We use the solution for vulnerability and policy scan.
Qualys VMDR (US Only)
QualysExternal reviews
181 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Helps with vulnerability scanning and understanding of cyber security controls
What is our primary use case?
How has it helped my organization?
The product has helped us understand cybersecurity controls.
What is most valuable?
I am impressed with the VMDR feature.
What needs improvement?
The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases.
For how long have I used the solution?
I have been using the product for three years.
What do I think about the stability of the solution?
I would rate the product's stability a nine out of ten.
What do I think about the scalability of the solution?
I would rate the tool's scalability an eight out of ten. My company has 10 IT specialists using the product.
How are customer service and support?
The product's support is not very helpful. They suggest things that we already know.
How was the initial setup?
I would rate the product's setup an eight out of ten. The tool's deployment took one to two days to complete.
What about the implementation team?
We deployed the solution in-house.
What's my experience with pricing, setup cost, and licensing?
The tool's pricing is expensive and I would rate the pricing a seven out of ten.
What other advice do I have?
I would rate the product an eight out of ten. You need to complete the training before using the product.
Promising but immature product
What do you like best about the product?
VMDR will show you many of the issues in your organazation from various sources. Dynamic Tags are a great feature if you add the Global Asset View Module
What do you dislike about the product?
Garbage in Garbage Out- Connectors and agents seem unreliable; Authenticated Scanning is difficult to implement, and this is after a year. So your data can be off until you fix your inputs, repeatedly
What problems is the product solving and how is that benefiting you?
VMDR allowed us to show our management our vulnerability posture in an easy to understand format
Solid platform overall. Support is frustrating & lack of integrations can make automation painful
What do you like best about the product?
Best thing about Qualys VMDR is the ease of deployment of the cloud agent and cloud agent in general. It allows you to (essentially) replace the "old school" internal authenticated scanning process with a continuous light-weight agent based scanning and reporting process. Getting the agent deployed as part of normal CI/CD build processes in modern cloud architecture/infrastructure deployments is a piece of cake as well. It has worked fairly reliably too.
What do you dislike about the product?
Getting support is painful. I ran into a recent issue with the VM API that suddenly occurred out of the blue, with nothing more than a non-descript general error message. Opened a support ticket, and two months later, it still wasn't resolved. I ended up tracking it down myself to an issue with our account (an accident made on their end to our subscription), and that was apparently what was causing the random error. Additionally, there seems to be little-to-no innovation happening and I rarely see any meaningful updates to the platforms we use (VMDR, PCI, WAS, FIM) aside from them breaking out pre-existing modules into new stand-alone services that they then add as new SKUs ( and want to charge extra $$$). For example, instead of improving the existing, native asset management/inventory management module that is included with VMDR, they build a new Cyber Security Asset Management (CSAM) platform, designate the old one as a "legacy" module, and now charge extra for the new one. Total BS.
What problems is the product solving and how is that benefiting you?
Qualys VMDR is a decent vulnerability management solution that is relatively holistic in terms of satisfying internal, external, and host-based vulnerability scanning needs. We mainly use it (over another solution like Tenable) simply because their PCI module is straightforward to use and reliable (and we're in the payments space, so PCI is a must). It's nice to have everything (PCI, WAS, VMDR, FIM, etc.) under one roof. There is much to be desired in the VMDR, WAS, and FIM modules, though. If you want to automate or integrate with ChatOps, you'll be forced to roll your own integration. There's not even a Slack or other collaboration platform integration for VMDR or WAS module, so we were forced to build our own Slack relay for VM and WAS scans; otherwise, we'd be forced to rely on email reports.
Great reliable product, support needs improvement.
What do you like best about the product?
Ease of use and reliable / consistent and accurate. I have minimal false positives over the last 7 years.
What do you dislike about the product?
Vmdr is fine but the biggest issue is support.
What problems is the product solving and how is that benefiting you?
Risk reduction.
Wonderful
What do you like best about the product?
Everything about the product is very appealing
What do you dislike about the product?
Nothing that I can recommend at the moment
What problems is the product solving and how is that benefiting you?
Vulnerability managed and patch management
Prioritize Vulnerabilities with the click of a button
What do you like best about the product?
Ability to quickly prioritize Vulnerabilities and being able to present executive-friendly metrics with the usage of dynamic dashboards that showcase the riskiest areas of our customers
What do you dislike about the product?
Having CSAM as a sepparate module is not helpful. Its a great tool but not big enough to have to pay additional for it. Great potential for increasing VMDR wow factor if that would have been included in VMDR 2.0
What problems is the product solving and how is that benefiting you?
Saving valuable time while categorizing, prioritizing and showcasing vulnerabilities. Helping us tell the right story for our executives and customers. Providing the necessary infornation to take risk driven decisions.
Vmdr is game changer
What do you like best about the product?
Remediation and integration with service now
What do you dislike about the product?
UI could be a little easier and easy to use.
What problems is the product solving and how is that benefiting you?
Assigning the ticket.
Impressive show My 1st exposure to the product line
What do you like best about the product?
It's all over here on messenger the ability to explain the different scenarios where one Might be vulnerable to attack
What do you dislike about the product?
I cannot think of any downsides however I am not familiar with the pricing structure
What problems is the product solving and how is that benefiting you?
I'm interested understanding if there is an API integration as it relates to Sip protocol for voice
Best VM product on the market
What do you like best about the product?
The platform and sensors and the intercompatability
What do you dislike about the product?
New products take awhile to be fully mature.
What problems is the product solving and how is that benefiting you?
End to end coverage of asset inventory and vulnerability as well as multiple other security requirements.
Leading risk based vm product!
What do you like best about the product?
Risk based Prioritization saves time by allowing you to focus on the vulns that are impacting your environment the most.
What do you dislike about the product?
It would be helpful to further improve the ability to determine exactly how many vulns are addressed when pushing the latest patch
What problems is the product solving and how is that benefiting you?
Prioritization
showing 41 - 50