Qualys VMDR Other Advice

Harold Jensen - PeerSpot reviewer
Senior Cybersecurity Engineer at 3M Health Information Systems

If you're going to deploy Qualys it is key to have someone dedicated to supporting the back end, making sure all the components are working as expected.  This is not a fire-and-forget solution. 

View full review »
LUKEMONYUSSUF - PeerSpot reviewer
Information Technology Security Analyst at Culina Group Limited

I would tell those planning to use it that it is definitely not about the technology. However, at the same time, if you have the technology, make sure you have the right person with the ability to assist you in addressing the advantages of the product.

I rate the overall product an eight out of ten.

View full review »
Alen Bohcelyan - PeerSpot reviewer
Cyber Security Director at Coca-Cola Icecek AS

We are just a customer and end-user.

We are using the latest version of the solution. I cannot speak to the exact version we are using, however. 

We are using both the on-premises and cloud deployment models. We have on-premise sensors and we have a scan-over cloud service from Qualys. Qualys cloud has a scanning capability for pairing sensors, for scanning an external perimeter. Therefore, we are utilizing that and agents as well.

I'd recommend the solution.

If anybody looks forward to first perimeter security, if any conceptual work is done around perimeter security, they have to solve that agent issue first for their program. Companies need to select a solution that can work wherever the PC is. 

View full review »
Buyer's Guide
Qualys VMDR
March 2024
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Prajot Nair - PeerSpot reviewer
Senior Manager -Cloud Security at Capgemini

Everything is well-documented by Qualys. Their white paper is published and they have much visibility across the globe and on different platforms. If you look into their educational YouTube channel, you get a lot of information. There are a lot of seminars and talks on Qualys VMDR features.

The advantage with Qualys is that you get a lot of features because it has been a market leader for quite a long time. The solution has an agent-based approach and I think it is highly evolved when compared to Tenable, for example. However, Qualys is a bit highly priced so if you're looking strictly at pricing, I think you will get a better value with Tenable. 

I would rate this solution as a nine out of ten.

View full review »
KiranReddy - PeerSpot reviewer
Head of IT at a manufacturing company with 10,001+ employees

I rate the product an eight out of ten.

View full review »
MS
Information Security Manager at a outsourcing company with 51-200 employees

We pay for the Qualys platform, and we will maintain the vulnerability management for our clients until they get their own vulnerability management solution.

I’d recommend the solution to others.

In a world of the hybrid workforce and work from home, if you're looking for a more effective vulnerability management tool, you have to go to the agent-based vulnerability management tools that are out there, and we've been extremely happy with Qualys. We were also delighted with Nessus in terms of their ability to identify things. However, an agent-based scanner is above an appliance base for known devices. Ideally, you have both of them together so you can scan your network for devices that might have an agent on it. However, for known devices, we definitely have been switching and really appreciate the switch to agent-based in Qualys.

I’d rate the solution eight out of ten. The only downside is that reporting can be slow, knowing that we're dealing with trying to load dashboards with 20,000 to 30,000 agents.

View full review »
MK
Information Security Engineer at a educational organization with 10,001+ employees

Just consider the licenses we have within VMware. They could replicate some of these features, which are used for premium customers. So, it might be useful to include those features in the subscription plans.

Overall, I would rate the solution a nine out of ten.

View full review »
Ruan Kotze - PeerSpot reviewer
Head: Cloud Platform Security at BCX Namibia

If you're considering implementing Qualys in your organization, work with a strong pre-sales partner. Evaluate the product, make sure it does what you need, make sure you buy the features that you need, and make sure to use the training and onboarding material that Qualys has made available on its website so you can leverage the solution's full capability from the start. I rate Qualys VMDR a nine out of ten.

View full review »
MN
Security Expert at a insurance company with 10,001+ employees

I give the solution an eight out of ten.

The maintenance is not difficult and we don't have any problems or concerns.

Implementation of the solution is very easy, using the solution is very easy, and it is very efficient.

View full review »
JoaoManso - PeerSpot reviewer
CIO / IT Consultant at RedShift

The initial setup is not straightforward and it's important to have the agent connectivity linked to the cloud and available all the time.

If you have assets that are not connected to the cloud, you will need help from a service provider or integrator because the introduction of passive scanning is not straightforward.

I would rate this solution a seven out of ten.

View full review »
Venugopal Potumudi - PeerSpot reviewer
Senior Consultant at Tata Consultancy

I am a consultant. 

I'd recommend the solution to others. 

I would rate the product ten out of ten.

View full review »
Edward Manuel - PeerSpot reviewer
Risk & Security Admin at Goodyear Tire & Rubber Company

I recommend the solution to others. It is excellent. We can detect and mitigate all the vulnerabilities using it.

I rate the solution as an eight.

View full review »
Swami Govindan - PeerSpot reviewer
Security Architect at a tech vendor with 5,001-10,000 employees

We're implementors. 

When it comes to security, my only advice is based on my experience. They always say to use multiple products due to the fact that, even if the vulnerability is missed in one product, it'll be identified in the other product so that you are safe. 

However, when it comes to implementation, if you have multiple products, pipelining is a big problem. For example, if I use the Qualys scanner, and then it gives me all the vulnerabilities: how do I fix it? Either I have to fix it manually, or I have to fix it automatically. 

I'd like to use one product, and, for example, use a vulnerability scanner from Qualys and have patch management as well. While the solution is still maturing, I like the tight integration and I like that the scanner can identify items and patch management can fix them. It simplifies things, instead of having to deal with multiple products and then maybe having to manually fix items on top of that. 

I'd rate the solution nine out of ten.

View full review »
JT
Former Employee of Orange Business Services as Head of Security Engineering at a comms service provider with 5,001-10,000 employees

I recommend the solution to others and rate it as a eight.

View full review »
AZ
Assistant Manager Solutions at Mutex Systems Pvt. Ltd.

If you're going for an on-premises solution, you should dive into the POC. Because I wasn't procuring an on-premises solution, it was pretty easy for me, and the support was quite helpful. But if you're going to deploy it on-premises, you should go through a proper procedure of going through the POC and getting to know the product. I would rate it at the top because it's better than Nexpose, it's better than Tenable, and it's better than Symantec.

On a scale from one to ten, I would give Qualys VM an eight. 

View full review »
JO
Manager, Info Security Planning & Architecture at a comms service provider with 10,001+ employees

I would advise anybody looking into using Qualys to go online to also check on Gartner and Forrester. From a planning perspective, you need to look at your estate to determine what kind of tool you need. I would rate Qualys VM eight out of ten.

View full review »
Minh-Do - PeerSpot reviewer
Product Manager (Journey Expert) - ANZ Deposits at Anz

I would rate Qualys VM as seven out of ten.

View full review »
KD
AVP - Information Security at a financial services firm with 10,001+ employees

We are a Qualys customer. We aren't a reseller or partner.

Overall I'd rate the solution seven out of ten.

We are currently looking at other options, to see if there's a better solution out there. This one has pretty good technical support and is easy to use, however, there are other issues associated with it.

View full review »
PranjalGargava - PeerSpot reviewer
Cyber Security Engineer at a transportation company with 5,001-10,000 employees

I would rate the product an eight out of ten. You need to complete the training before using the product. 

View full review »
AL
Sr Security Engineer at Jardine Matheson Limited

I would rate Qualys VM eight out of ten.

View full review »
PK
Senior Security Consultant at a tech services company with 10,001+ employees

They have the ability to improve SCADA. SCADA stands for Supervisory Control and Data Acquisition, and IoT stands for Internet of Things scanning.

Recommending this solution would depend on the organization, the requirements, and the devices they have.

For a typical IT system, it is very good to go with this solution. Microsoft, Deloitte, and the majority of organizations still use it, it is pretty much good to go. But, once again, it is entirely dependent on how the organization is, what type of devices they have, and what kind of scans they would like to have, it is entirely dependent.

In a broad sense, it is a good solution to go with.

I would rate Qualys VM an eight out of ten.

View full review »
NS
Lead Cyber Security engineer at a manufacturing company with 10,001+ employees

If you are familiar with or have hands on experience with Qualys Asset Inventory, this is a better tool. It will give you in-depth details of all the assets, and the managing inventory will be better. It will also give you advanced features compared to those of other inventory tools.

I would rate Qualys Asset Inventory at eight on a scale from one to ten.

View full review »
Jan Vobruba - PeerSpot reviewer
Infrastructure Security Consultant at ANECT

I rate this solution eight out of 10. 

View full review »
AP
IRM Technical Consultant at Shell

If you are comparing Nexpose and Qualys, I would prefer Qualys. The UI is good and whatever reports you are getting, are very clear. If you present it to management, the reports are good. They require an executive report that highlights the vulnerability and how many servers are affected. You can customize it also.

Nexpose is coming out with new features, but Qualys has already implemented them.

I would rate this solution an eight out of ten.

View full review »
Tim Cranny - PeerSpot reviewer
Principal at Cranny Group

I would recommend identifying the right metrics to drive the program.

I would rate Qualys VM an eight out of ten.

View full review »
BM
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

I would recommend this product to others who are interested in using it.

I would rate this solution an eight out of ten.

View full review »
BV
Security Specialist at a financial services firm with 1,001-5,000 employees

I think mainly decide how you want to scan: based on IP or based on an agent.

Then work with the interface and then explore how it works.

I would rate Qualys VM an eight out of ten.

View full review »
Gabriel Clement - PeerSpot reviewer
Lead IT Security and Remediation at ARM Ltd

I would advise others to run a proof of concept and to exhaust all functionality if considering Qualys. This may take between 15 and 60 days to complete. 

I would rate this solution a six out of ten. 

View full review »
Dharmendra Kr. Chauhan - PeerSpot reviewer
Manager|Cloud Security & Solution Architect| CloudOps|AppSec | DevSecOps | DevOps | CapOps | FinOps at Wipro

I rate this solution a ten out of ten. Compared to other solutions, brand awareness and Azure integration are the strong points of Qualys VM. We would like to have some predefined parameters for the setup in regards to security and vulnerability, and how to maximize it. For example, we want scans and management with some predefined parameters that we need to have in the environment prior to deployment and initial setup.

View full review »
Khizar Butt - PeerSpot reviewer
Country Sales Lead at securic systems

I would rate this solution a nine out of ten. 

View full review »
SH
Chief Executive Officer at Suraksha

I would advise others to always have a proof of concept version of the solution put into play. Then spend a good two months on it. Stabilize the solution and check out the features and then deploy it into production. Otherwise, you will spend money during the real project for what could have been done as a POC. Deploy the core solution, get the scanning done and all the critical components put it in a proof of concept and then move it into production.

I would rate the solution eight out of ten.

View full review »
PW
Global Infrastructure Architect at a energy/utilities company with 5,001-10,000 employees

I would rate this solution a seven out of ten.

View full review »
AK
Solutions Architect at a tech services company with 10,001+ employees

A lot of our customers have a workload that is scattered across a multi-cloud environment. This means that some of the RFPs we answer are based on very large landscapes with distributed workloads.

I would rate this solution a seven out of ten.

View full review »
Absar Shaik - PeerSpot reviewer
DevOps Engineer at a financial services firm with 501-1,000 employees

I rate Qualys Container Security a six out of ten.

View full review »
AH
Senior Manager Network Design at a computer software company with 51-200 employees

I would recommend this solution to others.

I rate Qualys VM a nine out of ten.

View full review »
it_user259962 - PeerSpot reviewer
Manager System Security at a comms service provider with 1,001-5,000 employees
  • Collect complete asset inventory details (asset type, service/application details, administrator details etc.).
  • Provide awareness session to the support team about Qualys, its usage, and functionality.
  • Prepare OLAs and SOPs for better co-ordination between the teams.
View full review »
it_user147540 - PeerSpot reviewer
Security Compliance Analyst at a healthcare company with 501-1,000 employees
Take the time to properly identify your network and as importantly get approval and acceptance from the group up – especially senior management. In addition, it is very important to have your scan schedule, profiles, reporting, metrics, expectations, etc. documented so that everyone in the company understands your expectations. View full review »
FG
President and CEO at a non-profit with 11-50 employees

I would rate Qualys VM as nine out of ten.

View full review »
SS
Information Security Engineer at a tech services company with 1,001-5,000 employees

A really nice feature of Qualys is the asset management. Some of the end users were using that function, and paid for that particular function. It is helpful to get a bit of history of all types of supports of scanning of particular servers.

View full review »
VK
Technical Architect at a outsourcing company with 1,001-5,000 employees

Qualys VM is a really good tool for vulnerability scanning, and it has different sets of profiles that can be utilized for your own requirements. I would rate Qualys VM as seven out of ten.

View full review »
MW
Information Security Specialist at a manufacturing company with 10,001+ employees

I advise that you see if this solution can fit your problems, and help your needs.

View full review »
JS
GM Network Information Security at a tech services company with 1,001-5,000 employees

My advice to others is this is one of the top solutions in its category. However, they can evaluate many solutions to see for themselves. 

I would recommend this solution to others to implement it in their network.

I rate Qualys VM an eight out of ten

View full review »
it_user254613 - PeerSpot reviewer
Security Consultant at Cyber Intelligence Sdn Bhd

Use it. It is a great product. Many people are sceptical that their scan results are in the cloud. But if you want something affordable and that works like a charm, go for Qualys. Less headaches and easy to achieve ROI as you don't spend much on the deployment or maintenance.

View full review »
MM
Director for global support at a tech vendor with 1,001-5,000 employees

It is a good product. I would recommend it to others. It had whatever I needed for my personal use case. There are a lot of features that I have not explored. Some of the features are applicable for corporate networks, and they can't be used for personal use cases.

I would rate it a nine out of 10.

View full review »
HS
Senior Vice President | Information Security at a financial services firm with 1,001-5,000 employees

I would recommend this solution and rate it a nine out of 10. 

View full review »
it_user121395 - PeerSpot reviewer
ITSM & AntiFraud Consultant with 51-200 employees

Follow the vendor provided steps, and you will not have any problems during the initial implementation. If you don’t have experience with server policies, use a consultant that will be able to identify your business needs.

View full review »
RJ
CTO Latam at a tech services company with 201-500 employees

I would advise potential users to look into the environment and understand what they want to do before implementing this solution. They must understand how to communicate with the network and what kind of network they want to put together. Just read the manual first. 

On a scale from one to ten, I would give Qualys Virtual Scanner Appliance a nine.

View full review »
ME
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees

We have regulations in place in Saudi Arabia and Egypt that require all vulnerability management solutions to be implemented on-premise.

I would recommend this solution to others but Tenable is my preferred option.

I would rate Qualys VM a five out of ten.

View full review »
MM
Chief Information Officer/Senior Vice President at a tech services company with 51-200 employees

Overall, on a scale from one to ten, I would give this solution a rating of eight. For us, it's just more of gathering more experience. The more we learn, I think we'll appreciate it, and then maybe from that point, we'll be able to say it's a nine, or a ten. It's more on us versus the solution.

View full review »
it_user254967 - PeerSpot reviewer
Linux Administrator at a comms service provider with 501-1,000 employees

Do your research and see how this product would best fit into your environment.

View full review »
it_user366201 - PeerSpot reviewer
Shared Information Security Officer at a university with 1,001-5,000 employees

Take your time and have each vendor set up an actual proof of concept, rather than just relying on a demo. Get your network and support staff engaged in the process early on because they will be instrumental in deployment and support. Know what you’re trying to accomplish.

View full review »
OO
Director Transformación Digital at oesia

Overall, this is a good product and I recommend it, mainly because of the capabilities and the management using a single console. I can even create a calendar for activities from the main screen.

I would rate this solution a nine out of ten.

View full review »
it_user254970 - PeerSpot reviewer
Technical Services Manager at a tech company with 10,001+ employees

I would definitely recommmend using this product, as this is very simple and yet an effective way to do vulnerability assessment.

.

View full review »
LH
Senior Consultant at a tech services company with 11-50 employees

I would rate Qualys VM as nine out of ten.

View full review »
it_user297117 - PeerSpot reviewer
Information Risk Analyst at a healthcare company with 1,001-5,000 employees

Make sure you take advantage of authenticated scans and it is also very helpful if you have a complete server inventory.

View full review »
it_user255882 - PeerSpot reviewer
Customer Technical Leader for Galeries Lafayette at a tech company with 10,001+ employees
  • Take your time
  • Study all the functionalities of the product
  • Try to set it up in a lab first before your production environment.
View full review »
it_user924705 - PeerSpot reviewer
Information Security Officer at Zamil

I would recommend Qualys because it's very easy to use. It does not require many specific skills. We are always on the latest version because Qualys provides automatic updates.

We have a virtual appliance in each site and that sends the logs to the cloud. We have the consoles on the cloud which enable us to query and scan. All this happens through the cloud.

We only have one administrator for the solution who monitors and checks if there is anything to be aware of. It sends the reports to all the different administrators, such as network, Linux, and Windows administrators and they take it from there.

We also have Qualys configuration management module. If there are any particular issues in any servers or in any network, it gives us a report to suggest and rectify the issues. It tells us what changes are needed to on that device.

View full review »
HH
Network and security Pre-sales Engineer at a tech services company with 51-200 employees

I would recommend Qualys because it is a reliable, affordable, and very safe product. It can have everything that you are looking for.

I would rate Qualys VM an eight out of ten.

View full review »
it_user298425 - PeerSpot reviewer
Network and Lotus Notes Administrator at a insurance company with 1,001-5,000 employees

I strongly recommend that you use this solution.

View full review »
RB
Consultant at a media company with 51-200 employees

I would rate Qualys VM a ten out of ten. 

View full review »
PL
IT Consultant Supervisor at a financial services firm with 5,001-10,000 employees

I would like for Qualys to have the ability to scan OT operation technology assets as well. 

If it can I would rate it 8 out of 10. 

View full review »
VM
Consultant at a tech services company with 11-50 employees

I would recommend this solution. 

I would rate this solution a 10 out of 10. 

View full review »
Buyer's Guide
Qualys VMDR
March 2024
Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.