We just raised a $30M Series A: Read our story

Qualys Virtual Scanner Appliance OverviewUNIXBusinessApplication

What is Qualys Virtual Scanner Appliance?

Qualys Virtual Scanner Appliance supports the same global scanning capabilities as our physical scanner appliance. The virtual scanner appliance is a stateless, disposable resource which acts as an extension of the Qualys Cloud Platform and is not a separately managed entity. This user guide describes how to get started with using a virtual scanner with your virtualization or cloud platform.

Buyer's Guide

Download the Vulnerability Management Buyer's Guide including reviews and more. Updated: October 2021

Qualys Virtual Scanner Appliance Customers
CapitalOne, Cisco, EdinBurg Airport, American State Bank, ClearPoint, Clickability, Commercial Bank of Dubai, ancestry, ebay, Euro Bank, Florida Department of Health, OneWest Bank, Frontier, Microsoft, Office Depot, Oracle, Standard Chartered, University of Idaho
Qualys Virtual Scanner Appliance Video

Archived Qualys Virtual Scanner Appliance Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
PK
Technology Security Expert at T-Mobile Polska (Deutsche Telekom)
Real User
Identifies and helps to remedy vulnerabilities, has good certificate management

What is our primary use case?

Our primary use case is vulnerability assessment.

How has it helped my organization?

This solution has provided information about existing vulnerabilities, and helped with quick remediation in case of global malware attacks.

What is most valuable?

The most valuable feature is the certificate management. The reason is the limited license provided by the mother company.

What needs improvement?

The reporting in this solution can be improved.

For how long have I used the solution?

I have been using this solution for five years.

What is our primary use case?

Our primary use case is vulnerability assessment.

How has it helped my organization?

This solution has provided information about existing vulnerabilities, and helped with quick remediation in case of global malware attacks.

What is most valuable?

The most valuable feature is the certificate management. The reason is the limited license provided by the mother company.

What needs improvement?

The reporting in this solution can be improved.

For how long have I used the solution?

I have been using this solution for five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Sameer Quraishi
Information Security Officer at Zamil
Real User
Threat detection tells us which machines are infected with a vulnerability

Pros and Cons

  • "They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability."
  • "What we have found is that the solution is not closely tied with the patch management. It is okay with newer ones, like Windows 10 machines; it gives the correct patch. But for Windows 7 or Windows Server 2008, it does not give us the correct patch so we have to manually identify the patches. This is a major problem."

What is most valuable?

The first thing we like is the scanner, the device which checks vulnerability management.

They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability. If there is a new attack, we definitely know that it is happening, what is happening in our environment.

What needs improvement?

What we have found is that the solution is not closely tied with the patch management. It is okay with newer ones, like Windows 10 machines; it gives the correct patch. But for Windows 7 or Windows Server 2008, it does not give us the correct patch so we have to manually identify the patches. This is a major problem.

For how long have I used the solution?

This is the third year we are using Qualys. This year we included one more module, the patching module.

What do I think about the stability of the solution?

It's stable. Every month we scan more than 5,000 IP addresses and we are able to detect vulnerabilities.

How are customer service and technical support?

Our experience is that the problems we send them take too much time to resolve. For example, we opened a case for the problem I mentioned earlier, the vulnerabilities with Windows 7 and Server 2008 where it's trying the wrong patch. It took them a long time to even give us the correct explanation. So this is a problem.

How was the initial setup?

The initial setup was very easy. We just needed to download the virtual machine. There is a key and we just needed to provide a proxy setting. That's it.

We did all the configuration as a one-time job where we defined our subnet and mapped. We needed to schedule the scan and the map and we needed to schedule a group of, say, Windows. It was just a one-time job where needed to configure the query and run it. It created a report and sent it to the administrators. After that one-time job, everything happens automatically.

What about the implementation team?

We did it on our own.

What other advice do I have?

I would recommend Qualys because it's very easy to use. It does not require many specific skills. We are always on the latest version because Qualys provides automatic updates.

We have a virtual appliance in each site and that sends the logs to the cloud. We have the consoles on the cloud which enable us to query and scan. All this happens through the cloud.

We only have one administrator for the solution who monitors and checks if there is anything to be aware of. It sends the reports to all the different administrators, such as network, Linux, and Windows administrators and they take it from there.

We also have Qualys configuration management module. If there are any particular issues in any servers or in any network, it gives us a report to suggest and rectify the issues. It tells us what changes are needed to on that device.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about Qualys, Rapid7, Kenna Security and others in Vulnerability Management. Updated: October 2021.
542,608 professionals have used our research since 2012.
SO
User at Tata Consultancy Services
Real User
Generated more complete coverage of assets and saved time

What is our primary use case?

The primary use case is using this as the infrastructure scanner for an enterprise vulnerability programme in a customer organization.

How has it helped my organization?

The customer was manually testing asset health by point-in-time audits. Using the policy compliance module allowed this to be automated and saved time as well as generated more complete coverage of assets leading to greater assurance.

What is most valuable?

The prebuilt CIS templates are very useful.

What needs improvement?

Expanding the template library would be very useful.

For how long have I used the solution?

Three to five years.

What is our primary use case?

The primary use case is using this as the infrastructure scanner for an enterprise vulnerability programme in a customer organization.

How has it helped my organization?

The customer was manually testing asset health by point-in-time audits. Using the policy compliance module allowed this to be automated and saved time as well as generated more complete coverage of assets leading to greater assurance.

What is most valuable?

The prebuilt CIS templates are very useful.

What needs improvement?

Expanding the template library would be very useful.

For how long have I used the solution?

Three to five years.
Disclosure: My company has a business relationship with this vendor other than being a customer: My company is a service provider that installs and operates solutions for customers.