Vicarius vRx automates patching and vulnerability mitigation with patchless protection, appreciated for effective third-party app patching and vulnerability prioritization. The platform offers streamlined management via intuitive dashboards, consolidating vulnerability discovery and remediation.
| Product | Mindshare (%) |
|---|---|
| Vicarius vRx | 0.9% |
| Wiz | 4.5% |
| Qualys VMDR | 3.9% |
| Other | 90.7% |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Wiz | 4.4 | 4.5% | 97% | 46 interviewsAdd to research |
| SentinelOne Singularity Cloud Security | 4.4 | 2.5% | 99% | 129 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 11 |
| Midsize Enterprise | 7 |
| Large Enterprise | 3 |
| Company Size | Count |
|---|---|
| Small Business | 246 |
| Midsize Enterprise | 92 |
| Large Enterprise | 168 |
Vicarius vRx streamlines the patching and vulnerability mitigation process, delivering automation through patchless protection. It is favored for its ability to handle third-party applications effectively while providing vulnerability prioritization. The platform's intuitive dashboards allow for efficient management, consolidating vulnerability discovery and remediation efforts. Users note the robust scripting engine and supportive community as significant assets in mitigating critical threats, reducing manual effort and remediation time. Despite the strengths, enhancements in areas like automating patchless solutions, simplifying the login process, and refining networking vulnerability scanning capabilities are needed. The patch update process, reporting, and scripting functionalities require improvements. Name changes have resulted in some confusion, and additional filtering options are desired, along with better cloud integration and system feedback on update statuses. Logging options and mobile device management support are sought after by organizations.
What are the key features of Vicarius vRx?Managed service providers utilize Vicarius vRx for compliance needs, focusing on PCI and HIPAA requirements, vulnerability management, and patching. They use it extensively for patch management, covering both Microsoft and third-party updates, and for centralized update management. It aids in achieving visibility and automation, ensuring quick application of necessary patches across numerous assets while enhancing cybersecurity effectiveness with its network functionality and audit compliance features.
| Author info | Rating | Review Summary |
|---|---|---|
| Information Security Manager at Pango | 4.5 | I use Vicarius vRx for unified asset visibility and efficient patch management to address critical vulnerabilities. It excels in prioritizing patches, supports diverse systems, offers virtual patching, and has delivered a 40% ROI, outperforming other evaluated solutions. |
| DevOps Tech Lead at Earnix Ltd. | 3.5 | I chose Vicarius vRx for patching our Windows terminals due to its simplicity and features like asset grouping and script execution. Improvements needed include better filtering and third-party integrations. We evaluated but did not select AWS Systems Manager and Automox. |
| Works at a manufacturing company with 51-200 employees | 1.5 | I used Vicarius vRx in my cybersecurity practice, initially impressed by its dashboard and system bubble protection. Unfortunately, it failed on scheduled updates and scaling, especially with Linux systems, prompting us to consider alternatives and possibly seek a refund. |
| Network & Security Manager at a government with 201-500 employees | 4.0 | As the security manager, I find Vicarius vRx valuable for prioritizing and automating vulnerability patches, offering excellent support, and saving us significant time and resources. Improvements could include network patching and support for mobile devices. Our previous solutions often failed. |
| Information Systems Supervisor at a manufacturing company with 11-50 employees | 4.0 | We use Vicarius vRx for vulnerability management, patching, and updates. It effectively prioritizes risks and automates updates. While the patch deployment interface is complicated, the system simplifies our tasks and saves time compared to our previous manual management approach. |
| IT Manager & Sys Admin at a non-tech company with 51-200 employees | 4.0 | I use Vicarius vRx for update management, finding its ability to identify hidden vulnerabilities invaluable. It automates updates, saving time, though CPU usage and feedback delays need improvement. It has significantly reduced our time spent on patching tasks. |
| Vice President , Managed Technology and Security Operations at NovaCopy, Inc. | 4.5 | We chose Vicarius vRx for vulnerability management because it offers effective remediation assistance, particularly in third-party software patching. While its multi-tenant portal could improve, these enhancements are planned. vRx excelled over other solutions like ConnectSecure and Nodeware during evaluations. |
| VP IT Security and Services at netxinc | 5.0 | I'm a Vicarius partner using vRx in lab environments to showcase its capabilities. The tool excels in virtualized patching, severity prioritization, and a strong scripting engine, despite needing improvement in network device vulnerability scans. Its single-platform approach is advantageous. |
| Systems Admin at a computer software company with 201-500 employees | 4.0 | I use Vicarius vRx for deploying software and Windows updates on endpoints and servers, benefiting from its user-friendly interface. However, the patchless protection feature is complex. Previously, I managed updates manually without any other solutions considered. |
| Information Security Analyst at Channel Next | 4.0 | We use Vicarius vRx for vulnerability detection and patch management due to its automation and network functionalities. While it excels in automation, its application management needs improvement. Compared to Qualys and ManageEngine, it offers unique patchless protection. |
We use Vicarius vRx for the visibility of all the assets in one place on the patch management status.
The risk we're trying to mitigate is the need to patch a critical vulnerability across numerous assets quickly. Manually patching involves logging into each asset, installing the patch, verifying its success, and repeating the process. Vicarius vRx allows us to apply patches to all assets simultaneously and verifies the patch status for each asset.
Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform.
We automated the monthly installation of Microsoft updates, which previously required our IT staff to manually update half of our computers one week and the other half the following week. Using Vicarius vRx, we divided our Microsoft assets into two groups. Now, Vicarius vRx automatically installs updates on the third Tuesday of each month for the first group and then for the second group a week later. This automation has freed up our IT staff to focus on other tasks and has been very effective.
The Vicarius vRx automation helped save up to ten percent of our time.
Vicarius vRx allows centralized, automated patching of all assets. As CISO, it is my responsibility to inform the company of zero-day vulnerabilities and ensure all assets are protected. Previously, mitigating a critical vulnerability meant manually patching each asset, a daunting and time-consuming task. This lack of efficient patch management caused significant concern and was a top priority for improvement. Implementing Vicarius vRx has streamlined this process and significantly improved our security posture, giving me peace of mind.
We made some configuration changes using custom scripts in the Vicarius vRx scripting engine. Initially, we didn't anticipate needing custom scripts, but having the agent installed with elevated permissions proved advantageous. This allows us to accomplish a lot with custom scripts, which we've used for various tasks.
Vicarius vRx has reduced meantime to remediate by 90 percent. If we have to wait for IT to remediate manually it would take them days.
It has significantly improved our efficiency by reducing patching time by 80 percent, allowing us to focus on other critical tasks. This time-saving solution provides valuable visibility into the security status of all company assets, enabling real-time monitoring of vulnerabilities and patch installation progress. This comprehensive awareness is crucial for both IT professionals and the overall organization.
Vicarius vRx consolidates three tools into one. It offers specific solutions for patching Macs and Microsoft systems, eliminating the need for separate tools. Additionally, it accurately assesses the real risk of each vulnerability by considering our specific organization and network, allowing for effective prioritization. Finally, vRx provides built-in automation capabilities, removing the need for external tools like SOAR.
Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching. The platform helps prioritize patch installation by identifying high-risk vulnerabilities, allowing IT teams to focus on critical threats first. This prioritization is crucial because it prevents IT teams from being overwhelmed by the constant influx of patches, enabling them to create a manageable plan and allocate resources effectively. By distinguishing between critical, high-risk, and medium-risk vulnerabilities, Vicarius vRx empowers IT teams to address the most urgent threats promptly and schedule less critical patches for later.
Both native operating system updates and Vicarius vRx offer vulnerability remediation. Native OS updates allow for the patching of system vulnerabilities on Windows, macOS, and Linux. However, Vicarius vRx provides a single solution for installing both operating system and application updates by also discovering application vulnerabilities.
Another valuable feature is virtual patching, which allows us to protect an asset from a specific vulnerability without installing a patch. Sometimes, installing a patch alone is insufficient and requires restarting the asset. However, production servers often cannot be restarted during the day, restricting restarts to specific timeslots. Virtual patching creates a network-based protection layer that prevents exploitation of a vulnerability, offering a temporary safeguard. While not a foolproof solution for long-term use, it's a valuable tool that reduces tension between IT and security teams by providing time to properly install patches.
I have several applications on developers' assets and computers that cannot be updated due to potential conflicts with their current development tools. It would be beneficial if Vicarius vRx could implement smart tagging or suggest tags to create a group for these development tools, signifying that they should not be regularly updated.
I have been using Vicarius vRx for almost three years.
I would rate the stability of Vicarius vRx ten out of ten.
I would rate the scalability of Vicarius vRx ten out of ten.
The technical support is good.
Positive
The initial setup is straightforward and quick because it is cloud-based, with deployment taking only one day.
The implementation was completed by one person from our organization and one from Vicarius.
We have seen a 40 percent return on investment from Vicarius vRx.
Vicarius vRx is priced competitively within the market.
I evaluated three tools: BigFix, Vicarius, and one other. About four or five years ago, my IT colleagues and I conducted a proof of concept with these tools. I expressed my preference for Vicarius, but my colleagues suggested we conduct another POC to compare it with the other two solutions. We each created a list of criteria and used a scoring sheet to compare the tools. Ultimately, we all chose Vicarius as it received the highest score.
I would rate Vicarius vRx nine out of ten.
We have three people in our organization that utilize Vicarius vRx.
Vicarius handles maintenance because its dynamic groups eliminate the need to manually add assets. This automated system frees me from routine maintenance tasks in Vicarius vRx, allowing me to focus on responsibilities like reviewing reports and logs.
I recommend that colleagues using a different patch management platform consider Vicarius vRx. It offers several features that simplify asset protection, including automation, virtual patching, and comprehensive visibility. Furthermore, it supports Mac, all operating systems, and a wide range of applications, making it a versatile and effective solution.
Two years ago, I conducted a vendor selection process to find a solution for patching our approximately one hundred Windows terminals. We ultimately implemented Vicarius vRx to automate the patching process, primarily for Windows updates. This solution also allows us to run other automation scripts across the terminals, such as implementing certificates.
It is nice that Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. However, it is not critical because we are using CSPM for managing the vulnerabilities across our organization.
Our organization has automated certain manual tasks within the vulnerability management and remediation lifecycle using Vicarius vRx. This includes actions such as disabling the transporter service on Windows servers and implementing certificates. This automation has proven valuable by streamlining these processes and increasing efficiency.
The automations run simultaneously, so across one hundred or more servers.
We implemented a process where we patch our system on a schedule and Vicarius vRx has improved our organization's security.
From an operational perspective, the support team is rolling out this system because it is more efficient than manually patching servers. This automated approach, provided by Vicarius vRx, benefits operations teams that are already at full capacity by simplifying their workload and improving efficiency.
I used the Vicarius vRx custom script to disable the print spooler, adapting an existing script to meet our specific needs. While I could have created my own script in Python and deployed it across the organization, that approach wasn't ideal.
I've seen operational improvements, specifically within the support team. They were overloaded with tasks, so automating even one has significantly benefit us. This allows us to execute larger projects and assume more responsibility, ultimately reducing the support team's workload and concerns.
The most efficient feature of Vicarius vRx is the ability to group assets, such as by time zone, allowing for targeted patching and streamlined management. This, along with tag-based filtering and organization-wide script execution, simplifies vulnerability identification and application patching. The system's intuitive design and ease of use are its greatest strengths.
I would appreciate additional filter options, such as the ability to filter by AWS tags. Furthermore, enhancing Vicarius vRx with improved third-party integrations, like notifications for external systems, and increased cloud integration for richer instance information, would be valuable improvements.
I would like Vicarius vRx to provide more detailed logs.
We had an outage due to a change Vicarius performed in their system. We reported it and found a solution involving some intervention from our side.
Vicarius vRx is scalable because once a new instance is added, it is allocated to its own group automatically. This is convenient, especially when adding instances from different time zones.
Customer service was excellent. During the POC and the implementation, they were very available and made their best efforts to help us.
Positive
While the implementation was initially easy, we encountered some minor issues that were quickly fixed, and we haven't experienced any further problems.
The deployment process involved integrating Vicarius's binary into our automation system. This allowed us to easily extract the installation link from their UI and implement it into our code with minor modifications.
The proof of concept took a couple of days, and implementing the full solution took one to two weeks. The rollout was more complex, primarily due to our commitment to avoiding customer disruption. This required deployment during non-working hours. Although the process did not necessitate server restarts or interfere with customer operations, the complete rollout spanned one to two months for a gradual and seamless transition.
Our deployment was done in-house with one or two people from the Vicarius team and a technical person and support person from my team.
From a pricing perspective, Vicarius was cheaper compared to other competitors.
I evaluated AWS Systems Manager, a native but complex solution with limited visibility. Automox was also considered, but it proved overly complex and offered more capabilities than required. Ultimately, we chose Vicarius vRx due to its simpler implementation and more focused feature set.
I would rate Vicarius vRx seven out of ten.
I assumed that focusing less on something would improve my performance compared to competitors, so I sought an ad hoc solution. Working with the Vicarius team, we resolved all initial bugs and achieved a robust system.
The strongest advantage of Vicarius vRx is its intuitive interface, which requires minimal explanation or support, even for first-time users. This ease of use minimized the need for training sessions. From a technical and implementation standpoint, the system remains largely unchanged and robust, making it a reliable DevOps solution.
We have around 120 instances. And just over 20 users.
I would recommend Vicarius. The simplicity of the system and its support are advantages. If someone has a different need that requires functionalities that Vicarius does not offer, they might need another system.
I used it for the company for which I run the cybersecurity practice. We did a PoC and ended up buying the tool, and we are now in the process of trying to get our money back because the tool does not work. It just does not perform like we thought it would. There are a lot of backend issues, so we are evaluating another product and moving on.
The use case for vRx was for one of the big security initiatives here at the company. It was related to being able to update the systems. vRx seemed to be user-friendly and very easy to use. We wanted to bring in this tool to centrally manage our ability to update our systems.
When we deployed it, it seemed like a fairly good tool, but we only scratched the surface. From one to ten, we probably only scratched about one, and we liked what we saw. People got ahead of themselves, not fully testing the tool, and that is the reason why we are in the situation we are in now.
It slowed down one of our main initiatives. It has not done anything. I like the concept of it being able to patch systems, keep them up to date, give a risk score, and things like that, but that is not what it was doing.
There was another team that was evaluating it too. We created scripts, but they did not work the way we thought they would.
vRx did not reduce our mean time to remediate vulnerabilities.
vRx did not reduce the amount of time we spend on patching. It increased our time because it did not work.
It was important for us that vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform.
I liked the initial dashboard. I am not even sure if this feature worked, but it has a feature that allows you to put a bubble around systems on which you cannot deploy an agent. That bubble around the system still gives them a level of protection. I like this feature and the dashboarding capabilities.
We did some automation. We kicked off scheduled updates to update our systems, but it did not work. When we attempted to scale the product and update multiple systems, we ran into a lot of issues. We also ran into the issue of it creating double assets. I am not sure how that happened, but it was a mess and still is a mess. That is where we are.
They should probably go back to the drawing board and make sure that they can patch Linux. In our environment, we are 99% Linux. They may need to build their own lab and have a lot of Linux devices. They can have old different Linux systems and 50 or 60 of them and attempt to do an update in their own lab and see what happens. I am still not sure if that would give them a true test because we have systems here with Docker containerization and all kinds of things on it. They will have to mimic what some of these environments will look like. I am pretty sure that the tool works great when it comes to Windows, but when you are in an environment that has different flavors of Linux at different version levels, that may pose an issue.
Based on my experience with it, I would rate it a three out of ten in terms of stability. There are some issues that they do not even know how to fix at this point.
That is when we ran into issues. When we attempted to scale this and update 200 systems, that just locked it. It did not do anything. It duplicated assets. It did a lot of things that did not make sense.
We did not engage with their user community. The only thing we engaged with was their support staff. We talked to them and let them know what our issue was. They were knowledgeable, but they could not fix our issue.
Negative
We did not use any similar solution before. This is the first solution that we looked at from a patching perspective.
Its initial deployment was fairly easy. The agents are on the machines, but it is a SaaS solution. There is a portal we log into to manage those agents that we have deployed.
We did not fully deploy it. It was in our Dev environment. We are using the Dev environment for Guinea Pig, and we did not get past Dev. We did not get past fully deploying it to Dev because we ran into so many issues.
You can get away with two good people handling its deployment.
The only maintenance required is looking at which systems were updated and which systems ran into issues. It does require that piece.
I know we got it for a very cheap price, and I now see why. It was very cheap. It was maybe 12,000 or 14,000 dollars. It was somewhere around there.
We did not evaluate other options.
Try this tool all you want. Make sure you scale it in your PoC evaluation. Understand what type of systems you have in the environment. Are they Windows? Are they Linux? Always have another tool that you are evaluating as well, so have this tool and then maybe another tool. If you have the bandwidth and people, deploy vRx on more than a hundred systems, push the update, and see what happens. You will probably run into the same issue that we did. That is what the PoC is for. You do not have to sign the contract like we did. I would just tell others to be a lot smarter.
I would rate vRx a three out of ten.
I am the security manager of the company, and we have a system communications department and IT. They manage the platform in order to monitor some PCs and servers to have them updated and patched.
We wanted to save time by implementing Vicarius vRx. Before vRx, we spent a lot of time searching for vulnerabilities that came out and patching them manually. With Active Directory integration and many other things, we now have it all centralized in the vRx Console.
Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. This is very important for us. We are spending less time on these tasks. Previously, we had a team of three people for these tasks. After implementing Vicarius vRx, thanks to the vRx Console, we only have one person.
We have done some automation for vulnerability management. For some devices, we have automation to patch critical and high vulnerabilities in less than an hour of being discovered by Vicarius vRx. Previously, we had three people, whereas we now have only one person handling the work. It has saved about 1,800 hours a year.
After implementing Vicarius vRx, we realized that we were not aware of all the vulnerabilities. We did not know how insecure our systems were, whereas now, we know that our systems are not affected by so many CVEs. This knowledge of how secure we are is a major benefit of Vicarius vRx.
Vicarius vRx assists us in spending less time discovering vulnerabilities and knowing whether we are affected or not.
Patchless Protection is helpful in some cases, such as some critical zero-day vulnerabilities. We do not know if it works very well or not, but we activate Patchless Protection until the official patch is released.
We have one script to roll back the changes of our update. We have some automated tasks to apply patches. In case the patching makes a platform unstable, we have a script to go back to and recover a previous version.
Before Vicarius vRx, we were not aware of some vulnerabilities, so our meantime to remediate them was essentially infinite because we never patched them. Previously, it would take us a week to apply a patch for Microsoft vulnerabilities after they came out, whereas now, we can apply them on the same day as they are published.
The prioritization of the vulnerabilities and patches that we must apply immediately is valuable. The automation of the tasks allows us to spend less time in that area.
The support they provide is very good. They answer quickly in the chat and by email.
I would like to see more network architecture elements with patches. We have the ability to search across the network for all switches, routers, and printers, but some devices might be outdated and have vulnerabilities. Additionally, an agent for mobile phones would allow us to monitor corporate mobile devices.
It is a stable product, and I would rate its stability as eight out of ten.
Vicarius vRx is scalable.
We are a medium-sized organization with 250 people. We have multiple locations because we have a lot of people working at home with corporate laptops and PCs. We have four offices in different cities.
We have some clients with up to a thousand agents.
Their support is very good, and they respond quickly. I would rate them a nine out of ten.
We sometimes use the Vicarius vRx user community to find more information about CVEs that are out. We try to read comments and other inputs to understand what is happening and how we can remediate or patch a vulnerability. We only read; we do not contribute anything because most of the CVEs have a lot of information from administrators or security managers in large companies.
Positive
We did not use a similar solution. The systems department had an open-source solution to make scripts for us to run. With these scripts, we could run a command asking for a version of some application. If you know that version is affected by many vulnerabilities, we could download the package with another command and apply the update on those machines. This solution frequently failed and had issues requiring manual intervention.
The initial setup was simple and probably took a few hours.
It is deployed on the cloud. It does not require any maintenance from our side.
The initial implementation had a team of three people involved.
We now have one person working with Vicarius vRx but not full-time. I also sometimes check things, but most of the time, there is only one person.
Vicarius vRx has saved us time, money, and resources over the past three years. It saved 50% of the time for at least one person.
In the past, Vicarius vRx was cheap, but now they have adjusted their pricing policy, resulting in higher renewal costs. We have had some conversations with them regarding a smaller jump in the renewal cost.
I would recommend Vicarius vRx to others. I would advise giving it a try with a proof of concept to ensure it suits your requirements. You can compare it with your existing solution to understand the time and resources that you are going to save. Also, compare budgets, as Vicarius vRx might be cheaper.
I would rate Vicarius vRx an eight out of ten.
We are using Vicarius vRx for managing vulnerabilities, including patch management and managing updates on any of the software we have running in the company.
Previously, we did not have any solution for managing vulnerabilities. We had to go computer by computer to check whether any updates were due, and then we would update. We got to know that there is a solution like this one, so we implemented it so that we do not have to do all the manual work moving from computer to computer. It is all centrally managed.
Our audits are now smoother due to the automated implementation of patches. It is key for us because our audits are based on when a patch was launched and when it was implemented in our network. With this particular solution, it is easy. We are flying through the audits because it is automated. It will simply apply the necessary fix.
We do not have 100% automation, but we are able to check which updates are due. The only part where we come into play is to launch the updates. What we are preventing with that is that we do not want to put in a patch that is troublesome or that people have flagged as troublesome. That is why we have not fully automated it.
It has saved a lot of our time. Previously, we had to go from computer to computer, and we have branches. The IT team is based in the headquarters. Going to the branches to check for updates, maybe through AnyDesk or any other remote software, was taking a lot of our time. It has saved about 50% of our time.
Vicarius vRx has improved the network speed. If we are struggling with some apps, that tends to slow down the network speed. Because it is all automated, our security posture looks good, and our network runs smoothly.
We are very happy with the solution. We do not see ourselves functioning without the solution as the IT team. It helps us a lot.
Vicarius vRx has reduced our mean time to remediate vulnerabilities. It has saved about 70% of the time.
Vicarius vRx has affected our operations greatly. It means our focus can be on other things, and we do not have to worry about patch management all the time. It has increased our efficiency as a team.
Vicarius vRx has reduced 70% of the time we spend on patching. The only thing that we do is to check which patches are there. We do not have to run around looking at each computer.
We no longer have to do the remote sessions. Everything is in place.
The system prioritizes vulnerabilities, identifying high, medium, and low risks, allowing us to focus on high-risk applications. It allows us to focus on high-risk applications and do the updates.
The second advantage is that we can do the automation. It simply looks for apps that have got updates. It then updates them without user interaction. That saves time for us. We do not have to go through each computer.
The user interface for deploying patches can be improved, as it appears complicated when launching patches. We can launch it for apps or OS, but the steps to get there are a bit tedious. This is the only thing. I am happy with the rest.
We started using Vicarius vRx in 2022.
I would rate the stability a seven out of ten. There were times when the system was not accessible, possibly due to the site being down, but this happened rarely.
I would rate the scalability an eight out of ten. It is very simple; you just script it, and then the computers connect themselves.
We have the head office, and then we have three branches. Our solution is running on about 110 computers. Our IT team consists of three users.
We used their technical support when we started, but it is now running by itself.
The response time was good, but we communicated through a service provider who connected us to Vicarius. Help was received in a matter of three days.
We do not use their community. We simply engaged with their support team.
Positive
We were managing everything manually and had no solution for patch management or vulnerability management before using Vicarius vRx.
The initial setup was straightforward, taking approximately two weeks with the help of scripting to automate software deployment across multiple computers.
It does not require any maintenance. Because it is on the cloud, Vicarius is responsible for it. We just use it.
I am not sure how much it costs, but it would have saved us some costs.
I would recommend Vicarius vRx. A solution like Microsoft WSUS is specific to certain apps, but Vicarius vRx manages all of them. I would advise going for it because it consolidates all the apps.
I would recommend it due to the time savings and scalability. I would rate Vicarius vRx an eight out of ten. It has been extremely helpful and effective for our organization. It has saved us a lot of time.
I use vRx for update management, specifically for updating and patching everything including CVEs or any updates related to security breaches. Updates are configured to install automatically on a chosen day, which is repeated every week. We use Vicarius vRx when there is a security breach. We use it every week.
It updates the firmware and the applications. In the beginning, we had some troubles with the application, but we notified them, and they fixed it very quickly. They sent an update and everything was fixed.
It helped my organization by providing guidelines or a baseline for all the stations and operating systems. When there is a security update or issue, I am aware of it and can distribute it across the organization without having to manually check that each station has the update installed. Vicarius has leveled up my security awareness.
The most valuable feature is the system's ability to provide information about open CVEs and how it compares the local version with available updates.
I rely on vRx primarily for patch management and vulnerability resolution. Another key ability is that it identifies vulnerabilities that are not even flagged by the operating system itself, such as with Windows, and provides necessary updates. If you update the Windows OS, it says that it's up to date but after we check vRx, it says that there are more vulnerabilities.
Its ability to consolidate vulnerability discovery, prioritization, and remediation in a single platform is good. Compared to other solutions, Vicarius is the most effective.
We automated the process of checking OS platforms, updates, and application updates. We repeatedly check it every day and if we have updates that we need to install, we configured it so that it will install automatically on the day we choose. This automation has saved us 30% of our time.
I used the scripting engine once. It worked fine, but I don't need to run specific code, batch, or scripts for my devices. If I need something, I need it for one or two devices, so I send it manually.
Vicarius vRx has reduced our mean time to remediate vulnerabilities by 20%.
It has reduced the amount of time we spend on patching by 50%. It's much quicker to patch and move forward to another task. I can move forward to another task.
Areas that need improvement include the CPU usage and the delay between sending updates and receiving feedback on their status. I hope that more immediate feedback on update installation success or failure is implemented.
I rate stability at eight out of ten. There are some issues like high CPU usage during updates, but these were fixed.
I rate scalability at eight.
I would rate technical support an eight. I find their support services to be relatively effective.
Positive
The deployment process is easy. It mainly involves running a command, and it took about three days to fully deploy across our organization.
It does not require maintenance. It updates automatically.
I rate the overall solution an eight out of ten because while it's good, there is room for improvement.
We use Vicarius vRx for vulnerability management.
We implemented Vicarius vRx because we were looking for a vulnerability scanning platform that did more than provide recommendations but assisted with remediation.
Vicarius' ability to consolidate vulnerability discovery, prioritization, and remediation in one platform is extremely important and a fantastic time saver.
We have automated third-party patching on specific software, improving efficiency by 80 percent.
We saw the benefits of Vicarius vRx during our 30-day POC.
Vicarius is a critical layer in our cybersecurity strategy.
The patchless protection feature works well.
Vicarius' scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities.
The ability to mitigate custom scripts has allowed for flexibility in some of the automation processes.
Vicarius has helped reduce our mean time to remediate by 80 percent.
Vicarius has reduced our patching time, which has improved our operations.
Vicarius is more robust than other solutions because it offers better third-party remediation.
Third-party software patching is the most valuable feature.
The multi-tenant portal has room for improvement, but the changes we would like to see are on the roadmap.
I have been using Vicarius vRx for one year.
We have not had any stability issues.
Vicarius has met all of our scaling requirements.
The technical support is excellent.
Positive
We did proof of concepts on other leading vulnerability scanners. vRX was the clear winner.
The deployment was straightforward and very intuitive. After setting up deployment scripts in our RMM, we can be up and running in less than an hour on new clients.
The implementation was completed in-house with the assistance of Vicarius.
The pricing is very fair.
I would rate Vicarius vRx nine out of ten.
After deployment, Vicarius requires minimal maintenance to monitor for any failures.
I recommend that my colleagues using a different patch management tool compare Vicarius with it.
New users should be prepared to find many vulnerabilities in their UC network when implementing Vicarius.
We are a Vicarius partner, so we resell vRx and other Vicarius products. We use vRx in a lab environment to illustrate the capabilities to our customers, who love it.
With its vulnerability reports, vRx has provided confidence that systems are saving their patches. The customer has the assurance that they have mitigated some of those vulnerabilities there. It's also incredibly important to be able to detect missing patches and misconfigurations, missing registry keys, and things of that nature that help close some of the holes in an environment.
It has reduced the mean remediation time for our customers. We've had a few scenarios where customers have migrated from other patch solutions simply because they lacked confidence. There were additional requirements for verifying that the patch was rolled out or implemented successfully. By removing that additional layer of forced verification, vRx has certainly increased efficiency and the ability to implement those patches successfully.
VRx reduces the time customers spend on patching by reducing the overhead on the administrators, allowing them to do additional work. It saves time they would spend addressing the patching process, follow-ups, etc.
The most valuable features of vRx would be virtualized patching and severity prioritization. It provides that single pane of glass for vulnerability discovery, prioritization, and remediation, which leads to efficiency gains in most cases.
The user community is very helpful. There are some incredibly talented good guys willing to help other good guys fight against the cybercriminals out there. Some users have posted scripts that will be helpful. Obviously, you would want to vet them, but from what I understand, Vicarius vets any scripts posted into the community. There's added protection, and you feel confident you can utilize what other administrators or security professionals have posted to leverage the scripting engine, which is incredibly powerful.
The patchless protection component is an incredible technology that learns the behaviors of an application, detects an anomaly, and isolates that particular application if it misbehaves. It is incredibly powerful because there are many applications out there for which you do not know whether there is a new patch available, or a new binary cannot be deployed because of the environment itself.
One feature customers have praised is the ability to stage packages and schedule tasks. Having the vulnerability scanner as part of the platform also provides that confidence because it runs the vulnerability scan and shows that patch has been installed, that vulnerability has been mitigated, etc.
The network device vulnerability scans can be improved. It would be helpful to be able to mitigate those vulnerabilities using SSH or SNMP to get those updates out to those devices. I don't know if that is possible because it doesn't run an agent. But at the very least, having that CPE information relative to network devices would be incredibly helpful.
The purpose behind that is if I have a vulnerable device and the bad guys know it, they can lock up my devices, which would prevent me from restoring from backups. That would be incredibly important.
We have used Vicarius vRx for one year.
Customers haven't reported any issues to me yet.
Vicarius vRx is a cloud solution, so scalability shouldn't be an issue. I don't know of any hard limitations on the back end.
I rate Vicarius support 10 out of 10. The Vicarius team is incredibly responsive, thorough in their explanations, and professional. Anyone I've spoken with from the Vicarius team has been incredible. They take feature requests seriously and work to implement them quickly compared to many other vendors. It's truly remarkable.
Positive
In my career, I've used products from Symantec and LANDesk. Many years ago, I used SCCM and SMS 2.0 for the manual deployment of individual patches. I've also used Rapid7 and Qualys for vulnerability scanning.
The advantage of Vicarius is that it has vulnerability and patching in one toolset, so we're getting missing patches from a patch assessment and a full look at the configuration of that device and its known vulnerabilities. The scripting engine is also a huge advantage over other platforms. Scripting isn't possible in some enterprise management tools or pure vulnerability tools like Rapid7.
Vicarius combines all these features and components into a single pane of glass where you can update registry keys, delete a file on the system, etc. Vicarius has everything you need to manage vulnerabilities on one platform as opposed to having to reference multiple platforms. VRx is more robust as a remediation solution because of the features I just mentioned. It does have some network discovery capabilities and a robust community.
We have done the deployment a few times — in training and for a large customer. The implementation is simple for customers because the Vicarius customer success team holds the customer's hand during deployments. It takes around a week to deploy. There were a couple of days devoted to learning the environment and a few days for policy creation. In total, it probably takes about five days but not a full 40 hours.
One pain point is education licensing or pricing for smaller customers. I have some very small footprint customers and tools like Vicarius would be incredibly valuable to them, but they can't justify the price.
It's the same with education. Vicarius should offer a deeper discount in education spaces. However, I would note that you can get a better price by working with the account reps.
I rate Vicarius vRx 10 out of 10. Even with the feedback around pricing, I would rate it a 10. If customers are taking security seriously and their data or environment is worth paying for, then they will find the money in their budgets to purchase Vicarius.
Customers often say that they already have a patching tool, so why do I need this. I would ask does your vulnerability patching tool have a true vulnerability assessment component? Generally, the answer is no.
If they have an assessment to look for missing patches, they can search for missing patches and misconfigurations and remediate them all from a single platform. The ability to add automation is incredible. After using multiple platforms, including some of the biggest names, Vicarius is one of the simplest to use and implement and has a strong community of professionals backing the solution.
I use Vicarius vRx to deploy software and Windows updates on endpoints and servers. It is also my preferred solution for deploying new software to specific departments or groups of computers.
We implemented Vicarius VRX to ensure users had the latest updates and patches on their devices.
Vicarius's consolidation of vulnerability discovery, prioritization, and remediation in a single platform is crucial. While it provides comprehensive visibility of vulnerabilities, including those without patches, addressing all of them may not be feasible. The platform excels at enabling swift patching for vulnerabilities with available solutions, but the persistence of unpatchable vulnerabilities on the dashboard can be disconcerting. Despite this, the ability to efficiently manage and remediate patchable vulnerabilities makes it a valuable tool.
We can automate manual tasks using scripts or automation. Vicarius collaborates directly with vendors to obtain updates for every operating system version. Our platform supports various scripting languages, including PowerShell, CMD for Windows, and Bash for Linux and Mac, providing flexibility to execute scripts based on the specific environment.
The time saved by automation depends on the organization's size and the number of employees. In smaller branches with fewer employees, the time saved may not be significant, but in larger branches with more employees, automation can significantly impact efficiency and productivity. While the impact of automation may vary depending on the specific needs and circumstances of each branch, it can be a valuable tool for saving time and improving overall workflow.
Once we configure Vicarius vRx and fine-tune the automation to our desired workflow, we can leave it to run independently without needing to access the system daily or even weekly.
Vicarius vRx completes tasks more quickly than I can. While I can manually update each employee's computer, it would be time-consuming. Additionally, I am unsure when the official vulnerability update will be released. Vicarius vRx automates this process, providing a layer of protection more efficiently.
Vicarius vRx's scripting engine allows for the creation of custom scripts to mitigate vulnerabilities stemming from configuration issues. These scripts can be tailored to specific needs, utilizing either pre-built scripts provided by Vicarius or entirely custom scripts. This functionality allows for actions such as disabling vulnerable services or uninstalling software known to have vulnerabilities, ultimately aiding in mitigation efforts.
Vicarius vRx has significantly reduced our mean time to remediate and patch by over 50 percent.
Vicarius vRx's primary strength is its user-friendly interface. The straightforward and intuitive design ensures effortless navigation and comprehension, allowing users to locate and utilize all available features easily.
The patchless protection feature is currently difficult to understand and could be made more user-friendly.
I have been using Vicarius VRX for almost three years.
There were issues initially because I was one of the first customers to use the solution. However, there are no problems with stability now.
I would rate the stability of Vicarius vRx nine out of ten.
The customer service and support are great. Whenever I've contacted them, they respond promptly with a callback or by email.
Positive
I previously managed updates and patches manually.
The initial setup was straightforward. Deploying it took only hours, and I used scripts to do so through the Visual Studio dashboard.
I rate Vicarius vRx an eight out of ten because, while there's always room for improvement, it meets my needs and provides good support.
We have Vicarius vRx in multiple locations with around 200 devices.
Maintenance is required to keep the automation working correctly.
I recommend Vicarius vRx because it makes our work easier.
We primarily use Vicarius vRx for vulnerability detection and patch management. Its support services, interface, and scripting capabilities are all quite good. The network functionality and audit compliance features are valuable assets that our end customers frequently request.
Vicarius vRx is an excellent platform for consolidating vulnerability discovery, prioritization, and remediation. The vRx agent, deployed on endpoints, detects vulnerabilities at both the OS and application level. It prioritizes these vulnerabilities based on various criteria, including Vicarius's xTag system, which considers application usage and network activity. This automated prioritization, ranging from critical to low, eliminates the need for manual intervention. After installation, the agent automatically scans for vulnerabilities every 15 minutes and plans for remediation.
We automated the installation of critical OS patches and browser updates, as well as updates for essential applications used in every environment, such as Microsoft Word, Excel, and important server-level applications.
The time saved by using the automation depends on the environment and the number of endpoints we have.
The vSociety forum fosters collaboration among Vicarius members, customers, partners, and industry analysts to address vulnerabilities and emerging security needs. For example, when a recent CrowdStrike Falcon update presented an issue, the vSociety community swiftly decided on a mitigation strategy, and carriers remediated the problem within hours, benefiting all end customers.
The benefits of Vicarius were immediately apparent, with no downtime ensuring continuous performance. Patches could be deployed to computers as soon as agents were installed on the endpoints.
As a security engineer, I believe all endpoints and applications should be patched regularly, ideally weekly or monthly. Unpatched systems are inherently vulnerable to security threats. Automated tools like Vicarius can help streamline the patching process and ensure comprehensive security coverage.
Vicarius's patchless protection is a valuable feature that uses a dedicated engine to protect applications from vulnerabilities, especially when patches are unavailable. Many applications have exposed APIs, which malicious actors can exploit to bypass security measures. Vicarius's patchless protection monitors application activity for exploitation attempts and blocks them in protector monitor mode, effectively mitigating the risk of exposed APIs and other vulnerabilities.
A scripting engine allows the creation of custom scripts to mitigate threats, which is especially useful for those with in-house applications. Since these applications aren't publicly available, a repository is needed for patching, and the scripting engine facilitates this. Additionally, the engine can be used to deploy or uninstall third-party applications on endpoints.
Vicarius vRx reduces the mean time to remediate by automatically remediating vulnerabilities in critical applications such as Microsoft Edge and Office within 24 hours of detection.
Vicarius vRx significantly reduced our patching time by 50 percent by automating what was previously a manual process.
Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status. This simplifies updates for IT managers and executives.
Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process.
I have been using Vicarius vRx for almost three years.
While we have not experienced any stability problems, a recent issue with login tokens caused a two-hour system outage.
Vicarius vRx is scalable and it continues to improve in their roadmap.
We have contacted the support several times, and they have always resolved our issues within one or two phone calls.
Positive
While I've used Qualys and ManageEngine, Vicarius vRx offers patchless protection, a key performance indicator of data security that the other two solutions lack.
Deployment is straightforward using Vicarius's one-line PowerShell script installer, which automatically installs the vRx software on edge and endpoint devices. Vicarius also supports deployment through other tools like Microsoft Intune MDM.
The deployment, on average, takes two days to complete.
Vicarius vRx offers a competitive price point for the features it provides.
I would rate Vicarius vRx eight out of ten.
Vicarius vRx is a more robust remediation solution compared to other tools, offering excellent support, features, and performance. We have experienced no downtime with this solution.
Periodic maintenance for vRx is required on the cloud service and for agent updates.
Vicarius vRx is a user-friendly patch management solution that allows for centralized vulnerability management. Through a single portal, users can identify and automatically remediate vulnerabilities.
