Anonymous UserIT Consultant Supervisor at a financial services firm
Anonymous UserHead of Cybersecurity Assurance & Controls Director at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Technical support is fantastic."
"The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network."
"What I like about Qualys VM is the dashboard presentation. It's very good."
"It's a good product. After the scan our internet works well. It scans our security posture."
"It is very easy to use and there are lots of options. We can usually easily go through it and all of the things we want to configure, and we can configure everything to our specifications very easily."
"The initial setup was good. We didn't have any problems with it."
"Technical support is great and we've never really had a problem."
"The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."
"The most valuable feature for us is the different types of reporting it provides."
"We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"This solution is very easy to use and easy to install."
"The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."
"The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."
"It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check."
"I would like to see this solution more developed and competitive in the Cloud space."
"The customer support is very bad."
"The reporting needs improvement. It should generate much more stuff like field reports."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Some difficulties with the online reporting and lack of integrations."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"It would be nice to have an additional feature that would provide reports on who has logged onto the console or who did what on the console."
"There needs to be much clearer instructions surrounding scanning."
"We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement."
"They have recently changed the pricing model, which is now better than it was before."
"It is different for every company, but for us, it's every three years."
"Qualys is cheaper and more affordable than other solutions."
"The pricing and licensing for Qualys could be improved."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The licensing is asset-based and very straightforward."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"Comparing the price with the value that we receive, I am not happy with it."
"The license is annual and this is the optimal approach when it comes to most software."
Qualys Vulnerability Management (VM) is a cloud-based service that gives you immediate, global visibility into where your IT systems might be vulnerable to the latest Internet threats and how to protect them. It helps you to continuously identify threats and monitor unexpected changes in your network before they turn into breaches.
Rapid7 InsightVM is the vulnerability assessment tool built for the modern web. InsightVM combines complete ecosystem visibility, an unparalleled understanding of the attacker mindset, and the agility of SecOps so you can act before impact.
Qualys VM is ranked 4th in Vulnerability Management with 12 reviews while Rapid7 InsightVM is ranked 2nd in Vulnerability Management with 14 reviews. Qualys VM is rated 8.2, while Rapid7 InsightVM is rated 8.0. The top reviewer of Qualys VM writes "Easy to use and scalable but needs to be priced more competitively". On the other hand, the top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". Qualys VM is most compared with Tenable Nessus, Tenable SC, Darktrace, Microsoft Cloud App Security and Prisma SaaS by Palo Alto Networks, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Tenable SC, Tenable.io Vulnerability Management, Rapid7 Metasploit and Microsoft Intune. See our Qualys VM vs. Rapid7 InsightVM report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.