Qualys VMDR Valuable Features

Harold Jensen - PeerSpot reviewer
Senior Cybersecurity Engineer at 3M Health Information Systems

Cloud Agents: lots of control available and very trouble-free. It pulls all systems information, including installed software and open ports. It's very configurable to adjust impact to systems.  

Connectors: Pulls all the cloud information per account and helps to build a CMDB.  Qualys connectors do some control evaluations to help manage these accounts. 

Global Asset View (GAV): With the ability to establish dynamic tagging and perform queries GAV has become a very valuable research tool to our teams. 

View full review »
LUKEMONYUSSUF - PeerSpot reviewer
Information Technology Security Analyst at Culina Group Limited

I find the solution's dashboard interesting since we get a proper view to streamline our findings and assist in prioritizing the schedule for patching or any other related incidents we believe have already been worked on.

View full review »
Alen Bohcelyan - PeerSpot reviewer
Cyber Security Director at Coca-Cola Icecek AS

The prioritization mechanism is the most valuable aspect of the solution.

The initial setup is straightforward. 

Technical support is great.

The stability and reliability are good.

View full review »
Buyer's Guide
Qualys VMDR
March 2024
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Prajot Nair - PeerSpot reviewer
Senior Manager -Cloud Security at Capgemini

Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported. Plus, the dashboards are amazing. There are so many dashboards and things in the console that you can explore, which I think other solutions, Tenable.io for example, are still working on. 

View full review »
KiranReddy - PeerSpot reviewer
Head of IT at a manufacturing company with 10,001+ employees

The product has multiple valuable areas. The process of defining and discovering scans is organized efficiently. It has an effective tagging system and authentication mechanism compared to other tools. Its integration with AD helps us a lot. Additionally, I like the report generation feature.

View full review »
MS
Information Security Manager at a outsourcing company with 51-200 employees

The reporting functionality is great. The most prominent feature that made us move from Nessus Professional was the scanner-based scanning to the Qualys agent-based scanning to move to work from home and remote.

If somebody's not connected to the network, you're not going to catch them with an appliance-based scan. However, if you have the agent on, as long as they're on the network, they're constantly checking in and constantly scanning.

It's more accurate and effective to get a picture of what the vulnerabilities are in a more distributed workforce.

The reporting capabilities that are available in Qualys are a work in progress. I know they're still evolving, and it's not always perfect. However, we only have so much flexibility to pinpoint a specific thing that we want to follow or monitor across all of our clients. We can set it up in a dashboard or report and do it quickly.

View full review »
MK
Information Security Engineer at a educational organization with 10,001+ employees

The most valuable feature is automation.

View full review »
Ruan Kotze - PeerSpot reviewer
Head: Cloud Platform Security at BCX Namibia

The most valuable features are vulnerability detection, patching capabilities, and remediation. Cloud security posture management is also very valuable. I find these features valuable because getting a unified view of your cloud security posture across different environments is not always easy. For example, you might have most of your resources sitting in Azure, but you might have a couple of workloads in AWS. Naturally, there are different tools that report on that, so it's invaluable to have those pulled into a single dashboard so you can drive your remediation from a single platform.

View full review »
MN
Security Expert at a insurance company with 10,001+ employees

The most valuable feature of the solution is the external channel. The cloud-based channel within the AWS, which we implement accordingly.

The vulnerability cycle feature of the solution is valuable.

View full review »
JoaoManso - PeerSpot reviewer
CIO / IT Consultant at RedShift

The most valuable feature is the ability to run different capabilities with the same agent. With only one agent, we can have EDR, vulnerability management, compliance and some basic SaaS security capabilities.

View full review »
Venugopal Potumudi - PeerSpot reviewer
Senior Consultant at Tata Consultancy

Almost all of the features are great. We use Qualys for vulnerability scanning of servers and web application scanning. These are the two prominent features that we often use.

The initial setup is very straightforward. 

It's stable and quite reliable.

The product can scale. 

Technical support is helpful, and the product provides a good amount of training. 

View full review »
Edward Manuel - PeerSpot reviewer
Risk & Security Admin at Goodyear Tire & Rubber Company

The solution's best features are scanning and vulnerability management. By using them, we can obtain all critical reports.

View full review »
Swami Govindan - PeerSpot reviewer
Security Architect at a tech vendor with 5,001-10,000 employees

We generally analyze everything at the OS level and application level, including the open ports, the OS, and older versions, including the packaged versions. We generate the scan, and then we generate the report, and then we will issue it to the application teams to clear off those. 

We have Java remediation happening, and if Java has, for example, multiple versions and when I run the scan, it is going to identify all Java versions that are really vulnerable so you can fix them. Therefore, it helps keep things secure and up-to-date. 

The reporting is good. We give reports to the application teams and we will ask them to either fix or remove applications. Once that is done, then we will read the scan, and if it comes back that we don't have any critical, we are assured of good safety. 

The solution shows us classic categories, including high, medium, and low risks. It also shows critical items, and that gives us the advantage of prioritizing things. 

It's very clear on what components need to be fixed. 

The initial setup is straightforward. 

It's stable.

Technical support is helpful. 

View full review »
JT
Former Employee of Orange Business Services as Head of Security Engineering at a comms service provider with 5,001-10,000 employees

The solution is easy to use and has many essential features. I found the concept of tags the most valuable feature. It allows us to build assets from different views. We can categorize systems with tags, either automatically or manually.

View full review »
AZ
Assistant Manager Solutions at Mutex Systems Pvt. Ltd.

I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned.

I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first.

I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report.

The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile. 

View full review »
JO
Manager, Info Security Planning & Architecture at a comms service provider with 10,001+ employees

The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning.

View full review »
Minh-Do - PeerSpot reviewer
Product Manager (Journey Expert) - ANZ Deposits at Anz

Qualys VM's most valuable feature is automatic detection.

View full review »
KD
AVP - Information Security at a financial services firm with 10,001+ employees

The solution, overall, is very useful for our organization.

It is very easy to use and there are lots of options. We can usually easily go through it and all of the things we want to configure, and we can configure everything to our specifications very easily.

View full review »
PranjalGargava - PeerSpot reviewer
Cyber Security Engineer at a transportation company with 5,001-10,000 employees

I am impressed with the VMDR feature. 

View full review »
AL
Sr Security Engineer at Jardine Matheson Limited

Qualys VM's best features are vulnerability management and customizable scoring.

View full review »
PK
Senior Security Consultant at a tech services company with 10,001+ employees

Continuous Monitoring is excellent because it is entirely dependent on the agent, and the Agent Scan, is also quite good. 

I also like the asset tagging, asset grouping features, and the dashboard, because we can customize and create our own dashboard. That's quite good. 

The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities. That is also an excellent module.

View full review »
NS
Lead Cyber Security engineer at a manufacturing company with 10,001+ employees

I think it's a good tracking mechanism, and it gives a good infrastructure level scan, which helps us to maintain the assets and the asset inventory or gives us a good understanding of both. 

It gives a very good overview of the inventory assessment process.

IT Manages assets in your account that you want to scan for security and
compliance, define asset tags and AWS connectors.

Modules supported
VM, PC, SCA, CERTVIEW, CLOUDVIEW

It can be accessed across our company because it's a global tool.

View full review »
Jan Vobruba - PeerSpot reviewer
Infrastructure Security Consultant at ANECT

I like the Qualys Cloud Agent because it's very easy to use. It has a low impact and is supported on Windows, Linux, and others. I deploy process scanners, which are usually connected to core switches so customers can replicate all the connections. Almost all our customers try to use the agents because they're already installed and integrated into the cloud and communicate with Qualys management. There are no problems and it's really better than using some virtual appliance to scan the various kinds of assets. Qualys has a lot of information and it's great to integrate with the Central Management Database.

View full review »
AP
IRM Technical Consultant at Shell

What I like about Qualys VM is the dashboard presentation. It's very good.

The reporting capability and executive reporting are very good.

View full review »
RR
Senior Vulnerability Analyst at a comms service provider with 10,001+ employees

I find the most valuable features are the continuous monitoring.  Even on premises, there is constant monitoring.

View full review »
Tim Cranny - PeerSpot reviewer
Principal at Cranny Group

The Vulnerability Management and Patch Management features are the most valuable features of this solution.

The most valuable qualities of Qualys VM are its ease of deployment and metrics.

View full review »
BM
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

The features that are most valuable are the identification, scan features, and the identification of vulnerabilities. Recently, the VMDR additions and the threat protection has been useful.

It's pretty user-friendly.

View full review »
BV
Security Specialist at a financial services firm with 1,001-5,000 employees

It's really beneficial for scanning and interacting with the agent. 

View full review »
Gabriel Clement - PeerSpot reviewer
Lead IT Security and Remediation at ARM Ltd

Qualys makes us proactive in terms of handling patching and effective when it comes to scanning out network.

View full review »
Dharmendra Kr. Chauhan - PeerSpot reviewer
Manager|Cloud Security & Solution Architect| CloudOps|AppSec | DevSecOps | DevOps | CapOps | FinOps at Wipro

Qualys is a well-known name in the market and we use it for different scenarios. We also like the flexibility in their licensing.

View full review »
Khizar Butt - PeerSpot reviewer
Country Sales Lead at securic systems

The integrations for this solution are very good. I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product.

View full review »
it_user259977 - PeerSpot reviewer
Analista de Seguridad TI at a manufacturing company with 1,001-5,000 employees

The interface is pretty good, as all the instructions are clear enough. The way you can create groups or scheduling scans and reports is a very good feature, and the CSV reports have very good information.

View full review »
SH
Chief Executive Officer at Suraksha

The way we can maintain a current actual registry of all the IP assets within it is very good. The scanning of software assets on the endpoint machine is also useful. I've tried the scanning of similar asset vulnerabilities throughout different servers, including Unix and Windows. Qualys maintains a good intervention database. We have a service line that updates to the newest software, or whenever you set it up. The second service line has denominated my nodes across the globe. It's easy to deploy the solution.

View full review »
PW
Global Infrastructure Architect at a energy/utilities company with 5,001-10,000 employees

What I like best about this product is that it does what it is supposed to do, which is vulnerability scanning.

View full review »
AK
Solutions Architect at a tech services company with 10,001+ employees

The most valuable feature is that this solution is very lightweight.

View full review »
BM
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network.

View full review »
Absar Shaik - PeerSpot reviewer
DevOps Engineer at a financial services firm with 501-1,000 employees

The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities.

View full review »
AH
Senior Manager Network Design at a computer software company with 51-200 employees

The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe.  It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment

View full review »
it_user1017003 - PeerSpot reviewer
Information Technology Analyst at Tata Consultancy Services

Patch supersedence.

View full review »
it_user1004325 - PeerSpot reviewer
Works at Tata Consultancy Services

The prebuilt CIS templates are very useful.

View full review »
it_user259962 - PeerSpot reviewer
Manager System Security at a comms service provider with 1,001-5,000 employees
  • Vulnerability management
  • Policy compliance
  • Scalability
View full review »
it_user147540 - PeerSpot reviewer
Security Compliance Analyst at a healthcare company with 501-1,000 employees
Integrity of scanners; never do I need to worry….“Is this scanner going to bring down a host?”. View full review »
FG
President and CEO at a non-profit with 11-50 employees

Qualys VM's best features are its machine-learning-backed intelligence, real-time inventory of vulnerabilities, backup, threat intelligence exposure database, and that it doesn't hold on to infrastructure resources like memory.

View full review »
SS
Information Security Engineer at a tech services company with 1,001-5,000 employees

The most valuable features are that it is a simple solution that makes scanning easy. You just give it a scheduled task, and it will do everything for you. The reporting is fine, too. And, the knowledge base is pretty good, too.

View full review »
VK
Technical Architect at a outsourcing company with 1,001-5,000 employees

Qualys VM's best feature is vulnerability management.

View full review »
PK
Technology Security Expert at T-Mobile Polska (Deutsche Telekom)

The most valuable feature is the certificate management. The reason is the limited license provided by the mother company.

View full review »
MW
Information Security Specialist at a manufacturing company with 10,001+ employees

I find most valuable to achieve a channel system and we can also use it to track when we actually close the ticketing of the sites.

In addition, it is quite easy to implement. We found it quite convenient.

View full review »
it_user254973 - PeerSpot reviewer
Manager Information Security at a healthcare company with 10,001+ employees

Vulnerability management.

View full review »
JS
GM Network Information Security at a tech services company with 1,001-5,000 employees

Qualys VM had a recent upgrade and the newer version is supporting the cloud.

View full review »
it_user254613 - PeerSpot reviewer
Security Consultant at Cyber Intelligence Sdn Bhd

The fact that it's on the cloud, so there's no configuration whatsoever on my physical machine except for the VM scanner.

View full review »
MM
Director for global support at a tech vendor with 1,001-5,000 employees

The vulnerability management feature is what I used the most. It is a good SaaS product. It is easy to use. It has a nice UI where you can see all the assets and vulnerabilities.

View full review »
HS
Senior Vice President | Information Security at a financial services firm with 1,001-5,000 employees

I found the solution quite intuitive and easy going. I have worked with other similar tools and found this simple to use. 

View full review »
it_user121395 - PeerSpot reviewer
ITSM & AntiFraud Consultant with 51-200 employees

From my point of view all the Qualys products are valuable. From the clients' perspective, I believe vulnerability management is the most valuable one and it’s a must in every organization. After the client realize the risks from outside, and that the vulnerabilities are real, a proper compliance policy implementation using Qualys Policy Compliance (I'm using v8.4), the second product needed in any infrastructure, can be done. If the organization has public websites, Web Application Scanning (I'm using v4.1) is the third valuable product needed in an organization.

View full review »
RJ
CTO Latam at a tech services company with 201-500 employees

This is one of the best products I have worked with so far. I like the power of Qualys, and it's a better solution because you can scan a compact file, a BIT file, or batch files. The product already knows what's happening inside, and you don't need to expand the package. Tenable will do the same thing, but you need to have a package issuance claim. With Qualys, we can immediately understand the file, even a compact file. If there's some kind of discovery or incident, you will know what happened in the environment. 

View full review »
MM
Chief Information Officer/Senior Vice President at a tech services company with 51-200 employees

The prioritization feature is great. I think it has all of the advanced features that we need.

View full review »
it_user254967 - PeerSpot reviewer
Linux Administrator at a comms service provider with 501-1,000 employees

The reporting and vulnerability analysis features.

View full review »
it_user366201 - PeerSpot reviewer
Shared Information Security Officer at a university with 1,001-5,000 employees
  • Totally vendor-managed appliance
  • Highly scalable and deployable portal interface
  • Ability to easily distribute administration functions based on access roles
View full review »
OO
Director Transformación Digital at oesia

I like Qualys because it is a very complete product, more so than Tenable. It has vast capabilities.

View full review »
it_user254970 - PeerSpot reviewer
Technical Services Manager at a tech company with 10,001+ employees
  • Vulnerability assessment
  • Asset management
  • WAS
View full review »
LH
Senior Consultant at a tech services company with 11-50 employees

The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks.

View full review »
it_user875820 - PeerSpot reviewer
Junior Information Security Analyst at Visma

The Qualys Agent is most valuable for getting insight into what is happening on what device with all its metadata.

View full review »
it_user297117 - PeerSpot reviewer
Information Risk Analyst at a healthcare company with 1,001-5,000 employees

The vulnerability scanning feature is valuable.

View full review »
it_user268167 - PeerSpot reviewer
Senior System Engineer at a comms service provider with 1,001-5,000 employees

The feature where the solutions to issues are mentioned in the reports.

View full review »
it_user255882 - PeerSpot reviewer
Customer Technical Leader for Galeries Lafayette at a tech company with 10,001+ employees

The top one for me is that the vulnerabilities are kept up to date.

View full review »
it_user251121 - PeerSpot reviewer
Senior IT Security Analyst at a tech services company with 501-1,000 employees

WAF integration is valuable.

View full review »
KR
Senior Information Security Engineer at a financial services firm with 501-1,000 employees

We find all of the features useful. 

View full review »
it_user924705 - PeerSpot reviewer
Information Security Officer at Zamil

The first thing we like is the scanner, the device which checks vulnerability management.

They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability. If there is a new attack, we definitely know that it is happening, what is happening in our environment.

View full review »
HH
Network and security Pre-sales Engineer at a tech services company with 51-200 employees

There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features.

View full review »
it_user298425 - PeerSpot reviewer
Network and Lotus Notes Administrator at a insurance company with 1,001-5,000 employees

It gets up to date very fast.

View full review »
PL
IT Consultant Supervisor at a financial services firm with 5,001-10,000 employees

maybe compliance monitoring.

View full review »
it_user247242 - PeerSpot reviewer
Consultant with 501-1,000 employees

I have mostly used vulnerability management so I would recommend it for the same.

View full review »
VM
Consultant at a tech services company with 11-50 employees

I like the solution's web application security for scanning, the solution is flexible with good integration. 

View full review »
it_user347139 - PeerSpot reviewer
Sr. Analyst- Security Testing with 1,001-5,000 employees

QualysGuard provides a solution for network security, web application security and compliance.

Vulnerability management and policy/PCI compliance are the features that I have used which I think are the most valuable.

View full review »
Buyer's Guide
Qualys VMDR
March 2024
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.