Sometimes I lack the details of misconfigured devices, such as cloud servers and cloud machines, which are hosted in our environment. We face issues while identifying these devices. We used to execute commands to check connectivity, which helped us identify misconfiguration issues or rely on vulnerability reports. Since TotalCloud was introduced, we can remediate these issues once we get the report from TotalCloud.

There are many features that impress me. The first is the misconfiguration detection, as mentioned earlier, and the detection feature alerts us about security tools and reported users. TotalCloud allows us to monitor our cloud environment. Monitoring devices hosted in the cloud dashboard is easy. Additionally, some features prioritize the misconfiguration option. For instance, if a cloud server is critical, it should be prioritized for prompt alerts. These are key features I like about TotalCloud. The best part I like is the on-demand scans. For example, if some machines have open vulnerabilities and the remediation team resolves them, the on-demand feature allows us to verify vulnerability resolution promptly. This helps the remediation teams significantly in closing critical vulnerabilities efficiently.

While I am still learning TotalCloud, which has the latest features introduced, I attended a Qualys event this year. There are navigations that can be improved. Some customizable dashboards provided in the dashboard part also need attention. The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources. An enhancement feature could improve TotalCloud further.

I have been using TotalCloud for more than two and a half years.

It is obviously scalable. However, it is improving, so I rate it nine.

Technical support can be rated 8.5 out of 10.

I started my career in college. I was completely involved in college. I recently switched to CloudSight. As per the company's requirement, they have shifted me to the CloudSight product. I am still using Qualys and CloudSight. There is no difference as Callist is a centralized tool. It starts from the lifecycle, detection, remediation, and reporting. If vulnerabilities reopen, it detects them again. The lifecycle continues. It also patches and remediates endpoint servers in the tool itself. This is the part I like best about Callist compared to other vendors.

It is quite easy. We deployed the Cloud TotalCloud Agent to servers and endpoints easily, without feeling any complexity.

It saves a lot of time and manual effort. We have many options to raise a case if it can be automated. CallStream helps us integrate and automate tasks. It helps us automate lots of things.

It is not cheap. For smaller businesses, people running businesses with a small number of users cannot afford Qualys, as I understand. However, in MNCs and bigger organizations, the cost is not significant. There are different pricing models, like the patch management module, which requires a different price to access. It is not cheaper, but also not expensive.

I definitely recommend other organizations to have this product in their environment. The price is a factor. Smaller organizations might find it unaffordable. However, there are different options depending on the budget, such as purchasing a smaller number of licenses. I highly recommend it. I work for LTI Mindtree, a large organization. Overall, I rate the product nine out of ten.

We use it to obtain cloud compliance status. TotalCloud assists in presenting the cloud compliance data in a report format.

TotalCloud provides the easiest and the best approach for cloud infrastructure management. It helps us get all risks and vulnerabilities in a single report.

TotalCloud provides unified vulnerability and threat assessment across IaaS as per my knowledge. I am not sure about SaaS.

It provides a single, prioritized view of risk. We get to know about the severity of an issue and we can get it rectified as soon as possible.

The vulnerability and posture management information help us remediate the issue and improve our security posture.

TotalCloud saves us time and cost. We do not have to separately integrate each and every account subscription. Once we integrate the parent account, all the other child accounts get integrated automatically. It collects all the tag and inventory information on the cloud. That helps us to reduce risks.

The TruRisk Insights feature has helped to identify issues with high vulnerability scores and reduce risk. We did not have similar insights previously. There is about 50% to 80% reduction.

TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure.

There should be improvement from a dashboard perspective when collecting and showcasing data to lead management. In such cases, improvement is necessary. While the policies and integration are perfect, issues arise when showcasing data.

We have brief written explanations explaining the issue, but a video explanation would also be useful.

I have used the solution for one and a half years.

It is stable. I would rate it a ten out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We have different environments and multiple cloud platforms. As an admin, there are more than 50 users.

Their support is good. I would rate their support a nine out of ten.

We were not using any similar solution previously.

It is easy to deploy and integrate accounts. It took just five to ten minutes to integrate the API and collect information.

It is a SaaS platform that does not require any maintenance.

I recommend using it for posture management if a cloud agent is available. The cloud agent collects information for vulnerabilities and makes it accessible as a single source of information.

I would rate Qualys TotalCloud a nine out of ten.

I use it for scanning the complete environment at an enterprise level. I need to check all the systems to ensure they are secure, and if there are any known vulnerabilities, whether the vulnerabilities are being addressed or any on-demand scan needs to be performed through Qualys.

FlexScan helps with complete insights, and some AI-driven features are also available in TotalCloud. We use it for SaaS applications such as Microsoft 365.

TotalCloud provides unified vulnerability and threat assessment across both IaaS and SaaS. We have information about any unpatched versions or out-of-support versions. It is cloud-integrated, so all the CVEs and known signatures are integrated, and it can automatically address the issues.

The TruRisk Insights feature has basic vulnerability detection and AI integration. It is like a risk management tool. It provides all security threats with a risk score to the team. That helps to prioritize the threats and remediate them.

The time efficiency depends on the scale of the environment. For example, in large enterprises where hosts are cloud-hosted, one can see some time reductions compared to other scanners.

Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable.

In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system.

I have been using Qualys TotalCloud for the past five to six years.

The stability is good. It is a reliable tool. It does not crash, and in my experience, this tool has never gone down. The downtime is minimal, and when it occurs, it is usually because of known maintenance.

The scalability level is good compared to other tools. It is scalable and extendable.

I have not contacted them, but I have heard that their technical support is as good as other vendor solutions such as Splunk or QRadar. However, it is not as top-notch as Microsoft. Microsoft provides better vendor support and deals with issues on a high priority.

I have used Nessus as a previous solution. Qualys TotalCloud is more user-friendly than Nessus, so I prefer Qualys TotalCloud.

I found the initial setup user-friendly. We had the user manual handy. It was like a new learning experience, but it was user-friendly to integrate and implement. It is not difficult. Within a few days, we became accustomed to the console.

In terms of maintenance, though the vendor support is there, we do need the scaling whenever there is a new release or version. We have a maintenance mode window out of business hours to go ahead with the upgrade of the product.

The size of the implementation team depends on the scale of the environment and how many assets we are going to integrate. It depends on whether it is a large-scale or small-scale environment. Generally, a team of three to five members is enough for enterprise scale.

New users should know about the architecture of Qualys TotalCloud and its components and backend infrastructure. Understanding vulnerability detection, AI, threat intelligence, attack vectors, exposure, and risk management is key. They should also read the full user manual and insights from IT professionals. They should learn how to use this solution for threat management.

I would rate Qualys TotalCloud an eight out of ten.

Our environment uses both on-premises containers and cloud-hosted applications. The majority of our applications reside in the cloud, and for those, we conduct vulnerability scans using Qualys TotalCloud.

Qualys TotalCloud offers clear explanations of identified vulnerabilities, aiding security and project teams in understanding and remediation. These user-friendly descriptions bridge the knowledge gap by providing essential context for those unfamiliar with security concepts. With a centralized dashboard, teams can readily access vulnerability details and take direct action to address them, streamlining the remediation process.

As a large organization, we've been using Qualys TotalCloud for a year. While it takes time to detect all containerized assets fully, we're gradually gaining comprehensive visibility within a single platform.

Qualys TotalCloud offers a unified platform for vulnerability and threat assessment across both Infrastructure as a Service and Software as a Service environment. Currently, our team utilizes IaaS, while a separate team manages SaaS. Qualys TotalCloud allows us to assess all software used within our infrastructure and categorize it based on the risk level of white, gray, or black. Whitelisted software poses no risk, while graylisted software may require remediation or controls, such as Data Loss Prevention or Anti-Virus, to mitigate potential risks. Blacklisted software is prohibited. This tool also helps identify unauthorized software, enabling us to remove it from our network and enhance overall security.

Qualys TotalCloud provides real-time risk assessment, including a TruRisk score that helps prioritize remediation efforts.

Qualys provides the TruRisk score, which we use to prioritize remediation efforts within our Service Level Agreement. We've collaborated with Qualys to develop a customized formula that considers whether a vulnerability is public-facing, resulting in adjusted risk scores. Any vulnerability that cannot be remediated within the SLA will be isolated from the network.

TruRisk helps identify a range of risks, but the public-facing application is a primary concern. Attackers often target this area by running scans and attempting to exploit vulnerabilities on the application or infrastructure side. To address this, we have a separate process based on the TruRisk score, which allows us to remediate all high-risk issues. While some vulnerabilities may appear to be a medium risk to us, they may pose a higher risk to the application or machine. TruRisk helps us identify and prioritize these discrepancies, enabling us to focus our efforts effectively.

Our infrastructure, encompassing over 300,000 machines, previously generated millions of vulnerabilities. However, by implementing the TruRisk score, we have successfully reduced these vulnerabilities to the thousands.

The most valuable feature of Qualys TotalCloud is the visibility it provides. We now have insight into previously unseen container vulnerabilities, allowing us to identify and address most emerging issues.

We are currently using a variety of tools and are working to consolidate them into a single platform. We are exploring options to integrate these tools with Qualys, our primary security and compliance tool, to centralize risk assessment and reporting. For example, while we use Qualys for vulnerability scanning and compliance assessments, we also utilize separate tools for web application scans and some SaaS application reviews. Our goal is to integrate all these functions into Qualys, creating a single dashboard for comprehensive security monitoring and management. I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools.

I have been using Qualys TotalCloud for one year.

I would rate the stability of Qualys TotalCloud nine out of ten. We have not encountered any lagging or crashing from the tool.

Qualys TotalCloud is scalable.

I contacted Qualys technical support when we encountered scanning issues. They helped work to resolve our issues promptly.

I rate Qualys TotalCloud nine out of ten.

We use TotalCloud for CSPM or Cloud Security Posture Management. We have integrated our cloud accounts with TotalCloud, allowing us to do the posture management of those accounts and virtual machines.

By implementing TotalCloud, we wanted configuration compliance reports. We wanted to determine the compliance percentages of our infrastructure. We wanted to see if particular mandatory controls have been implemented.

It provides information about where a particular data or issue exists. If we want to remediate, there is also a remediation option. It gives a brief description, and there are also some URLs that we can refer to remediate. We have security posture visualization, and we also have detailed information with cloud posture ID, etc.

TotalCloud reduces the work we would have to do to combine multiple sources to prioritize risk. We have a dashboard to prioritize the security posture-related information based on criticality.

The best feature would be the ability to create policies. It is easy to control and update policies as required. Additionally, it is easy to check the security posture through the UI. We could segregate based on three different providers or an EC2 instance. This kind of virtual machine-related segregation is very easy.

In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory. For example, they should provide percentages for security posture scores at the VPC level. Further differentiation and risk percentages should also be improved.

I have been using TotalCloud for about ten months.

The stability is good, and I would rate it as a nine out of ten.

Its scalability is good as well. I would rate it ten out of ten.

Technical support for TotalCloud is satisfactory, but there have been multiple glitches here and there, so I would rate them as an eight out of ten.

Previously, we did not use any cloud management solutions. TotalCloud is the first solution we are utilizing for this purpose. We were tracking everything manually, so we did not have visibility into everything. After implementing TotalCloud, we could see how many machines have not been updated and where data has not been properly configured. We were able to get all the details in a single report.

The deployment was easy because our integration was done at the tenant level, which simplified the process.

We have used it for AWS, Azure, and GCP clouds. Its maintenance is handled by Qualys. It is a SaaS platform.

I would recommend TotalCloud from the posture management and integration perspectives, as these areas are strong. However, due to limitations in risk and inventory management, one might consider waiting until those features are improved. Overall, I would rate TotalCloud an eight out of ten.

We use Qualys TotalCloud to assess the security posture of our cloud-hosted environment. This tool allows us to access real-time data, categorize assets, prioritize critical vulnerabilities, and establish regular patching policies to mitigate our overall vulnerability risk.

We are eager to utilize Qualys TotalCloud to create a ticketing system integrated with our SecOps module, such as ServiceNow or a similar tool. This integration will enable automated ticket creation following assessments and vulnerability identification within our environments. The system should assign tickets to respective team members, prioritize fixes, and provide comprehensive dashboards for tracking progress and visualizing generated reports.

Qualys TotalCloud provides written explanations to help with remediation paths and eliminate cyber risk, significantly reducing our time spent on these tasks. It ensures that we can minimize manual efforts and prioritize security issues identified by the platform, allowing us to focus on critical areas and improve overall efficiency.

Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes. It offers complete visibility of our cloud environment, which aids in prioritizing vulnerabilities and security risks effectively.

It provides unified vulnerability and threat assessments across both Infrastructure as a Service and Software as a Service, significantly improving our overall cloud security posture management. Compared to our previous Managed Cloud environment, even within this organization, we have made substantial progress. Previously, we relied on different tools with limited features for vulnerability posture management. However, with Qualys TotalCloud, we have implemented new policies and processes for remediation, resulting in a 70 to 90 percent improvement in our security standards.

Qualys TotalCloud offers a consolidated, prioritized view of risk across our chosen scope, allowing us to focus on specific vulnerabilities and security threats within a single dashboard. This streamlined approach eliminates the need to collate data from multiple sources, improving efficiency and providing comprehensive visibility into our cloud environment.

TruRisk Insights considers multiple factors, including Qualys detection score, asset scoring, risk, and CVSS scoring, to generate a comprehensive priority rating. Additionally, customization options allow for incorporating factors like internet exposure, public accessibility, or intranet presence, further refining the risk scoring and prioritization process.

Vulnerability identification is inconsistent, especially for assets with high vulnerability scores. This is influenced by the environment and project of the asset, and potential oversight during migration between versions. This may lead to a few individuals discovering significant vulnerabilities. However, Qualys' TruRisk Insights can identify the post-migration version of an asset, enabling us to determine the specific vulnerability and appropriate remediation actions, such as patching.

TruRisk Insights has significantly improved our security posture by automating our reporting process. Previously, creating reports required manually identifying assets, categorizing their environment, and calculating scores in Excel, which was time-consuming. Now, with TruRisk Insights, we can generate reports in less than 20 minutes by simply using the Qualys TotalCloud console to download the desired information.

One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool. The AI enhancements simplify vulnerability management by eliminating the need for SQL queries to create policies. Now, we can simply input our requirements, such as critical vulnerabilities in the production environment or specific operating systems, and the tool generates the results accordingly. Additionally, we can create custom dashboards to monitor specific areas of interest, like vulnerabilities affecting a particular OS, exposed ports, majorly targeted vulnerabilities, or the most exploited vulnerabilities in the environment.

Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection. While the public cloud platform is necessary due to the lack of a private cloud infrastructure, page load speeds could be faster. Additionally, vulnerability detection needs improvement, as it currently takes several days for new vulnerabilities to be added to the knowledge base, hindering prompt detection and remediation. Ideally, updates should be more immediate, enabling quicker implementation of solutions.

I have been using Qualys TotalCloud for two to three years.

The stability is excellent, with well-planned maintenance schedules communicated in advance by Qualys. This ensures business continuity and preparedness for any planned downtime.

I would rate the scalability of Qualys TotalCloud nine out of ten.

The Qualys customer support is exceptional.

The deployment was straightforward, taking less than a day.

The implementation involved four or five team members on our side. It's unclear how many were involved from the Qualys side.

Regarding return on investment, it is going well, although we are yet to complete year-end assessments. Qualys TotalCloud has saved us approximately 15 to 20 percent of our efforts.

Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly.

We evaluated other solutions such as Rapid7 and Falcon CrowdStrike. However, Qualys provides more comprehensive features.

I would rate Qualys TotalCloud a nine out of ten.

We recommend and provide Qualys TotalCloud to our clients in various locations. We also utilize it internally across our global organization, spanning multiple countries in Asia, Europe, the US, and other regions. Therefore, Qualys TotalCloud is deployed globally. We have approximately 850 users with varying levels of access. Many have read-only access to view reports and the status of their environment. However, only a limited number of users have the necessary permissions to perform scans and make changes. The majority of users have read-only access.

Qualys TotalCloud, while generally reliable, occasionally requires maintenance and may experience downtime. Qualys performs its quarterly maintenance, but infrequent issues can arise, perhaps once or twice a year, causing crashes or slowdowns within the system. These rare instances may result in limited or delayed portal access, hindering report generation and dashboard viewing.

As a satisfied user, I recommend Qualys TotalCloud to other organizations or clients. I see myself as biased because I am a fan of the product and extensively use it.

Qualys TotalCloud offers comprehensive visibility into all cloud environment assets, allowing for the identification of failing assets under policies and controls to ensure compliance and generate related reports.

We implemented Qualys TotalCloud to improve control over our publicly exposed assets, centralizing alerts and remediation efforts.

TotalCloud provides written explanation to help guide remediation paths and eliminate cyber risk.

TotalCloud has greatly enhanced the organization by helping identify misconfigurations and vulnerabilities that weren't visible before. It provides visibility and remediation, primarily for production and non-production environments, thus improving our overall security posture.

TotalCloud offers vulnerability and threat assessment for both Infrastructure as a Service and Software as a Service environments through a dedicated module designed to identify vulnerabilities in both.

TotalCloud has improved our security posture by simplifying the identification of misconfigurations and vulnerabilities in our resources, enabling us to quickly remediate any risks.

TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization. This efficiency saves us approximately 20 to 30 percent in costs.

The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations. The remediation features allow configurations to address issues promptly.

There is a resource-finding window in Qualys TotalCloud. We encountered challenges identifying the correct resource category for certain items, such as those in containers or storage. Specifically, we struggled to formulate effective queries within those modules to determine the properties of the items. Qualys could improve by enhancing the user interface to allow for easier query building, enabling users to simply click on UI elements and add them to the query.

I have been using TotalCloud for three years.

I rate the stability of Qualys TotalCloud eight out of ten.

I rate the scalability of Qualys TotalCloud nine out of ten.

The technical support team is strong and helpful in solving issues promptly.

The initial setup was straightforward, with deployment taking about a week.

The deployment primarily involved five to six core team members, with additional support from various departments for broader organizational implementation.

TotalCloud has yielded significant cost savings by reducing manual effort by 20 to 30 percent and generating overall savings of 30 to 40 percent across various departments.

Qualys TotalCloud is cost-efficient and was selected for its value compared to other products.

We conducted a proof of concept with Check Point and Trend Micro. However, we ultimately chose Qualys due to its superior visibility and broader range of options, despite some challenges with its user interface.

I would rate Qualys TotalCloud eight out of ten.

I'm interested in Qualys TotalCloud incorporating orchestration capabilities to automate manual tasks and eliminate the need for transferring information and performing actions manually. Ideally, this would involve a workflow feature. While exploring options, I found that TruRisk Insights or another module might already offer this functionality.

Qualys TotalCloud is deployed in multiple locations globally, supporting approximately 200 users.

Qualys TotalCloud is designed to require minimal maintenance.

I recommend TotalCloud for its simple onboarding and cost efficiency, providing a holistic view of cloud assets.

Our primary function for Qualys TotalCloud is managing SaaS applications within cloud environments. It focuses on identifying data leakage vulnerabilities and managing compliance risks.

Qualys TotalCloud offers written explanations to guide remediation and mitigate cyber risks. These explanations are crucial because they allow us to simulate the attack steps within a virtualized environment, fostering quicker comprehension and facilitating strategic responses as needed.

Qualys TotalCloud has provided frequent updates and support, drastically changing and enhancing the solution with additional features.

Qualys TotalCloud has offered unified vulnerability and threat assessment across both IaaS and SaaS environments, improving the organization's cloud security posture. This solution has instilled confidence in using the cloud infrastructure by overcoming challenges related to exposure and open internet access.

Qualys TotalCloud offers a unified, prioritized view of risk by combining the features of a compliance manager with other security management tools. This approach helps our organization effectively identify, assess, and prioritize risks, ultimately improving our overall security posture. The centralized platform provides a comprehensive view of risk while reducing the manual effort involved in identification. Previously, manual identification often failed to uncover risks that are now easily revealed by the platform.

The TruRisk Insights feature identifies assets with high vulnerability scores and the authorities to whom penalties may be owed.

TruRisk Insights has successfully identified all assets, including those with high vulnerability scores. We are able to use the information to quickly check for patches or fixes and address critical vulnerabilities.

The TruRisk Insights feature has improved our security posture by 80 percent.

Qualys TotalCloud's most valuable features are its security capabilities that help identify and mitigate risk factors. By providing a comprehensive view of the cloud environment's security, it detects malware, data leakages, and vulnerabilities. Additionally, the solution offers visualized attack paths to facilitate better understanding and implementation of security strategies.

Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures. Additionally, enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage. Expanding these features to provide a more comprehensive compliance solution would be advantageous.

I have been using Qualys TotalCloud for over six months to a year.

I would rate the stability of Qualys TotalCloud nine out of ten.

I would rate the scalability of Qualys TotalCloud nine out of ten.

While customer service is satisfactory, providing necessary support, frequent updates, and beneficial training, more communication from the vendor would be appreciated.

The initial setup of Qualys TotalCloud took two months and involved four to five people. The setup process was straightforward.

The implementation team consisted of four to five full-time employees who were involved in deploying the solution over a period of two months.

I would rate Qualys TotalCloud eight out of ten.

We have Qualys TotalCloud deployed in multiple departments.

Qualys TotalCloud requires maintenance for servers, licensing, and additional features.

I would recommend Qualys TotalCloud to other users due to its scalability, insightful risk analysis, and overall effectiveness.

Our client environment is a hybrid model, consisting of both on-premises and cloud assets. For this environment, we utilize Qualys TotalCloud to manage vulnerabilities, secure containers, and protect cloud workloads.

Qualys TotalCloud offers written explanations to guide remediation paths, leveraging its extensive knowledge base.

TotalCloud provides a unified vulnerability and threat assessment, which has improved our security posture. It offers a holistic understanding of our cybersecurity posture and gives us a single, prioritized view of risk, reducing the work we must do to compile multiple sources.

Initially, we were unfamiliar with TotalCloud's capabilities, having previously relied on Qualys. We placed our trust in Qualys's assessment of TotalCloud, and it took three to four months before we realized the benefits of the platform.

TotalCloud provides a unified vulnerability and threat assessment across IaaS and SaaS, giving us a holistic understanding of our cybersecurity posture.

The single prioritized view of risk TotalCloud provides helps reduce the work we have to do to mitigate risk.

Qualys TruRisk offers a comprehensive approach to risk assessment that goes beyond the limitations of the outdated CVSS score. By incorporating an Exploit Prediction Scoring System, TruRisk provides a more accurate and holistic score, reflecting the true criticality of a vulnerability and enabling timely remediation.

TruRisk has identified a small number of assets with high vulnerability scores. To improve our cybersecurity posture, we can prioritize these assets based on their vulnerability level rather than address all assets.

Qualys TotalCloud's most valuable feature is its agent versatility. Deploying a single agent provides comprehensive visibility across various cloud aspects, including workload protection, security posture management, and container security. This eliminates the need for multiple agents, streamlining the process and enhancing vulnerability detection.

Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer. Therefore, Qualys TotalCloud is not a suitable option for these institutions.

The cost of Qualys TotalCloud is high and could be more competitive.

I have been using TotalCloud for approximately one year.

Qualys TotalCloud is quite stable, and there are no issues with lagging, crashing, or downtime. It offers 99.9 percent uptime.

Qualys TotalCloud is scalable and can grow with our needs.

The company employs various vulnerability management solutions based on cost-effectiveness and client preferences for on-premises options. These solutions include Tenable, SecPoint, and Zoho ManageEngine, used in conjunction with Qualys.

The initial setup is straightforward. It does not take more than an hour and can be managed by one person.

The implementation is a one-person job. It does not require a team.

Qualys TotalCloud is expensive, but it offers a premier solution with no headaches.

I would rate Qualys TotalCloud eight out of ten.

Qualys deals with the maintenance of TotalCloud.

I recommend new users to follow the Qualys TotalCloud documentation carefully as it is comprehensive and will guide you in deploying the solution easily.

We typically onboard all clients in both cloud using Qualys TotalCloud and on-premises environments.

We began to see the benefits of Qualys TotalCloud within the first month, despite initially having few clients with cloud-based environments. Most of our clients were on-premises, limiting our exposure to TotalCloud's capabilities. However, in recent months, we've gained more experience with the platform as we've acquired clients utilizing cloud assets. This increased usage has highlighted the tool's increasing user-friendliness, particularly noticeable in the improved query functionality, which was initially quite challenging.

Qualys TotalCloud provides a unified vulnerability and threat assessment across both IS and SaaS.

Qualys TotalCloud provides a single prioritized view of risk. We can prioritize the threats with TruRisk. A single prioritized view of risk reduces effort by allowing us to accept certain risks as exceptions, focusing only on the critical ones. This streamlined approach saves time and resources for both us and our clients. This saves us around 20 percent of our costs.

Qualys' TruRisk Insights provides comprehensive risk assessment using its own risk calculation system. This system automatically generates an asset risk score based on the criticality of assets and any provided context. By analyzing vulnerabilities and their potential impact on the environment, TruRisk effectively flags them, allowing for a comprehensive approach to risk prioritization. For instance, high-severity vulnerabilities with high CVSS scores affecting multiple assets would be prioritized for remediation. The system's ability to flag vulnerabilities based on the environment and asset criticality makes it a reliable tool for risk management.

TruRisk Insights sometimes identifies assets with high vulnerability scores. For clients onboarded in TotalCloud, patching is managed by the client, while for on-premise clients, patch management is handled using Qualys. Monthly and weekly reports are provided to all clients, highlighting high vulnerabilities and major risks based on asset criticality. Remediation steps, available through Qualys, are included in the reports to assist clients in addressing identified vulnerabilities.

TruRisk Insights has improved our security posture by providing a genuine number of critical vulnerabilities that need to be addressed immediately based on risk level.

I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers. This user-friendly platform provides a comprehensive inventory of all assets and allows for customized policy and control design, a feature I find unmatched by other tools.

Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies.

I have been using Qualys TotalCloud for almost two years.

I would rate the stability of Qualys TotalCloud eight out of ten.

I would rate the scalability of Qualys TotalCloud eight out of ten.

The support process is inefficient due to the excessive number of replies required when submitting tickets. A more efficient solution would be to provide instant call options with engineers, comparable to features offered by other tools.

We switched from Rapid7 to Qualys because the latter offers a more comprehensive suite of modules, greater flexibility, and more advanced querying capabilities.

The initial setup of Qualys TotalCloud is easy. If all the required information is available, it takes less than an hour to deploy.

Deployment and other technical tasks are generally handled by two people, but the reporting team consists of many people.

Though I'm not deeply involved with the financial aspects, I estimate that at least twenty percent of costs are saved thanks to Qualys.

I would rate Qualys TotalCloud nine out of ten.

Our clients consist of small and medium businesses.

I highly recommend Qualys TotalCloud to other users. Their strong technical team consistently delivers high-quality solutions and demonstrates a commitment to ongoing research and improvement, effectively addressing problems in a timely and long-lasting manner.