, and prioritization. Vicarius streamlines this process by directly linking identified vulnerabilities to required patches, enhancing efficiency.

We have automated some of the patching using vRx's ability to perform that function. My infrastructure team handles the patching side, and we have shared access to the platform. I know that at least ten different tasks are automated, but I'm unsure if they've progressed even more. The gathering of patches that have been released, staged, and ready to go has been automated. So, all patches are already available, and we have some pre-done schedules that will automatically launch and start patching at predetermined times without further intervention.

The automation process has saved at least 30 percent of our manual tasks.

It takes two to three months to get a good overall vulnerability picture. The deployment takes a little while and some time to get used to the reporting. However, we saw decent data within two months and started asking questions about reporting and numbers. After three months, the overall dataset was good. Even now, we're still working on reporting, asking questions of Vicarius and trying to tweak some of the different reporting features.

Vicarius has helped us reduce our mean time to remediate vulnerabilities. Because we can examine endpoints, the best use case I can think of as an example for shortening remediation time is when we start spot-checking and looking at the dashboard for endpoints that, for some reason, have a high count of vulnerabilities or a much higher count of more severe vulnerabilities, we can immediately go into patching from that console and start pushing things out. So it helps us to immediately take care of delinquent workstations, for example, those that have not been connected or a person just keeps leaving their workstation off during prescribed patching periods. Overall, I would say remediation time is 25 to 30 percent shorter. The biggest impact is on case-by-case patching. We follow a regular patching cadence. We're a Microsoft shop, so the largest number of patches we have to apply, like most others, is on Patch Tuesdays when Microsoft releases stuff. Since that's on a regular cadence, I wouldn't say that Vicarius has greatly affected that. But there's a great improvement when we perform cleanup work and try to catch all the outliers and delinquent machines.

Agent-based scanning is the most valuable feature. Previously reliant on network scanning, we faced limitations when devices were offline or remote, such as laptops. This inconsistency in scan results is resolved through agent-based scanning, which provides more consistent data collection as long as the device has internet access. Additionally, integrated patching is highly desirable. While we have other software deployment and patching systems, their reliance on network connections creates similar inconsistencies in reaching all endpoints at scheduled times. Agent-based patching significantly improves this process.

Vicarius is an agent-based platform focusing on Windows, Linux, and Mac endpoints. While we know they're developing traditional network scanning capabilities and plan to demonstrate them soon, this feature is currently missing. Unlike previous vulnerability management systems that relied on network scanning appliances to discover and assess endpoints, Vicarius' agent-based approach is less effective for devices like switches, routers, and printers where agent installation is impractical. Although they suggest using Nmap as a workaround, we find it insufficient. We eagerly await the implementation of network scanning to manage vulnerabilities across our entire infrastructure comprehensively.

I have been using Vicarius vRx for almost seven months.

We began using vRx around mid-January as a proof of concept and have since progressed to full production implementation. I'm uncertain if we are officially considered a 100 percent customer, as my supervisor and his manager have been negotiating the contract with Vicarius. There's some ambiguity about whether all our data remains on US soil or if it's stored in other countries, so the contract finalization is still pending. Nevertheless, we are currently utilizing vRx in our production processes.

We have not experienced any issues with the agents on the endpoints. The portal has been very reliable. It has not gone down, and we have not known of any instance where we couldn't get in to see and view our data. So, we have not experienced any noteworthy issues at all at this point.

Our shop currently supports approximately 800 endpoints, and the system handles this load without issue. Given the system's cloud-based architecture and demonstrated ability to scale quickly, I anticipate that increasing resources on the cloud side would easily accommodate a more extensive deployment if necessary.

At this time, I rely more on opening tickets, and they do have online chat support. Their answers have been good, and the responses have been very quick. I find the support staff helpful, especially when I ask for a call so we can work together on the system. The response has always been excellent and efficient.

Positive

We previously used QualysGuard Express. We switched to Vicarius because we saw the opportunity to go with a product that had a similar pricing range, but at the same time, it included the patching ability.

Deployment was very easy. We did not encounter any issues with installing agents on endpoints.

For us, deployment was a collaborative effort, particularly in vulnerability identification, research, and patching. While we've divided these tasks into two teams, it's feasible that a single individual could handle vulnerability analysis, research, and reporting. However, given our additional responsibilities, a two-person team currently offers greater efficiency. Ultimately, the feasibility of a one-person approach post-deployment depends on the organization's size and complexity.

We initially started with a small test group of about twenty workstations to gather preliminary information. This was essentially a proof of concept or evaluation phase. Once the decision was made to proceed, we successfully deployed agents to all endpoints within a month. In total, the evaluation and full deployment process took one to two months.

We implemented Vicarius with the guidance of vRx, but it was not complex.

Vicarius' pricing was reasonable compared to the other systems we evaluated.

Before selecting Vicarius, we evaluated two other solutions, including Rapid7.

I would rate Vicarius vRx eight out of ten. We need Vicarius to implement the network scanning site.

Vicarius is still a relatively new system, so its content will likely improve. While I find user communities less helpful than technical support knowledge bases when working with any product or system, Vicarius has been okay. However, I rely more on their technical support for my needed information.

We have not yet implemented the patchless protection feature, as other systems also offer it. We are exercising caution and selectively choosing which vulnerabilities warrant this resource-intensive solution. Our decision will depend on the severity of the vulnerability and the priority of addressing it without a traditional patch. Until then, we have not actively engaged with patchless protection.

I can't say that Vicarius saved us a lot of time on patching. Our previous patch deployment system was also very good at getting patches ready and having everything set to go. The biggest difference between the two is that one is agent-based, and the other is not. So, we're not as dependent on a patching window anymore.

I've never used integrated patching since, in our eyes, it was not affordable. I don't know how good the other patching solutions are. I do like Vicarius' reporting better. The dashboard right out of the package is a little more understandable. Strangely, that dashboard information is not always very helpful in every vulnerability system I've worked with. Vicarius has been a bit more clear, and maybe it's just because I like to see certain kinds of numbers. Vicarius offers additional reporting solutions to enhance what it provides through its portal. They provide a Linux-based reporting server that we can put on prem that ingests all the vulnerability information from our portal and helps provide additional reporting. From that, I can export Excel sheets, which makes certain tasks easier, such as analyzing numbers and getting detailed information.

The system itself has not required much maintenance. It automatically updates agents, so there's not much to do to maintain it. It's more about managing the reporting and patching processes.

Given the pricing, the cost of acquiring both vulnerability management and patching capabilities would be comparable to purchasing vulnerability management alone for many equivalent systems. However, the added benefit of simultaneous patching is significant. While it doesn't need to be a primary patching tool, having a secondary option is valuable. To accurately compare options, I would inquire about the nature of the customer's current software deployment and patching system: is it agent-based or network-based? Similarly, if the system is not agent-based, it is still effective. Adding agent-based patching would enhance their ability to address outdated systems promptly. Considering Vicarius's pricing, it's a worthwhile investment regardless of existing patch management solutions. The integration with vulnerability discovery is highly beneficial, supplementing any existing patching capabilities.

We mainly use Vicarius vRx for Windows patching.

We were using another product previously for third-party patching, but it did not have any reporting functionality. It did not have any dashboards to see which devices had been successfully patched and whether there was anything outstanding. It did not give us any security insights into CVEs. That is why we ended up looking at Vicarius vRx so that we could have a single pane of glass to see what patches needed to go out and what sort of vulnerabilities we had on our Windows machines.

Vicarius vRx has been really good at protecting our Windows machines and patching them, keeping them compliant. It has definitely helped us. 

Vicarius vRx also helps us stay compliant with our security certifications. We do ISO 27001 and Cyber Essentials in the UK. This product definitely helps us maintain those security certifications. Without a product like Vicarius vRx, we would not remain compliant with those.

We have attempted automation, and it seems to be working well. We have automated the patching for Windows devices for the operating systems and any sort of third-party vulnerabilities. It was very easy to set up and seems to be working well. It has saved about 40% of the time.

Vicarius vRx has a feature called Patchless Protection. We have used it a few times. It is good to have an option where if a patch is not available, it can still help remediate the security vulnerability. It is not something we had in our previous product, so it is good to see.

We could see its benefits immediately. We could see the changes it was making compared to the product we used before. We were using the product called VFA before, so as soon as we switched over to using this, we could see the difference.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. That is very important. That impressed us when we were evaluating the product. We were impressed by how it was geared towards that. The other products we looked at had patching tagged on another product, whereas this solely looked after the patching and vulnerabilities, which is good. We did not see any other products with such capability.

It would be good if there were more login options. At the moment, it sends you an email to verify your email address, and then you can log in. It would be beneficial to have other options for signing in, like MFA or maybe security keys, especially since it is a security product.

We have used Vicarius vRx for around a month.

There have been no issues; it has been absolutely fine.

It is very straightforward to scale up with more machines, so there are no problems there.

I have not contacted their support. We only received help from someone at Vicarious during the initial implementation.

Positive

We were using a product called VSA before. We switched because it did not have good reporting on vulnerabilities. When you set up the patching, it would try to update the apps, but you would not be able to tell in a single pane of glass what was successful and what was outstanding. It did not look into security vulnerabilities.

The customer support and account management were also not very good. That played a big part in it as well.

It was not as easy as it could have been, but it was fairly straightforward.

The initial deployment took about a week. We received help from someone at Vicarious during a call, but most of the deployment was done in-house.

It does not require any maintenance on our end.

Only one person was required for the deployment.

By using Vicarius vRx, the meantime to remediate vulnerabilities has gone down by about 60% to 70% as compared to VSA. 

In terms of reducing the time spent on patching, it is a little bit difficult at the beginning because you are initially setting the product up. It has probably saved about 50% of the time.

I think the pricing is very good. The pricing was very reasonable and fair compared to other products.

I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT.

We did have a look at a few other products. One of the things I liked about Vicarius vRx is that it had quite a wide support for updating different products. Quite a few products we looked at for patching did not update many third-party applications. They were more geared towards patching Windows, which we did not need, whereas vRx seemed to be able to pretty much handle any application we had in our fleet. That was what drew us into Vicarius vRx.

We looked at NinjaOne mainly. Earlier on, we did look at a few other products, but they got dismissed due to not having much support for third-party patching.

Vicarius vRx is definitely more robust than others as a remediation solution.

I would advise testing it out because it is dedicated to patching rather than being an add-on product to an existing tool, which is what happens with most of the competition. For instance, when we were using VSA, we had to pay for VSA, and then we had to pay for an add-on to do third-party patching. We did not need or use a lot of the functionality of VSA that we were paying for, whereas Vicarius vRx is more of a focused product to do patching, so you are getting the full use of the product.

To new users, I would advise ensuring that your deployment methods are working and then testing with a small user group to make sure there is a smooth transition.

Overall, I would rate Vicarius vRx an eight out of ten.

We use Vicarius vRx to manage all third-party software updates.

Previously, we could manage Windows updates, but third-party updates were an issue. It was difficult for us to manage the updates of all the software solutions we have. Vicarius vRx helps us to manage those updates.

Our security guidelines require us to update all third-party software. Therefore, I can save a report that shows we have updated all the software. If there is a vulnerability, we are asked to update the software immediately. It allows me to access and update the software for all our clients via the console.

Since we started using Vicarius vRx, I have not had to worry about patching the software. I believe in this solution, so I do not check it much.

We have automated updates for a few solutions such as Chrome. They are updated automatically during non-active work hours. However, there is a little bit of a problem with some solutions where it cannot download the updates because we have a restriction from the firewall to access some websites to download the updates. Other than that, it is working fine. It has saved us one to two hours per week.

Vicarius vRx has reduced our mean time to remediate vulnerabilities by 10%.

The dashboard is quite easy to manage. The automation aspect is also very valuable.

I would be happy if the patch update could be downloaded to the Vicarius server and then implemented on the client. Currently, they just send a link to the software. For example, if I want to update Chrome, they send me a Google link to download the update. Sometimes, we have restricted firewalls or networks that do not allow us to download the software from the network. If the Vicarius server could download the update to its own servers, it would be much easier to manage. Right now, I have a problem downloading some software for a client because we do not have free access to the network. It would be very helpful if they could download the update themselves. 

Also, the login process is not easy. When we want to log in, they send an email which is not an easy way to log in.

I have used Vicarius vRx for one year and a half.

I would rate the stability a nine out of ten.

I used the Vicarius vRx community a little bit at the start but not after that.

I would rate Vicarius vRx support an eight out of ten.

Positive

Previously, I was doing it manually. I did not have any other solution. I do not do it manually now, and I can rely on this solution. For Windows updates, I know I can use Vicarius vRx, but I have WSUS for Microsoft to manage all our Windows updates. For third-party software, it is much easier to use Vicarius vRx.

The deployment was very easy. We finished it in one day, but we had some requests. We had to make some changes. It took us one week to get it working properly for us, but it was quick to implement.

It is being used at one location, and I am the only one working with Vicarius vRx.

It does not require any maintenance from our side. I just have to log in to see if there is any change. If I add a new PC, I have to see whether it is implemented correctly.

Our systems people save one to two hours a week. We also save a lot of time with the reports on third-party software.

I do not use other solutions, so I cannot compare its pricing to others, but its price seems okay.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform, but vulnerability management is not something we want the most in this solution.

I would recommend it for companies with more than 20 users. I would rate Vicarius vRx an eight out of ten.

We wanted Vicarius vRx to have an automated way of keeping our systems up to date and to do tests and deploy new software updates, especially related to third-party software. Non-Microsoft-type updates because we had an issue installing updates that were not patched by our normal patch cycle. So, we wanted a solution that could address that issue. 

We found that for servers, it was a little difficult to use, not because of the solution's shortcomings, but because of Microsoft's shortcomings, so when Microsoft deploys patches that have issues, We end up in a situation where we auto patch, and then we have to back out these patches because Microsoft patches have bugs in them. So, we have decided to use the solution only to patch our end-user systems, laptops, and desktops.

It is critical for us that vRx consolidates vulnerability discovery, prioritization, and remediation all in one platform because we don't have a large staff complement. We have a couple of people, so we love that this tool can automate everything.

Vicarius vRx helps protect our environment, which has greatly improved our operations. One of our challenges was the high number of software vulnerabilities we couldn't keep on top of. With vRx, we don't need to do vulnerability scans because we can see our vulnerability status at any time, which has been helpful.

Vicarius vRx helped us reduce the time needed to remediate vulnerabilities from our endpoints. In the past, we patched endpoints sometimes once every three months. Now, we can patch in real time, especially because we have deployed it to the end user systems. We used to patch once every three months, and now, with vRx, when a patch is available, we patch within the week.

Vicarius vRx's ability to patch third-party software is particularly valuable for us. Frequent updates for applications like Adobe and others highlight the limitations of Microsoft's patching solutions for non-Microsoft software.

I would like to see a way to build a virtual environment where we can test patches in real-time before we deploy. In other words, if vRx had a cloud environment that mimicked a section of our environment, we could test there, ensure everything is fine, and then push the button to deploy automatically. I know that's a big ask, but that would be great.

I have been using Vicarius vRx for almost one year.

We have not experienced any stability issues. Vicarius vRx is lightweight and doesn't require a lot of resources.

We have a footprint of about 600 systems. We haven't seen any issues with that scale, and we believe we can scale much above that.

We have used the Microsoft equivalent of vRx. However, it doesn't patch third-party apps unless we pull the download into Microsoft and then deploy it.

There was a slight learning curve, but it wasn't steep. I would say it is a relatively simple deployment.

Three of us were involved in the deployment, and one person was in charge.

Vicarius vRx is reasonably priced.

We have considered a SolarWinds solution and a ManageEngine solution. However, Vicarius vRx was superior in ease of use and support.

I would rate Vicarius vRx nine out of ten.

It took us a while to see the benefit of vRx because we didn't have the manpower to deploy it. We should have gone back to Vicarius and asked for help with the deployment because they indicated they were willing to do that, but instead, we put it in the hands of someone who ended up leaving the organization. So, it was unsupervised for a while. Vicarius vRx reached out to us to see how we were doing, and that is when we expressed our issue. We have set up weekly meetings with them until we have vRx properly deployed and doing what we want.

The scripting engine is not a functionality we are currently using. Still, we are planning to use it in the next weeks because we realized that it could help us solve an issue that we have with different systems requiring different policies.

Some systems require maintenance, such as manual deployment, but after the deployment, we can easily update the agents by automating them.

Vicarius vRx can easily replace most of the other patch management tools. It is more cost-effective and does things other patch management tools don't. For third-party applications, it can automatically keep those applications up to date by pulling and deploying the updates.

I suggest being ready to deploy agents to the machines quickly. The quicker you can use the solution's capabilities, the better. So, I would say learn about the solution beforehand and then get ready to quickly deploy the agents so that you can start applying your policies.

We use it to patch and update Microsoft Windows and third-party applications.

We had some legacy patching solutions that were slow and took hours to patch Windows servers. We were looking to improve the speed. That solution also did not patch third-party applications.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. It is extremely helpful. It would be a lot harder to get vulnerabilities remediated if we had to source everything ourselves. We provide access to our developers, and they can easily deploy Java and Tomcat patches without having to go to each vendor to download everything. We are very secure, especially in our external facing applications. We are a lot more secure than we were a year ago.

I have used the Vicarius vRx user community. I have not provided any of my own solutions or anything like that, but I find it helpful. If there is a new vulnerability, but I do not know how to fix it, there is usually some documentation in there, so it is very helpful.

We do monthly updates from Windows, and we have to take down our applications during the day. That is a nuisance for the business. Previously, it was hours of downtime, whereas now, it is less than an hour in a lot of cases, so we have improved there. We were out of date on a lot of third-party applications before, whereas now, we are remediating hundreds of thousands of vulnerabilities each month, so we are improving our security posture with this tool. It has been a great experience so far.

Vicarius vRx has reduced the amount of time we spend on patching. Typically, with our previous solution of ManageEngine, it took about three hours to patch Windows Server, and now, that is less than an hour. It means less downtime for the business each month when we do patches. We are able to get our users back into applications like SAP more quickly. We are able to start addressing other issues, so it has made everybody more efficient. There is about 60% time saving.

We can easily deploy patches for third-party applications. It automatically downloads the patches for you. You do not have to download them, upload them to the solution, and configure your own scripts or anything like that. It is all automatic.

The vulnerability dashboards are extremely helpful. It can help us target the highest-priority vulnerabilities. That is awesome and very helpful.

I have a server engineer who uses this very heavily. She is used to her legacy solution. She recommended some improvements to the interface. They were just minor things related to scheduling and adding some more options to schedule patches that are deployed. Their support was very open to the suggestions. They implemented her recommendation. Their support has been great to work with.

There is not much to improve. There can be more scripting capability and more filtering capability. We should be able to filter more granular details in the operating system such as whether it is a service, application, executable, or something like that. For the most part, we are satisfied with what we are able to filter. These are minor suggestions. Overall, we are pretty satisfied with the platform.

We have been using it for almost a year.

The only issue we have experienced so far is with patches from Microsoft being delayed. If they come out on Tuesday, Vicarius might not be able to deploy the patches until Wednesday. That is all we have experienced so far. Overall, it has been pretty reliable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We have about 200 endpoints and six administrators. We have servers and desktops, but primarily, we have servers.

We are all over the globe. We are primarily in the US.

I am satisfied with their support. They are very helpful.

I would rate their support a nine out of ten. I do not have any complaints. I  consider Nutanix support to be a ten.

Positive

We were using ManageEngine. It was slow, and it only patched certain things. We were only taking advantage of Windows patch functionality. There was an interface that was hosted in the cloud, so we were able to get rid of a server from our internal network, and then we were able to speed up patching a great deal—from less than three hours to one hour. It is integrated with Microsoft Azure, and it patches everything efficiently without having to create a bunch of manual updates. We went from a legacy slow solution to a cloud-based solution that prioritizes security and is very quick.

If you want something that is able to focus on security and do it quickly with minimal infrastructure, Vicarius vRx is a great tool.

It is deployed on the cloud. Its deployment was very straightforward. We had to just whitelist a few URLs in the new firewall, deploy an agent on our servers, and do SSO integration. You can have all this deployed in the day. It is very easy.

For the most part, it takes a day. The agent deployment is complex. You have to take that slow. Getting an agent into the solution takes probably less than an hour, so it is very easy.

It is pretty straightforward to learn. If you want to deploy a Windows patch, it usually takes less than 15 minutes to train somebody to do that. It is very easy.

In terms of maintenance, you can have the agent set up. Once you set up automatic updates for the agent, it is streamlined. You are basically telling it what to patch. That is it.

We had just two people involved in its deployment. It was me architecting it and then my server engineer deploying it. It did not take long at all.

I do not know if we can quantify that, but I know that we are saving hours of patching time, making our administrators more efficient, and getting our users back into the systems more quickly. I am sure we are seeing a significant return on investment.

It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced.

To a colleague who is considering Vicarius vRx but says they already have a patch management tool within another platform, I would say that I have used lots of patch management solutions such as Intune and Tenable, which used to be from SolarWinds. Vicarius vRx is by far the easiest to maintain. It does have a security focus. If you want to make sure that your Windows servers are patched with the latest version, or you want to make sure that your third-party updates are completely up to date on a monthly basis, it is possible. You are able to track that easily with the dashboards that are easy to read. Go with a solution with which you do not have to maintain any internal infrastructure. It is just set-it-and-forget-it. I would definitely recommend Vicarius vRx over a lot of other solutions if you are just looking for a patching solution.

I always do a thorough PoC. I cannot account for everybody's use case, but strictly speaking, if you are just looking for vulnerability management and quick and easy updates, definitely consider Vicarius vRx.

We have not used the Patchless Protection functionality. We understand that this capability is there, but we have not used it yet. We have not had a use case for it. We have got a pretty good patching program, so fortunately, we have been able to patch everything. We have not had the need for it.

I would rate Vicarius vRx a nine out of ten.

We use Vicarius vRx to manage vulnerabilities and patch more than 300 assets in total. 

We use Vicarius vRx daily. It is great. Without it, we could never manage these many assets at once.

We have automated vulnerability management, patching updates, software updates, systems reboots, or other smaller tasks like network scans. With its automation, we save two to four hours daily.

The scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities.

We were able to realize its benefits immediately. The first benefit that I noticed was how easy it was to deploy. Right after deployment, it made an inventory of my assets, applications, and OS, and it was very easy to look at my attack surface from another perspective. After that, there was also all the patching and management.

Vicarius vRx is protecting my environment. In the report, I can see the vulnerability score and vulnerability number. Since using Vicarius vRx, there has been a reduction in issues.

I use Patchless Protection on almost every client because some applications cannot be patched automatically or are homemade. With Patchless Protection, it is easy for me to keep clients protected.

Its scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities, but we use another product for this. The script that I am using is very powerful. We use it for Nmap scanning and mitigation.

Vicarius vRx has reduced the mean time to remediate vulnerabilities. I do not have to look at other websites for new patches. I have everything in one dashboard. It is very easy. It saves two to four hours daily in vulnerability checks and remediation.

We hardly spend any time on patching. With automation and scripting, I never have to think about it.

The ability to consolidate vulnerability discovery, prioritization, and remediation in one platform is crucial. 

I find the user community very useful. We can find a lot of tips and tricks on how to manage vulnerabilities and how to patch vulnerabilities that are not patchable.

Based on the request from our clients, it would be great to have an MDM solution. If they can manage vulnerabilities on mobile devices too, that would be great. Having scripting capabilities on mobile devices would be very useful. That was the request we had from lots of clients.

I have been using Vicarius vRx for more or less one year.

I have never experienced any lagging or crashing. There was a minor issue related to the automatic rebooting of the system, but it was resolved quickly with the help of technical support.

Vicarius vRx scales very well. It is very easy to deploy, and you can manage multiple customers from the same dashboard, making it very scalable.

They are great. I have contacted technical support during the testing stages in the EU environment, and they have always been available and kind. I would rate their support a ten out of ten.

Positive

We did use other solutions, but I personally did not use any.

It is deployed on the cloud. Now that they have a data center in Europe, it is easier for our clients because of the GDPR compliance. The console is just on the cloud.

Its initial setup was easy. We made a script with our RMM solution. Within seconds, we deployed more than 200 agents.

It takes about 20 minutes to fully deploy vRx for one client.

It does not require any maintenance from our end. You have to set up automation scripts, but once you have done that carefully and properly, you do not have to look at it much. I check it maybe once a month to see if everything is running correctly and whether the remediation is being applied. Anything can go wrong, but I have not seen any problem, so no maintenance is required.

It is more of a one-person job. While you can define multiple groups and assign different clients to different managers, we handle it with one person.

The pricing is great because we are a reseller of the product. It is really up to us and Vicarius, and they are very easy to work with.

I have seen a lot of other platforms for vulnerability management, but they do not do prioritization as Vicarius vRx does. It is very easy to know which application and which process you have to manage or patch first. With other solutions, you cannot do that or you cannot do that so easily.

I would advise trying the platform as it is very efficient in vulnerability management and prioritization.

I would rate Vicarius vRx a ten out of ten.