Qualys VM Room for Improvement

KD
AVP - Information Security at a financial services firm with 10,001+ employees

Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this. 

They need to consider how they can improve tool usability and different scanning options. 

Sometimes we are facing issues while performing a scan and things are not correctly shown on the GUI. Even as we are doing a task, it may show up as completed, and then something is not visible. Sometimes we face other technical problems. For example, sometimes we can't go to the next page. It's limiting any positive results.

The solution needs to be easier to understand and configure.

The pricing is a bit on the higher side compared to other products in the industry.

View full review »
Chief Executive Officer at Suraksha Pty Ltd

The server application scanning has room for improvement.

It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check.

They do talk about an agent-based scanning for non-IP machines. It sort of sits between server scanning and endpoint scanning. That's not very clear. If they can improve that and deploy, then it'll be such a nice package.

The solution should help its vendors more with renewals. For example, we had deployed the solution as a reseller to a client and then somebody else came along and we didn't end up getting the renewal licenses for the servers. I wasn't very happy about that. We put all the hard work to get it in, but the following years we didn't get the benefit of our low pricing in the first year. 

They should integrate with the dashboard and provide a plugins link for data that's coming into API on the dashboard. When the users buy the license, they can turn it items on. So, that way you know you've got the full solution. What you don't pay for is not switched on, and what you pay for can get switched on immediately.

View full review »
HH
Network and security Pre-sales Engineer at a tech services company with 51-200 employees

Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching.

They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework. 

View full review »
Find out what your peers are saying about Qualys, Rapid7, Tenable Network Security and others in Vulnerability Management. Updated: July 2021.
522,946 professionals have used our research since 2012.
IRM Technical Consultant at Shell Exploration & Production Co.

Customer support needs to be improved because it was not to our SLA standards.

Suddenly, the scan engine will go down. We don't know what the reason is, or how it goes down. Because of that, the business is impacted.

I had a look at the PCI reports  (policy compliance reports) and I have heard that most memberships have been taken by Azure, although I was not aware of that. I would like to see more documentation or awareness.

View full review »
MM
Chief Information Officer/Senior Vice President at a tech services company with 51-200 employees

It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution. So far, we've been pretty happy about it. Nothing comes to mind that is negative.

Given that it's really new, we're really trying to use all of the features and get a good comfort level and gain more experience in it. For this reason, I can't speak negatively of it, yet.

View full review »
BM
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

The Patch Identifications, which are supersedence identifications, need improvement.

I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities. These are things that are definitely needed.

View full review »
PW
Global Infrastructure Architect at a energy/utilities company with 5,001-10,000 employees

We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at.

In general, I would like to see some better analytics and prioritization of vulnerabilities.

View full review »
PL
IT Consultant Supervisor at a financial services firm with 5,001-10,000 employees

Reporting can be improved more. It should generate much more stuff like field reports. Though the reports generally meet our need we hope we can customize it better.

View full review »
VM
Consultant at a tech services company with 11-50 employees

I'd like to see additional security for the app. The product lacks integrations for third party solutions or automation integration for other tools.

View full review »
HS
Senior Vice President | Information Security at a financial services firm with 1,001-5,000 employees

I felt hindered sometimes within reports in that they were lacking somewhat on the customization side in terms of making use of the data. The cloud user interface could be a little more responsive. It was a click and then a wait. 

View full review »
RB
Consultant at a media company with 51-200 employees

The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement. 

The pricing is also expensive.

View full review »
BM
Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

I would like to see this solution more developed and competitive in the Cloud space.

View full review »
Find out what your peers are saying about Qualys, Rapid7, Tenable Network Security and others in Vulnerability Management. Updated: July 2021.
522,946 professionals have used our research since 2012.