We are managing AWS, Azure, as well as Google Cloud services in the cloud. We have different applications using those. We were previously checking the configurations manually. Qualys is helping us identify vulnerabilities related to the cloud. It identifies if something is misconfigured or if any AWS key or private key is exposed. We receive this information from Qualys TotalCloud.

Qualys TotalCloud provides written explanations to help guide the remediation paths and eliminate cyber risk. We are using TruRisk for the remediations. The TruRisk shows anything critical, and we can then focus on that. We also assess manually whether an asset is a critical target or not.

Qualys TotalCloud provides a single, prioritized view of risk. We are using CIS-CAT standards to harden our clouds, such as AWS, Google Cloud, and Azure. We are able to analyze the scans and identify which policies have failed and how we can remediate them. We can customize policies as per our organization's requirements. That is very helpful for us.

With the TruRisk Insights feature, security has significantly improved. In six months of using it, we see that everything is under control. We've solved many problems related to asset management, cloud configuration, and the new asset identification. If an application team has onboarded any cloud asset, we can see that. We have that information now.

The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically. We can segregate that particular report and give it to the appropriate team for remediation. Before, we were doing it manually. From the whole sheet, we had to find out the cloud vulnerabilities and check manually if it was a cloud vulnerability.

It is very helpful for us to generate reports related to the cloud vulnerabilities.

The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using. This information is very difficult to understand as a newcomer to Qualys TotalCloud. Once we learn it, it becomes easy. It is hard for a complete newcomer.

I have been using Qualys TotalCloud for the last six months. There was one Qualys conference, and after that, we purchased it. Our management people were there, and they saw the usage of Qualys TotalCloud and how we could secure the cloud environment. They looked at how we can identify cloud vulnerabilities. That's why they decided to use this product.

Qualys TotalCloud is stable. We didn't experience any lag or slowness issues. They inform us beforehand that maintenance is scheduled, and there might be some slowness. Apart from that, there are no issues. I would rate it a ten out of ten for stability.

For scalability, I would rate it a ten out of ten. It does not matter how many assets we have; it's very manageable. It's centralized.

Our environment consists of multiple clouds and multiple locations. We have only three members using Qualys TotalCloud. The team is narrow. After six months, more users will come since they're having different customizations available.

The support from Qualys TotalCloud is a ten out of ten. The support team is very helpful in every aspect. If we get any issues, we can directly communicate with them. They have been helpful from day one. They have been solving issues efficiently.

Before using Qualys TotalCloud, we were using the cloud-native tools. For example, for AWS, we used the AWS console. We were doing the misconfiguration identification manually, checking everything manually. If any new policies or vulnerabilities came, we needed to check those manually. They provided some advice, and we relied on them, but we don't need to depend on them anymore. Qualys TotalCloud is identifying everything, and we take action based on that.

The deployment was handled by a third-party vendor. They completed it within one week because they had expertise in that. Afterward, they did a knowledge transfer with us about how we can deploy and the process involved.

Qualys TotalCloud does not require any maintenance as it is based on the cloud.

It isn't cheap, but it's reasonable. It helps us to manage things with very few resources.

Currently, AI access is restricted in our environment. We are testing the outcomes and possibilities. Within two months, we may start using GenAI.

I would definitely recommend Qualys TotalCloud to other users. If someone is looking for a centralized management tool while using different cloud platforms, Qualys TotalCloud is very helpful. It helps manage and identify vulnerabilities and misconfigurations. It helps with asset management. It helps understand how many AWS or Google Cloud instances are in the environments.

I would rate Qualys TotalCloud a ten out of ten.

Qualys TotalCloud is very helpful for me for auditing purposes.

Qualys TotalCloud has helped us with centralized cloud management. We have Azure and AWS machines on the cloud. Previously, we were facing a lot of issues with vulnerability remediation. With Qualys TotalCloud, we can see vulnerabilities and misconfigurations and provide them to the remediation team with a timeline for fixing. Previously, we were unable to do that. It has helped us identify and plan the timeframe for the updates.

Qualys TotalCloud helped us show the attack vectors and their criticality to the client. The client could take immediate action. Previously, the client could not understand how critical an issue was. This automation is beneficial for us compared to the manual process.

Qualys TotalCloud has made asset management easy. We have many cloud resources. Previously, the cloud team was not aware of all of the resources. It is pretty easy now because we have visibility into the assets hosted on the cloud.

Qualys TotalCloud provides a single, prioritized view of risk. It reduces the work needed to combine multiple sources to prioritize risk. We can see them categorized based on the criticality which saves time. Previously, it would take us a week to manage, investigate the issues, and configure three or four cloud resources. We can now do that in two days. Once we have the report, we need to analyze it and showcase it to the client. They can then start the remediation.

Over three months, we have seen 20% to 25% improvement in the security posture. It identified about 70% misconfigurations which have now been reduced to 20%.

With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API. This feature is quite nice.

It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard. For example, when I am hosting my own server to the public, I should be able to segregate the dashboard to monitor that particular server.

I have been using Qualys TotalCloud for about three months.

Initially, we faced some performance issues. After implementing it, I noticed it took a lot of time to load. However, it was not an issue from the Qualys side, so we waited on our end. After logging out and in again, the issue was resolved, and it became perfectly smooth. The initial gathering of data seems to have contributed to the delay.

We have not scaled it yet.

We did not need any support so far because TotalCloud has been working well. However, in the future, I might require support, and I expect good assistance from the company. It should not take much time.

This is the first time I am working on a cloud security platform like this.

We did not encounter complexity because TotalCloud supports AWS. We do not need much customization or configuration either. The options for configuration are user-friendly. It took around two weeks to complete, with some management approval delays contributing to the timeframe.

Its maintenance is easy. We do not need more utilization or resources. We currently have 7 applications, and we will be onboarding 17 applications soon.

There are five members in our team. Three of us were deploying and configuring the cloud setup, while others managed tasks, analyzed errors, and showcased the progress to the client.

Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great.

We evaluated WIZ cloud security. It has a limited number of dashboards, and customization is not possible. We have to rely on the data showcased on the dashboards, whereas Qualys TotalCloud shows us a lot of parameters and data which makes it easier to show information to the management.

I would definitely recommend it because it is easy to handle any cloud resources. Asset management is possible, and we can effectively do an audit of cloud resources.

I would rate Qualys TotalCloud a ten out of ten.

We utilize all three major cloud platforms: Azure, GCP, and AWS, with over 500 subscriptions and accounts onboarded in the public cloud. To manage these, we employ TotalCloud to evaluate, compare, and monitor the security compliance posture of each cloud account, enabling us to rectify and mitigate any misconfigurations. We are currently exploring TotalCloud's advanced features, such as CWP, TruRisk Insight, and Cloud Detection and Response, and have successfully implemented FlexScan, which has yielded excellent results in securing our Internet-facing VMs and headsets.

We are using cloud-based network tools to improve our security posture, but it was initially difficult to gain a consolidated view of our security status. To address this, we implemented Qualys TotalCloud and integrated our subscriptions from Azure, AWS, and GCP. This provides a unified dashboard displaying the compliance posture of our entire cloud infrastructure, allowing us to prioritize tasks and identify areas for immediate improvement. The tool also details the technical steps required to enhance our security posture, which has significantly contributed to increasing our cloud compliance from 60 percent to 90 percent.

TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management.

Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent.

TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management.

We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently.

A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment.

TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks.

With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk.

TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.

TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA. This easy access to crucial information and tools has dramatically improved our efficiency and ability to meet various compliance standards.

Although TotalCloud is a helpful tool, some of its advanced features are still under development. For example, the Cloud Detection and Response feature is currently only fully functional for AWS, while support for GCP and Azure is still in progress. Additionally, while the detection component of CDR is robust, the automated response and remediation functionality is yet to be available.

I have been using TotalCloud for two years.

I would rate the stability of Qualys TotalCloud ten out of ten.

I would rate the scalability of Qualys TotalCloud ten out of ten. We have been able to increase accounts easily whenever needed.

Qualys' customer support is good, though occasional backend consultations can cause minor delays. Overall, the service is commendable.

Prior to adopting Qualys, we relied solely on native cloud security measures provided by Azure, AWS, and GCP, rather than employing any third-party solutions.

The initial deployment was straightforward due to my 17-year tenure in IT. Understanding security compliance facilitated the use and exploration of Qualys. While experts might encounter challenges, the product and backend teams have been highly supportive and accessible. Qualys has also been responsive within its SLAs.

We are constantly exploring new features and collaborating with Qualys to ensure we derive value. The finance team handles specifics on cost-effectiveness, but regular engagements with our TAM and product engineers suggest beneficial ROI.

Pricing is managed by our finance team; however, Qualys TotalCloud offers cost-effective licensing flexibility. Existing VMware licenses can be switched to cloud features, eliminating the need for new purchases, which distinguishes it from other products.

I would rate Qualys TotalCloud ten out of ten.

We are evaluating and implementing TotalCloud Detection and Response, a cutting-edge Cloud Detection and Response solution that utilizes AI and machine learning. This comprehensive product enhances our security posture and threat detection capabilities within the cloud environment.

We operate a SaaS platform with multiple locations, including an MSP involving 12 to 15 data centers globally. While we utilize sensors at our facilities, this won't hinder operations, as the geographically diverse data centers ensure easy management. We have 20 users of Qualys TotalCloud in our department.

Qualys maintains TotalCloud and provides notification of maintenance windows to minimize disruption during working hours.

Qualys TotalCloud significantly aided in maintaining and managing compliance scores, making it a highly recommended solution. The platform's exceptional accessibility, including comprehensive technical and TAM support, coupled with consistent availability and reachability, solidifies its value. Advocating for Qualys, I encourage others to utilize this robust platform.

We use TotalCloud to identify and remedy cloud vulnerabilities.

I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily. TotalCloud provides written explanations of remediation paths, helping us to reduce risks. It has a single dashboard that shows all the vulnerability and application findings on one page.

TruRisk Insights is the most important innovation they've released this year. It's a true game-changer because no competing solution has implemented this. It will help cybersecurity professionals monitor the cloud and find vulnerabilities. We're scanning 21 million assets, and it has definitely helped.

TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these.

I have been using Qualys products for approximately four to five months.

Stability is essential, especially on the cloud. Continuous monitoring is crucial to ensure system stability and avoid vulnerabilities or threats.

Scalability is important as businesses and services evolve, ensuring all linked assets are secured. Our organization has a cloud environment deployed on EC2 instances, so we constantly run auto-scaling checks.

I rate Qualys support 10 out of 10. They are helpful, respond to my queries, and can answer any question. I have to give them credit. Without their support, Qualys wouldn't be in the position they are in. Their support is better than any competing solution can provide.

We used Zscaler, but I have not used another significant Qualys competitor. Since we're on the cloud, we also use other built-in tools like AWS Cloud Security and Amazon GuardDuty.

The initial deployment was not difficult because we have a set of instructions and built-in queries we can run in Qualys. Maintenance after deployment is minimal because the solution automatically updates.

I rate Qualys TotalCloud 10 out of 10.