Using the solution, I go through the reports and advise my organization on what needs to be done and how to go about it.
Qualys VMDR (US Only)
QualysExternal reviews
184 reviews
from
and
External reviews are not included in the AWS star rating for the product.
With an interesting dashboard, the solution offers stability and scalability
What is our primary use case?
What is most valuable?
I find the solution's dashboard interesting since we get a proper view to streamline our findings and assist in prioritizing the schedule for patching or any other related incidents we believe have already been worked on.
What needs improvement?
Presently, I am more of the technical part. I am allowed to just go through the details of the report, which has been very interesting. It is a struggle to be able to pull our report and to be able to do onboarding using automated tools. So basically, the aforementioned aspect of the report needs improvement.
Presently, whatever I'm working on has been quite fantastic to the best of my knowledge.
For how long have I used the solution?
I have been using Qualys VMDR. I have been using it on my own site as a client. I am just a consultant. I work with Qualys VMDR due to my understanding of the product so that I can help my clients check one or two things that can help improve the digital infrastructure part.
What do I think about the stability of the solution?
The stability of the tool is okay. Most of the time, you need to do the updates online to be able to get off from any vulnerability. As long as you are online since it's on the cloud, it's just as software of which the update has been handled on the cloud as well.
The response time is fine. You can pull up reports without dragging or consuming bandwidth.
What do I think about the scalability of the solution?
The scalability of the tool is okay. Scalability-wise, I rate the solution an eight out of ten. I have not been able to have the solution function at a large scale. Hence, I will be able to categorically say that everything is fantastic.
How are customer service and support?
Presently on my own part, I've not been able to experience the support, but I can search the technical algorithm of which I've not yet got any reports.
How was the initial setup?
The initial setup phase has been quite interesting because of our experience when we had to use the agents on most of the endpoints, which means it was okay for us.
The solution is deployed on the cloud.
What other advice do I have?
I would tell those planning to use it that it is definitely not about the technology. However, at the same time, if you have the technology, make sure you have the right person with the ability to assist you in addressing the advantages of the product.
I rate the overall product an eight out of ten.
Efficient automation feature and provides us with a comprehensive security solution
What is our primary use case?
Qualys VMDR is a vulnerability management and detection response tool. It belongs to the first generation of vulnerability assessment tools. It enables us to manually identify vulnerable keys and fix them. It is built as a cutting-edge continuous platform where we can detect and protect. With this product, we can respond to specific vulnerabilities, going beyond just using artificial intelligence features. We have implemented VMDR across our cloud, physical interfaces, endpoints, and log servers. It's a good digital product for our organization.
How has it helped my organization?
It has improved our organization in many ways. We needed to have a security solution that focuses on different types of things. We discussed budgeting for the cloud and the need for an alternative to taking care of malware. Additionally, we have to consider various attacks. Therefore, Qualys VMDR is a great tool that helps us improve.
What is most valuable?
The most valuable feature is automation.
What needs improvement?
Qualys VMDR is basically susceptible to false positives, and false negatives. We receive a lot of false positives in there. VMDR can be considered a complex solution, especially for enterprises with limited resources or organizations. It requires extensive knowledge as an engineer. So, when using this tool, you need to utilize other tools to remediate the false security issues.
So maybe it should also have the ability to automatically identify and address false positives. In additional features, an automated process for remediating false positives. We might be looking for new types of signatures that can help us identify and address specific issues.
For how long have I used the solution?
I have been using Qualys VMDR for one last year.
What do I think about the stability of the solution?
I would rate the stability an eight out of ten.
What do I think about the scalability of the solution?
I would rate the scalability an eight out of ten.
How was the initial setup?
It took us one month to set up.
What was our ROI?
I have seen an ROI.
What's my experience with pricing, setup cost, and licensing?
The price is very reasonable, so you can definitely go with all the endpoints it offers.
What other advice do I have?
Just consider the licenses we have within VMware. They could replicate some of these features, which are used for premium customers. So, it might be useful to include those features in the subscription plans.
Overall, I would rate the solution a nine out of ten.
Qualys VMDR - Optimize Security and Simplify Vulnerability Management
What do you like best about the product?
Qualys VMDR grants users entry to a holistic vulnerability management solution that operates on a risk-centric approach. Through the prioritization of vulnerabilities, misconfigurations, and assets according to their level of risk, security teams can efficiently distribute resources and promptly tackle the most vital potential threats. This approach significantly enhances the mitigation of security risks associated with vulnerabilities.
What do you dislike about the product?
False positives and false negatives can be a concern with Qualys VMDR. The platform's complex nature may pose challenges for organizations with limited resources or less mature security programs, as it demands a heightened level of asset exposure. It is important to consider these factors when evaluating Qualys VMDR's suitability for specific enterprise environments.
What problems is the product solving and how is that benefiting you?
One of the standout features of Qualys VMDR is its seamless integration with popular ITSM solutions such as ServiceNow and Jira. This integration empowers organizations to automate the entire vulnerability management process, resulting in improved efficiency and streamlined workflows. By automating and integrating these essential tasks, Qualys VMDR greatly enhances overall operational efficiency and ensures a comprehensive end-to-end approach to vulnerability management.
Comprehensive and stable solution, but its technical support service needs improvement
What is our primary use case?
We use the solution for vulnerability management. It helps us identify potentially vulnerable assets. Thus, we can prioritize patching based on a risk score.
What is most valuable?
The solution is easy to use and has many essential features. I found the concept of tags the most valuable feature. It allows us to build assets from different views. We can categorize systems with tags, either automatically or manually.
What needs improvement?
The solution's cloud agent is available only for limited operating systems such as Windows and Linux. They should make it accessible for more systems like FreeBSD. Also, it would be helpful if they made it available for Cisco or Juniper routers. Additionally, its price and support could be better as well.
For how long have I used the solution?
We have been using the solution for six years.
What do I think about the stability of the solution?
The solution is stable. However, it takes time to generate reports.
What do I think about the scalability of the solution?
We have ten solution users in our organization.
How are customer service and support?
The solution's technical support team replies with generic answers. The quality of the response could be better.
How would you rate customer service and support?
Neutral
How was the initial setup?
The solution's initial setup process was straightforward. We just followed the documentation.
What's my experience with pricing, setup cost, and licensing?
The solution is costly.
What other advice do I have?
I recommend the solution to others and rate it as a eight.
Helps with vulnerability scanning and understanding of cyber security controls
What is our primary use case?
We use the solution for vulnerability and policy scan.
How has it helped my organization?
The product has helped us understand cybersecurity controls.
What is most valuable?
I am impressed with the VMDR feature.
What needs improvement?
The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases.
For how long have I used the solution?
I have been using the product for three years.
What do I think about the stability of the solution?
I would rate the product's stability a nine out of ten.
What do I think about the scalability of the solution?
I would rate the tool's scalability an eight out of ten. My company has 10 IT specialists using the product.
How are customer service and support?
The product's support is not very helpful. They suggest things that we already know.
How would you rate customer service and support?
Neutral
How was the initial setup?
I would rate the product's setup an eight out of ten. The tool's deployment took one to two days to complete.
What about the implementation team?
We deployed the solution in-house.
What's my experience with pricing, setup cost, and licensing?
The tool's pricing is expensive and I would rate the pricing a seven out of ten.
What other advice do I have?
I would rate the product an eight out of ten. You need to complete the training before using the product.
Solid platform overall. Support is frustrating & lack of integrations can make automation painful
What do you like best about the product?
Best thing about Qualys VMDR is the ease of deployment of the cloud agent and cloud agent in general. It allows you to (essentially) replace the "old school" internal authenticated scanning process with a continuous light-weight agent based scanning and reporting process. Getting the agent deployed as part of normal CI/CD build processes in modern cloud architecture/infrastructure deployments is a piece of cake as well. It has worked fairly reliably too.
What do you dislike about the product?
Getting support is painful. I ran into a recent issue with the VM API that suddenly occurred out of the blue, with nothing more than a non-descript general error message. Opened a support ticket, and two months later, it still wasn't resolved. I ended up tracking it down myself to an issue with our account (an accident made on their end to our subscription), and that was apparently what was causing the random error. Additionally, there seems to be little-to-no innovation happening and I rarely see any meaningful updates to the platforms we use (VMDR, PCI, WAS, FIM) aside from them breaking out pre-existing modules into new stand-alone services that they then add as new SKUs ( and want to charge extra $$$). For example, instead of improving the existing, native asset management/inventory management module that is included with VMDR, they build a new Cyber Security Asset Management (CSAM) platform, designate the old one as a "legacy" module, and now charge extra for the new one. Total BS.
What problems is the product solving and how is that benefiting you?
Qualys VMDR is a decent vulnerability management solution that is relatively holistic in terms of satisfying internal, external, and host-based vulnerability scanning needs. We mainly use it (over another solution like Tenable) simply because their PCI module is straightforward to use and reliable (and we're in the payments space, so PCI is a must). It's nice to have everything (PCI, WAS, VMDR, FIM, etc.) under one roof. There is much to be desired in the VMDR, WAS, and FIM modules, though. If you want to automate or integrate with ChatOps, you'll be forced to roll your own integration. There's not even a Slack or other collaboration platform integration for VMDR or WAS module, so we were forced to build our own Slack relay for VM and WAS scans; otherwise, we'd be forced to rely on email reports.
Vmdr is game changer
What do you like best about the product?
Remediation and integration with service now
What do you dislike about the product?
UI could be a little easier and easy to use.
What problems is the product solving and how is that benefiting you?
Assigning the ticket.
Impressive show My 1st exposure to the product line
What do you like best about the product?
It's all over here on messenger the ability to explain the different scenarios where one Might be vulnerable to attack
What do you dislike about the product?
I cannot think of any downsides however I am not familiar with the pricing structure
What problems is the product solving and how is that benefiting you?
I'm interested understanding if there is an API integration as it relates to Sip protocol for voice
Best VM product on the market
What do you like best about the product?
The platform and sensors and the intercompatability
What do you dislike about the product?
New products take awhile to be fully mature.
What problems is the product solving and how is that benefiting you?
End to end coverage of asset inventory and vulnerability as well as multiple other security requirements.
Qualys has been a great asset to our tech stack
What do you like best about the product?
VMDR gives us a holistic view of our assets and our risk. True Risk is a allows us to prioritize accordingly.
What do you dislike about the product?
As we use rolling servers, I dislike that our inventory can at times have stale detections for servers that are no longer active.
What problems is the product solving and how is that benefiting you?
It helps us prioritize and manage vulnerabilities and patches.
showing 21 - 30