Qualys TotalCloud offers comprehensive visibility into all cloud environment assets, allowing for the identification of failing assets under policies and controls to ensure compliance and generate related reports.

We implemented Qualys TotalCloud to improve control over our publicly exposed assets, centralizing alerts and remediation efforts.

TotalCloud provides written explanation to help guide remediation paths and eliminate cyber risk.

TotalCloud has greatly enhanced the organization by helping identify misconfigurations and vulnerabilities that weren't visible before. It provides visibility and remediation, primarily for production and non-production environments, thus improving our overall security posture.

TotalCloud offers vulnerability and threat assessment for both Infrastructure as a Service and Software as a Service environments through a dedicated module designed to identify vulnerabilities in both.

TotalCloud has improved our security posture by simplifying the identification of misconfigurations and vulnerabilities in our resources, enabling us to quickly remediate any risks.

TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization. This efficiency saves us approximately 20 to 30 percent in costs.

The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations. The remediation features allow configurations to address issues promptly.

There is a resource-finding window in Qualys TotalCloud. We encountered challenges identifying the correct resource category for certain items, such as those in containers or storage. Specifically, we struggled to formulate effective queries within those modules to determine the properties of the items. Qualys could improve by enhancing the user interface to allow for easier query building, enabling users to simply click on UI elements and add them to the query.

I have been using TotalCloud for three years.

I rate the stability of Qualys TotalCloud eight out of ten.

I rate the scalability of Qualys TotalCloud nine out of ten.

The technical support team is strong and helpful in solving issues promptly.

The initial setup was straightforward, with deployment taking about a week.

The deployment primarily involved five to six core team members, with additional support from various departments for broader organizational implementation.

TotalCloud has yielded significant cost savings by reducing manual effort by 20 to 30 percent and generating overall savings of 30 to 40 percent across various departments.

Qualys TotalCloud is cost-efficient and was selected for its value compared to other products.

We conducted a proof of concept with Check Point and Trend Micro. However, we ultimately chose Qualys due to its superior visibility and broader range of options, despite some challenges with its user interface.

I would rate Qualys TotalCloud eight out of ten.

I'm interested in Qualys TotalCloud incorporating orchestration capabilities to automate manual tasks and eliminate the need for transferring information and performing actions manually. Ideally, this would involve a workflow feature. While exploring options, I found that TruRisk Insights or another module might already offer this functionality.

Qualys TotalCloud is deployed in multiple locations globally, supporting approximately 200 users.

Qualys TotalCloud is designed to require minimal maintenance.

I recommend TotalCloud for its simple onboarding and cost efficiency, providing a holistic view of cloud assets.

Our primary function for Qualys TotalCloud is managing SaaS applications within cloud environments. It focuses on identifying data leakage vulnerabilities and managing compliance risks.

Qualys TotalCloud offers written explanations to guide remediation and mitigate cyber risks. These explanations are crucial because they allow us to simulate the attack steps within a virtualized environment, fostering quicker comprehension and facilitating strategic responses as needed.

Qualys TotalCloud has provided frequent updates and support, drastically changing and enhancing the solution with additional features.

Qualys TotalCloud has offered unified vulnerability and threat assessment across both IaaS and SaaS environments, improving the organization's cloud security posture. This solution has instilled confidence in using the cloud infrastructure by overcoming challenges related to exposure and open internet access.

Qualys TotalCloud offers a unified, prioritized view of risk by combining the features of a compliance manager with other security management tools. This approach helps our organization effectively identify, assess, and prioritize risks, ultimately improving our overall security posture. The centralized platform provides a comprehensive view of risk while reducing the manual effort involved in identification. Previously, manual identification often failed to uncover risks that are now easily revealed by the platform.

The TruRisk Insights feature identifies assets with high vulnerability scores and the authorities to whom penalties may be owed.

TruRisk Insights has successfully identified all assets, including those with high vulnerability scores. We are able to use the information to quickly check for patches or fixes and address critical vulnerabilities.

The TruRisk Insights feature has improved our security posture by 80 percent.

Qualys TotalCloud's most valuable features are its security capabilities that help identify and mitigate risk factors. By providing a comprehensive view of the cloud environment's security, it detects malware, data leakages, and vulnerabilities. Additionally, the solution offers visualized attack paths to facilitate better understanding and implementation of security strategies.

Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures. Additionally, enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage. Expanding these features to provide a more comprehensive compliance solution would be advantageous.

I have been using Qualys TotalCloud for over six months to a year.

I would rate the stability of Qualys TotalCloud nine out of ten.

I would rate the scalability of Qualys TotalCloud nine out of ten.

While customer service is satisfactory, providing necessary support, frequent updates, and beneficial training, more communication from the vendor would be appreciated.

The initial setup of Qualys TotalCloud took two months and involved four to five people. The setup process was straightforward.

The implementation team consisted of four to five full-time employees who were involved in deploying the solution over a period of two months.

I would rate Qualys TotalCloud eight out of ten.

We have Qualys TotalCloud deployed in multiple departments.

Qualys TotalCloud requires maintenance for servers, licensing, and additional features.

I would recommend Qualys TotalCloud to other users due to its scalability, insightful risk analysis, and overall effectiveness.

Our client environment is a hybrid model, consisting of both on-premises and cloud assets. For this environment, we utilize Qualys TotalCloud to manage vulnerabilities, secure containers, and protect cloud workloads.

Qualys TotalCloud offers written explanations to guide remediation paths, leveraging its extensive knowledge base.

TotalCloud provides a unified vulnerability and threat assessment, which has improved our security posture. It offers a holistic understanding of our cybersecurity posture and gives us a single, prioritized view of risk, reducing the work we must do to compile multiple sources.

Initially, we were unfamiliar with TotalCloud's capabilities, having previously relied on Qualys. We placed our trust in Qualys's assessment of TotalCloud, and it took three to four months before we realized the benefits of the platform.

TotalCloud provides a unified vulnerability and threat assessment across IaaS and SaaS, giving us a holistic understanding of our cybersecurity posture.

The single prioritized view of risk TotalCloud provides helps reduce the work we have to do to mitigate risk.

Qualys TruRisk offers a comprehensive approach to risk assessment that goes beyond the limitations of the outdated CVSS score. By incorporating an Exploit Prediction Scoring System, TruRisk provides a more accurate and holistic score, reflecting the true criticality of a vulnerability and enabling timely remediation.

TruRisk has identified a small number of assets with high vulnerability scores. To improve our cybersecurity posture, we can prioritize these assets based on their vulnerability level rather than address all assets.

Qualys TotalCloud's most valuable feature is its agent versatility. Deploying a single agent provides comprehensive visibility across various cloud aspects, including workload protection, security posture management, and container security. This eliminates the need for multiple agents, streamlining the process and enhancing vulnerability detection.

Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer. Therefore, Qualys TotalCloud is not a suitable option for these institutions.

The cost of Qualys TotalCloud is high and could be more competitive.

I have been using TotalCloud for approximately one year.

Qualys TotalCloud is quite stable, and there are no issues with lagging, crashing, or downtime. It offers 99.9 percent uptime.

Qualys TotalCloud is scalable and can grow with our needs.

The company employs various vulnerability management solutions based on cost-effectiveness and client preferences for on-premises options. These solutions include Tenable, SecPoint, and Zoho ManageEngine, used in conjunction with Qualys.

The initial setup is straightforward. It does not take more than an hour and can be managed by one person.

The implementation is a one-person job. It does not require a team.

Qualys TotalCloud is expensive, but it offers a premier solution with no headaches.

I would rate Qualys TotalCloud eight out of ten.

Qualys deals with the maintenance of TotalCloud.

I recommend new users to follow the Qualys TotalCloud documentation carefully as it is comprehensive and will guide you in deploying the solution easily.

We typically onboard all clients in both cloud using Qualys TotalCloud and on-premises environments.

We began to see the benefits of Qualys TotalCloud within the first month, despite initially having few clients with cloud-based environments. Most of our clients were on-premises, limiting our exposure to TotalCloud's capabilities. However, in recent months, we've gained more experience with the platform as we've acquired clients utilizing cloud assets. This increased usage has highlighted the tool's increasing user-friendliness, particularly noticeable in the improved query functionality, which was initially quite challenging.

Qualys TotalCloud provides a unified vulnerability and threat assessment across both IS and SaaS.

Qualys TotalCloud provides a single prioritized view of risk. We can prioritize the threats with TruRisk. A single prioritized view of risk reduces effort by allowing us to accept certain risks as exceptions, focusing only on the critical ones. This streamlined approach saves time and resources for both us and our clients. This saves us around 20 percent of our costs.

Qualys' TruRisk Insights provides comprehensive risk assessment using its own risk calculation system. This system automatically generates an asset risk score based on the criticality of assets and any provided context. By analyzing vulnerabilities and their potential impact on the environment, TruRisk effectively flags them, allowing for a comprehensive approach to risk prioritization. For instance, high-severity vulnerabilities with high CVSS scores affecting multiple assets would be prioritized for remediation. The system's ability to flag vulnerabilities based on the environment and asset criticality makes it a reliable tool for risk management.

TruRisk Insights sometimes identifies assets with high vulnerability scores. For clients onboarded in TotalCloud, patching is managed by the client, while for on-premise clients, patch management is handled using Qualys. Monthly and weekly reports are provided to all clients, highlighting high vulnerabilities and major risks based on asset criticality. Remediation steps, available through Qualys, are included in the reports to assist clients in addressing identified vulnerabilities.

TruRisk Insights has improved our security posture by providing a genuine number of critical vulnerabilities that need to be addressed immediately based on risk level.

I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers. This user-friendly platform provides a comprehensive inventory of all assets and allows for customized policy and control design, a feature I find unmatched by other tools.

Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies.

I have been using Qualys TotalCloud for almost two years.

I would rate the stability of Qualys TotalCloud eight out of ten.

I would rate the scalability of Qualys TotalCloud eight out of ten.

The support process is inefficient due to the excessive number of replies required when submitting tickets. A more efficient solution would be to provide instant call options with engineers, comparable to features offered by other tools.

We switched from Rapid7 to Qualys because the latter offers a more comprehensive suite of modules, greater flexibility, and more advanced querying capabilities.

The initial setup of Qualys TotalCloud is easy. If all the required information is available, it takes less than an hour to deploy.

Deployment and other technical tasks are generally handled by two people, but the reporting team consists of many people.

Though I'm not deeply involved with the financial aspects, I estimate that at least twenty percent of costs are saved thanks to Qualys.

I would rate Qualys TotalCloud nine out of ten.

Our clients consist of small and medium businesses.

I highly recommend Qualys TotalCloud to other users. Their strong technical team consistently delivers high-quality solutions and demonstrates a commitment to ongoing research and improvement, effectively addressing problems in a timely and long-lasting manner.

All our cloud products are onboarded to Qualys TotalCloud, which scans for and provides information on vulnerabilities. We also get PCI-compliant images. TotalCloud helps with cloud security, including detecting and managing vulnerabilities, which is valuable for our remediations.

TotalCloud helps remedy zero-day vulnerabilities with its patchless remediation. Large enterprises face many zero-day threats, and TotalCloud can fix them before the patches are released to the public. TotalCloud provides a unified view of vulnerabilities in infrastructure as a service and software as a service. They've also integrated AI-based protection against data theft and leakage. Having this together on one dashboard is a significant advantage. We realized the benefits immediately. Our client is a Fortune 500 company, so we run scans daily and see the changes.

I appreciate TotalCloud's real-time protection and remediation features. The remediation options include automated one-click remedies and custom changes that help manage vulnerabilities efficiently.

The security scan helps with compliance and includes API-based integration. The TotalCloud agents are a great innovation in cloud security, and they'll soon implement the risk operation center, a cloud management portal that aids integration with many connectors to other solutions, such as ServiceNow. This will improve cloud management for large enterprises.

TotalCloud's written explanations of attack paths for vulnerabilities are amazing. It's a huge advantage of the platform. TruRisk can address critical vulnerabilities regardless of whether there is a patch.

You can automatically map vulnerabilities to patches or mitigation controls to apply agents or agentless mitigation for zero-day issues. TruRisk is built into the VMDR module, so we don't need to purchase a different product. The range of risks TruRisk covers is comprehensive. It has transformed our remediation strategy into a patchless one. You can use it for patch-based or patchless remediation, but patchless is more beneficial for larger enterprises. However, it's equally beneficial for startups and small businesses because it's so comprehensive.

TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments.

I have been a Qualys customer for 10 years and used TotalCloud for about a year.

TotalCloud is very stable, with no lagging or crashing issues noted.

TotalCloud is fully scalable and effectively supports our needs.

I rate Qualys support nine out of 10. Qualys's tech support is highly responsive, providing multiple ways to interact with them. They arrange Webex sessions for real-time issue resolution and promptly respond to emails. The quality of customer service has improved significantly over the past eight years.

The initial setup was pretty easy. We have deployed across various regions, including the United States and Europe, in development and cloud environments. A six-person high-level implementation team handled it, so I can't say how long it took, but I know it was completed by the deadline.

We have an in-house six-member team for multiple proofs of concept and implementations. It does not require multiple people, but they also manage operations.

The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing.

Users should manage their assets effectively to utilize TotalCloud efficiently, as asset management is crucial.

The users, they should be prepared with their, you know, how with their assets. So they should manage their assets properly. With that, they can utilize the TotalCloud efficiently. Asset management is the key.

Qualys TotalCloud is a comprehensive solution that provides cloud security, cloud-related metrics, and a better understanding of our Cloud Security Posture Management (CSPM). Vulnerability assessment and our progress in terms of vulnerability remediation are also included.

By implementing Qualys TotalCloud, we wanted a single pane of glass for our cloud-related functions. We wanted to be able to see the security posture and compliance status and also do a vulnerability assessment or remediation. Qualys TotalCloud fulfills all these needs.

QFlow helps automate our remediation efforts. We can automatically do the remediation of vulnerabilities.

Previously, for Azure scanning, there was a very limited scope. We also did not have much scope for compliance. We wanted to have something that could give us this combination of vulnerability assessment and compliance posture. Our compliance posture has improved. We got to know where we are not compliant. All these things have contributed to our organization.

Qualys TotalCloud provides unified vulnerability and threat assessment across both IaaS and SaaS. It also provides a single, prioritized view of risk. Previously, we used to follow a traditional method of severity-based remediation, but now, the technology has evolved. With TruRisk, we can now know the exact risk to our organization. It helps with risk prioritization and also saves time.

Qualys has been a market leader for more than 20 years. They have vast information resources. They collect the data for us. We do not have to go out and search for vulnerabilities.

The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans. We need to do some configuration in the connector, and it handles the rest of the things. Data compliance, vulnerability assessment, and remediation parts are taken care of by Qualys. We get all the required data. The connector collects all the metadata for our cloud environment. Scans are performed automatically. There is no intervention from our side.

There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness. We rely on other solutions like Microsoft's Defender for these scenarios and hope Qualys can improve its assessment capabilities for PaaS services.

As an organization, we have been using Qualys TotalCloud for more than three to four years. It was previously known by a different name. They have now standardized all cloud security-related things under TotalCloud.

Qualys TotalCloud is quite stable. I would rate its stability as an eight out of ten.

I would rate its scalability a seven out of ten as there are some aspects we need to explore further.

Their customer support needs improvement. It is not up to mark. While we do get responses, the quality varies considerably based on the expertise of the support individual. We get a better response from a senior person, but we struggle a bit with a less experienced person. It can take three to four days to get an initial reply. I would rate their support a seven out of ten.

We also use Microsoft Defender.

We have a hybrid model. Its deployment is neither easy nor complex. It was a mid-level effort.

We have one tenant, and under that, we have multiple departments such as HR. There are only a few departments that are focused on Azure. Rest all are on-prem. Most things are on-prem, but something that is critical is hybrid. We have five to six people working with Qualys.

It does not require any maintenance from our side.

It is a good product for organizations looking to have a comprehensive view of their vulnerability assessment, remediation, and compliance posture. It is an effective solution.

I would rate Qualys TotalCloud an eight out of ten.

We use Qualys TotalCloud to monitor deployments across our pipelines, controllers, AC, and AKS instances. This tool identifies vulnerabilities before deployment, addressing a previous gap in our system management. By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline.

The vulnerability reports we receive primarily include remediation guidance or steps provided by the vendors. While we haven't acquired Qualys Patch Management yet, we're in the process of doing so. However, the reports offer sufficient information on remediating vulnerabilities, including identification and replication steps. This documentation is typically sourced directly from official vendors like Cisco or Microsoft, ensuring its genuineness. Qualys provides these official vendor documents, making their solutions and remediation strategies reliable. Although rare, occasional inaccuracies occur, which is common with any technology.

We realized the benefits of Qualys TotalCloud after gaining an understanding of how its various components, such as VMDR, eSAM, and eSAM modules, integrate with our systems. The addition of API testing capabilities further enhances this solution, allowing us to leverage TotalCloud for comprehensive security management. We are also exploring the newly launched Risk Operation Center module, which provides insights similar to a SOC by identifying vulnerabilities that could potentially exploit our environment.

Qualys VMDR solutions provide a comprehensive view of vulnerabilities identified by TotalCloud, encompassing vulnerability management, web application firewall, and secure configuration modules. All identified vulnerabilities are collectively displayed within these modules, offering a monthly overview of the organization's current security posture.

The severity levels are visible in the single preauthorized risk view. Customizable dashboards offer various templates for display and presentation, tailored to customer requirements, including the option for hardened dashboards.

TruRisk has identified a small number of assets with high vulnerability scores. Public-facing assets require immediate patching, while less critical assets are isolated before patching.

TruRisk currently provides real-time scenario analysis. We have real-time vulnerability detection and a real-time patch management solution operating actively within our infrastructure, not just theoretically within Qualys. This gives us a clear picture of our operational status and how everything functions within our infrastructure. While not achieving one hundred percent visibility, we have approximately 97 percent comprehensive monitoring of our infrastructure and its performance.

Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses. This enhanced visibility significantly improves our understanding of our infrastructure, addressing a previous deficiency.

Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate. A simplified interface would greatly benefit users.

I have been using Qualys TotalCloud for more than half a year.

Overall, Qualys TotalCloud is good when it comes to stability. It performs well without significant issues.

The solution scales quite easily.

The support is not up to the mark and seems to be overburdened. The closure time for support tickets often exceeds a week, sometimes extending to more than two weeks, particularly for bugs.

During a proof of concept, I evaluated Prisma, but despite offering comparable features, it lacked certain key aspects, leading us to ultimately select Qualys TotalCloud.

The initial setup of TotalCloud was sound and straightforward, and knowing the process made deployment easy. The only challenge was due to the number of servers we were running.

The implementation was completed in-house.

While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced.

I evaluated Prisma during our proof of concept phase.

I would rate Qualys TotalCloud eight out of ten.

While TruRisk Insights effectively identifies a wide range of risks, I still have a lingering feeling that I might be missing something. I tend to be cautious and need strong assurance before feeling confident in any path forward. Although TruRisk brings most potential issues to my attention, I sometimes feel the need to investigate further myself. This may be a personal quirk, but I believe TruRisk is performing well and fulfilling its intended purpose.

Apart from agent updates, Qualys TotalCloud does not require maintenance.

For new users, I recommend not jumping directly onto Qualys TotalCloud. Instead, take the time to get familiar with the GUI and control locations first. This will make handling other operations much easier.

Qualys TotalCloud provides a holistic view and insights into vulnerabilities, helping identify and track risks effectively.

It provides unified vulnerability and threat assessment across both IaaS and SaaS.

It helps to prioritize risks. The TruRisk Insights feature is particularly helpful in providing a comprehensive range of risks. We also have a TruRisk score for vulnerabilities. We can filter vulnerabilities based on the TruRisk score. For example, we can filter vulnerabilities with a TruRisk score of 500 to 700 and prioritize them.

The most valuable feature is the consolidated information that it provides from various platforms. We can find most of the things related to vulnerability management in one place.

There is room for improvement in the support. When deploying a Qualys solution at any client location, effective support should be there for all modules.

We have been using it for seven months.

Qualys TotalCloud is stable. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a nine out of ten for scalability.

As of now, we are only using it at multiple locations in India. We have about seven members working with Qualys.

Their support could be improved. I would rate their support a six out of ten due to availability issues.

We were using another solution. That solution was more environment-specific, whereas Qualys provides a hybrid approach. It is better in terms of vulnerability correlation and prioritization.

The deployment is easy. It takes about a month if everything is already in place.

In terms of maintenance, we just have to ensure that all the risks are identified and the reporting and configurations are correct. These are our daily operations.

If you want a single-page view of vulnerabilities in your environment, you should go with Qualys TotalCloud. The correlation is very good.

Qualys TotalCloud is a comprehensive solution. Expert knowledge is required to implement it according to the organization's needs. It should be aligned with the organization's requirements. It is a continuous learning and improvement process.

I would rate Qualys TotalCloud an eight out of ten.

Our organization utilizes a multi-cloud environment primarily consisting of AWS and Azure, with limited GCP instances. To meet audit, compliance, and monthly scanning requirements, we employ Qualys TotalCloud. This involves deploying Qualys cloud agents and conducting regular scans of containerized environments, including registry-based scanning, Linux modules, and Docker instances. These scans may be triggered by ad-hoc requests, audit requirements, or compliance obligations.

Qualys TotalCloud offers comprehensive explanations and remediation steps for identified issues. Although it includes the FAST management module with built-in remediation capabilities, our organization hasn't subscribed to it, as the standard solution already provides adequate remediation guidance.

We realized the benefits of Qualys TotalCloud within three weeks, once we gained full visibility. The platform offers various features beyond a single module, including Security Assessment Questionnaires, reporting, and asset management. Integrating these features into our daily workflow, alongside other web application modules and the VMDR, took some time. We dedicated one to two hours daily to TotalCloud, and it took approximately two weeks to become proficient with the navigation and delivery methods within this cloud security module of the Qualys platform.

Qualys TotalCloud offers a comprehensive vulnerability and threat assessment through unified scanning and reporting. While we conduct the scans and generate reports, regular customer feedback is crucial as they analyze the raw data, except for critical cases where we intervene due to workload constraints. Customers have reported a positive experience with the report's readability and level of detail, comparing favorably to others they use. Furthermore, Qualys's extensive knowledge base ensures thorough vulnerability identification across VMs and infrastructure with 99.9 percent accuracy. In my five years of experience, only one or two issues arose, unrelated to TotalCloud specifically.

Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities. It also offers insights into organizational risk scores and utilizes a TrueRisk scoring system to assess and prioritize vulnerabilities effectively.

We've had extensive discussions internally about Qualys' TrueRisk formula, which calculates risk by considering the vulnerability's CVE, CVSS score, asset risk rating, exploitability, and code maturity. While we can see the sources for this information in the details tab, we haven't found any discrepancies in their scoring over the past year. Therefore, we consider Qualys' TrueRisk score reliable and use it to prioritize ticketing in ServiceNow, automatically assigning high and critical tickets for scores above 80 and 90. We trust Qualys as a source of truth, with over 95 percent confidence in their accuracy, and expect this to increase as the product matures.

Qualys TotalCloud TrueRisk has significantly improved our organization's security posture by providing automated and scheduled scans. It has also offered us a clearer understanding of our infrastructure, enabling us to prioritize our time more effectively. The platform's automation and API integrations have reduced the manual effort required for monitoring, leading to a more efficient audit and compliance management process. Additionally, the integration feature with Power BI and other tools enables us to visualize data more accurately, which we find unique and valuable.

Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities. The platform's cloud-native, zero-touch infrastructure enables complete automation and API integration, minimizing manual intervention and allowing for efficient resource allocation. This automation frees up time for in-depth infrastructure analysis and improvement. Additionally, integrating Qualys with Power BI through a custom feature provides comprehensive, automated dashboards for enhanced data visualization and analysis, a rare implementation even among large organizations. TotalCloud centralizes all applications, including virtualization, into a single platform. The customizable dashboards within TotalCloud, similar to those in Qualys VMDR, offer further flexibility and insight.

A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux. We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments.

I have been using Qualys TotalCloud for over one and a half years.

I have not experienced any stability issues with Qualys TotalCloud. There have been no crashes or lags, and the experience has been smooth and reliable.

As our current deployment is small-scale, we have not faced any scalability issues. We plan to expand our deployment and believe the solution will scale well.

I have contacted Qualys support on several occasions and found their quality to be commendable. They provide helpful documentation and proactively engage in follow-up calls to ensure any outstanding issues are resolved.

While I am aware that our product management team uses Nessus, our IT team exclusively uses Qualys TotalCloud for our needs. We have found it to provide comprehensive features suited to our infrastructure requirements.

In my experience using Nessus and Tenable for six months and Qualys for four and a half years, I found Qualys's user interface to be superior. Navigation and visualization in Qualys were consistently smooth and intuitive, with a well-designed help section offering clear guidance. Overall, my user experience with Qualys was positive, combining technical functionality with ease of use.

The initial deployment of Qualys TotalCloud was straightforward and swift. We completed the small-scale deployment within one or two weeks.

Our in-house team handled the implementation, with no third-party involvement. The deployment on a small scale required approximately two people.

I would rate Qualys TotalCloud nine out of ten.

No maintenance is required from our end.

My advice for new users is to follow Qualys' training materials for VMDR, vulnerability management, and container and cloud security modules. This will improve their user experience and technical understanding.

We are using the Cloud Security Posture Management (CSPM) and the Cloud Detection and Response (CDR) module. CSPM helps manage configuration compliance, and we have configured FlexScan in our environment for Internet-facing VMs.

We are in the process of evaluating further advanced features like Cloud Detection and Response and IAC.

TotalCloud provides written explanations to help guide remediation paths and eliminate cyber risk. These explanations are very helpful because not everyone is well-versed in the technology. We have different layers of team. Everyone does not know the technology well. The explanations help across the board.

It provides a single, prioritized view of risk. That is absolutely what we want. We want everything organized in one place. It helps to focus on high risks.

Qualys TotalCloud has helped us view our risk structure, vulnerabilities, and security posture. It does require some fine-tuning, but we do see very good results.

Our risk team uses TruRisk insights, and we have heard very positive feedback about it.

CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs. With everything moving to the cloud, it is something interesting.

We are still exploring it. Currently, we only have two modules. Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released.

We have been using TotalCloud for approximately one and a half years, but we have been using Qualys products for the last 10 to 12 years.

I would rate it a seven out of ten in terms of stability.

I would rate it a nine out of ten for scalability. It has been fairly scalable for our needs.

The support from Qualys is excellent. They meet delivery timelines very well, and the response times are satisfactory.

We have been a Qualys customer for a long time and have not yet used any alternatives to TotalCloud.

FlexScan was a bit tricky, but CSPM was fine. Overall, it was easy. It took us approximately three months to fully align and deploy.

It took us some time to realize the benefits of TotalCloud. Being a new product, it took us some time to adapt and fine-tune TotalCloud to our infrastructure and security requirements. Once we went through that cycle, we started seeing its benefits.

We received support from Qualys. Our TAM helped us in arranging resources.

As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive.

We are yet to explore it fully. I would rate TotalCloud an eight out of ten.