Some sort of education or knowledge base about the product would be beneficial for beginners. They could offer more training sessions for beginners who are new to the solution, as learning would be great for them.
The policy creation aspect needs improvement. Our team has limited knowledge about creating policies, and I need to focus on this area more. I should study more about creating and handling policies efficiently.
Policy implementation is sometimes a little bit different than, for example, the CIS standards. If you are using a CIS type of standard, controls will be differently implemented, and that implementation is not straightforward. There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides.
It would be good if the solution’s technical support could be faster. I would like to improve the solution's detection feature whereby any vulnerability can be detected and immediately put in the sandbox.
The reporting needs improvement. While the tool is really good at doing the assessment, it's not as good at reporting various compliance states. Maybe management reporting could be improved as well. They really need to improve the versioning of the policies. You can create basically your own policy based on the industry practice. However, if that industry practice changes, for example, maybe there's a new version from Microsoft, you basically need to start from scratch. That kind of migration from the old best practice to the new best practice and retaining all those customizations that have been done for the old one that has not been actually done. That's something to improve. However, we typically do it as we work with it. We do it programmatically. We do it through the API.
IT Governance ensures that IT resources are used responsibly, aligning IT strategies with business goals, and mitigating risks. It establishes structures and processes to support decision-making and performance measurement in IT environments.Implementing an effective IT Governance framework helps organizations manage their IT infrastructure efficiently, leading to improved compliance, better risk management, and enhanced IT performance. This framework integrates best practices and standards,...
Some sort of education or knowledge base about the product would be beneficial for beginners. They could offer more training sessions for beginners who are new to the solution, as learning would be great for them.
The policy creation aspect needs improvement. Our team has limited knowledge about creating policies, and I need to focus on this area more. I should study more about creating and handling policies efficiently.
Policy implementation is sometimes a little bit different than, for example, the CIS standards. If you are using a CIS type of standard, controls will be differently implemented, and that implementation is not straightforward. There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides.
It would be good if the solution’s technical support could be faster. I would like to improve the solution's detection feature whereby any vulnerability can be detected and immediately put in the sandbox.
The reporting needs improvement. While the tool is really good at doing the assessment, it's not as good at reporting various compliance states. Maybe management reporting could be improved as well. They really need to improve the versioning of the policies. You can create basically your own policy based on the industry practice. However, if that industry practice changes, for example, maybe there's a new version from Microsoft, you basically need to start from scratch. That kind of migration from the old best practice to the new best practice and retaining all those customizations that have been done for the old one that has not been actually done. That's something to improve. However, we typically do it as we work with it. We do it programmatically. We do it through the API.