Qualys VMDR Pros and Cons

Qualys VMDR makes managing vulnerabilities so easy. It's easy to read and get a breakdown of what's going on in the environment and to know where your primary focus at the time needs to be. Review collected by and hosted on G2.com.

Least helpful part is that sometimes the Qualys score for a vulnerability will be very different than the CVSS score and so it's hard to know which one to base things off of and which may be more reasonable for our environment. Review collected by and hosted on G2.com.

Easy console , very helpful and easy to understand gui , reporting options , since it is saas it is fast as well . Review collected by and hosted on G2.com.

Nothing as such . It has all the modukes required and now with addition of csam its great for asset management as well. Review collected by and hosted on G2.com.

VMDR gives us a holistic view of our assets and our risk. True Risk is a allows us to prioritize accordingly. Review collected by and hosted on G2.com.

As we use rolling servers, I dislike that our inventory can at times have stale detections for servers that are no longer active. Review collected by and hosted on G2.com.

I like how much information is discovered with the Qualys agent on PCs, Mac's and servers. It is more or less a one stop shop for information on a machine (even when it's not on the internal network) Review collected by and hosted on G2.com.

The cost and what you get for it. We did a trial of the patch management portion of VMDR and it was highly overpriced for what it was capable of. It is still relatively new on the market so there is certainly room for improvement. Review collected by and hosted on G2.com.

It's all over here on messenger the ability to explain the different scenarios where one Might be vulnerable to attack Review collected by and hosted on G2.com.

I cannot think of any downsides however I am not familiar with the pricing structure Review collected by and hosted on G2.com.

The report templates available on Qualys is more essential for an IT team to prioritize their patching with the tons of active vulnerabilities in the network Review collected by and hosted on G2.com.

Nothing specific, we had always a good experience with this vendor. Review collected by and hosted on G2.com.

Easy identification of focus asset group in terms of remediation, it also show security posture in a quick glance to its vulnerability dashboard that help security professional almost real time update of the vulnerable servers. Review collected by and hosted on G2.com.

Nothing in particular, just want to have a better control in terms of resource permission especially the ownership of asset group, schedule and authentication record. More flexibility in terms of ownership change from Manager level to Business Unit Manger level. Review collected by and hosted on G2.com.

Qualys is great for cloud-based management of all threats and suited for organizations of all sizes. I like how easy it is to use to scan network vulnerability endpoints, and then remedy any vulnerabilities that are detected. It offers an end-to-end security solution and is easy to automate, so you can just set it and forget it. The UI is also easy to use. Review collected by and hosted on G2.com.

Sometimes it can be slow when scanning endpoints, which means that results aren't instantly available. There is also somewhat of a learning curve for new users to the platform, and automatic password resets are often annoying. Review collected by and hosted on G2.com.

The thing i like about the software is that it helps a lot to keep track of the assets in the organization and makes assets management easier from the security perspective. Adding, on top of keeping a close eye on the assets it helps scan for vulnerabilities but im not sure whether the scan is on an OS level only or could do a url blackbox scanning if we add the url as an asset, its like SnipeIT and OpenVas in one tool, very recommended. Review collected by and hosted on G2.com.

So far nothing, maybe after using the app more in-depth I might find something to dislike about it, but I'm giving it a 9 since it might not be able to detect vulnerable artifacts during the build process, I would prefer the build to fail if vulnerable artifacts were detected rather than fix the issues after building the image Review collected by and hosted on G2.com.

Good information can be gathered with the product. Review collected by and hosted on G2.com.

Not sure at this point, will need to test more. Review collected by and hosted on G2.com.