The Qualys Cloud Platform (formerly Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and…
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
- IT Asset Realization (9)8.888%
- Web Scanning (8)8.888%
- Vulnerability Classification (7)8.787%
- Threat Recognition (7)8.383%
The Qualys Cloud Platform (formerly Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to…
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
85 people also want pricing
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…
Features for categories that leverage threat intelligence in network security
- 8.8Network Analytics(6) Ratings
Analyzes various data reports and logs (DNS, firewall, user data, security information etc.) to identify threats in a network.
- 8.3Threat Recognition(7) Ratings
Detection and recognition of malicious software within a network that could pose a threat to sensitive information.
- 8.7Vulnerability Classification(7) Ratings
Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.
- 9Automated Alerts and Reporting(7) Ratings
Systems in place to automatically alert, report, or notify of issues that may need timely remediation.
- 8.1Threat Analysis(7) Ratings
Analyzing known factors such as behavior patterns, affected areas, and other specific features to more easily identify a threat.
- 8.9Threat Intelligence Reporting(7) Ratings
Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)
- 8.7Automated Threat Identification(7) Ratings
Leveraging multiple sources of information (such as threat intelligence databases) to automatically identify threats.
Tools that focus on locating, identifying, and prioritizing vulnerabilities in a network that need to be patched.
- 8.8IT Asset Realization(9) Ratings
Scans a network to identify hardware and software assets on the network.
- 7.8Authentication(6) Ratings
Authentication of users and services within a network to prevent vulnerabilities from being introduced to the network.
- 8.4Configuration Monitoring(7) Ratings
Constant monitoring of a network set up to identify vulnerabilities as they occur within the network or tech stack on the network.
- 8.8Web Scanning(8) Ratings
Specifically scans webpages for potential threats or vulnerabilities.
- 8.6Vulnerability Intelligence(7) Ratings
Software that is able to label and store information about vulnerabilities to access for future use cases.
- Tech Details
- Scheduled scans.
- Detailed reports with graphs.
- Notify when there's a [potential] vulnerability
- Modernize the Web GUI.
- OS inventory
- Updated Database
- Vulnerability Addressed
- Reports should be improved
- Knowledge Base (forums)
- One of the main features that I like about this program is the multiple options and powerful functions that I have at my fingertips to strengthen the security of my system.
- Qualys Cloud Platform is a great program that gives the opportunity to all its users to keep track of each of the processes on the web, complying with the mandatory policies and manipulating the least risky applications.
- Thanks to the support of this program, all my commercial projects on the web are entirely safe; Qualys Cloud Platform will take care of avoiding each of the threats on the web.
- This program is really complicated, the multiple functions that are presented to us are not very clear and in some cases, it is a matter of intuition to execute a function, it is not very informative.
- The interface of this program can be a real problem; for our taste, this program looks a bit messy, and the interface does not help or guide you to find the options you need.
- Response Time
- Inaccurate Updating
The automation of the scanning and reporting, saves us a lot of time and makes it possible to be aware of the security level of both our internal and external systems and to detect vulnerabilities and prioritize the remediation of them.
- automated web application scanning
- automated reporting
- cloud asset management
- remediation guidance
- 2fa options are too limited right now
- adding domains and networks needs a better and easier way
- discovery and scanning setup could be better integrated
- not all modules integrate well with eachother
also unmanaged assets are found and the automated remediation guidance helps to quickly solve or at least remediate the vulnerability.
because the training is really needed to understand the services, it is not easy to let a colleague also use it when you're not available
- Ease of use
- Simplified UI
- Simple operations
- Have more integrations for Patching Support
- Better customer support
- Support for Zero Day Vulnerability patching
- web application scanning
- threat protection
- policy compliance
- File integrity monitoring
- Asset discovery
- Threat protection
- Certificate inventory
- PCI compliance
- Infrastructure Security
- Network Security
- Cloud Security
- Asset Management
- Patch Management
- Application Security
- Ghost/Shadow Asset Scanning
- Real time threat protection, with alerts & remediation
- Total visibility into the security of our organization via a single-pane
- Easily scalable for additional infrastructure, end users, and policy updates
- Customer support tends to be slower, often leading to the tail end of guaranteed SLA's
- Major downside is that QCP charges you for each scanner, leading to high cost
- False positives can end up wasting more time, rather than saving it
- Controls Management.
- Unified dashboard for security posture.
- Organization security policy effectiveness.
- Ease of configuration.
- Some of the tasks to select sensors can be automated.
- Controls customisation can be improved.
- Technology support can be improved.
- Vulnerability management
- Patch management
- Reporting and alerting mechanism
- Addressing false positives
- JIRA Integration
- UI interface could be cumbersome for first time users
- Patch management
- Scanning the assets
- Maintaining option profile
- Reporting service
- Reporting service should be available in excel or csv mode
- Panel for vulnerabilities by category in dashboard
- Integrated with splunk to monitor the status of missing patch
- Internal & external vulnerability management
- Visibility of cloud security configuration issues
- Completion of PCI ASV requirements
- Cheaper entry-level offerings for startups and SMEs
- Static, dynamic and third-party software security scans
- Redesign user interface to be more intuitive and responsive, with a consistent user experience across all components of the platform
- Scan configurations were quick and easy.
- Offers wide range of settings for more targeted scans
- Informative reports
- Navigation is pretty complex and involves a lot of pages to click through
- Redundantly scans pages in vain with little to no modification in the alphanumeric query parameter values
- Scan duration and coverage
- Penetration Testing
- Threat detection
- Vulnerability scanning
- Difficult to use
- Poor support
- Hard to control threats on workstations
- Ease of use.
- Continuous and comprehensive monitoring.
- Good reporting and alerting mechanism.
- Seemless JIRA Integration.
- Automated intelligence to identify and report common issues for a company.
- Reporting - Qualys PC does a fantastic job in this arena. Reports are easy to customize and decipher.
- Very nice and easy to read dashboard.
- It's unfortunate that Policy and Compliance is an add-on to their Vulnerability scanning platform.
- The GUI could be a little less complicated.
- Really good and up to date vulnerability database
- Good reporting capabilities
- PCI ready
- Price tag
- Have the license based on live IPs, not on entire subnets, so then you pay for the exactly amount of servers you have.
We have several scanners deployed in different locations in order to cover all sites, and scheduled scans that run on a periodic basis.
Qualys helps us to prioritize the mitigation, it includes not only OS patches, but also 3rd party software.
- Cloud-based management.
- Detailed info about the findings: reason, effect, risk, mitigations, etc.
- Clear UI.
- Additional modules can be added to the same management interface.(single point of management).
- Notices some findings which were not clear why they appear(suspected false positive).
- Working with Qualys support(for example due to the previous point) wasn't the best experience. the response was very slow.
- Qualys limit the daily API requests. In case you need more, it will cost.
You can scan all types of devices: servers, endpoints, network equipment, FW, and much more, including Cloud workloads (they have a dedicated appliance for IaaS).
For endpoints, it's better to use their Agent in order to avoid running the scans over the network. this has an additional cost.
For Compliance needs, Qualys is good enough.
It addresses the business problem of helping to secure networks from intrusions and vulnerabilities. It helps IT see what computers on the network has vulnerabilities, and offers them an opportunity to remediate those vulnerabilities.
- It really does well at vulnerability scanning, which it is well known for. It's accuracy at finding vulnerabilities is top notch, more so than a lot of other vulnerability tools out there. In an organization/company you want this kind of accuracy at finding vulnerabilities in your network/endpoints
- It is very good at managing endpoints on a consistent basis, meaning you can add endpoints to Qualys and have the platform scan/track/protect for vulnerabilities on an ongoing basis, without user intervention
- It does really well at separating out and identifying what levels of criticality each vulnerability should fall into. This way, an organization/company can attack the more critical vulnerabilities first
- Can be slow at times, namely when scanning endpoints. Scans can take a while, and results may not be immediately known
- For IT personnel that have never used Qualys before, it can take some time to learn the platform, and how to actually use it. Some sort of training or consulting documentation on the product would be beneficial, as it's a more complicated platform
- Automatic password resets for user/admin login to the platform can be frustrating, as this can happen occasionally, without user/admin awareness
- False positives can also be detected, sometimes at a high rate. Need to lessen that as much as possible
It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
- Attestation is so easy with Qualys. I find this one feature makes the investment worth the cost
- Ease of use. Within an hour of first installing, a person can be running compliance tests without a hitch.
- Great training materials and support. I have never had to take more than twenty minutes to solve a problem either through support or the forums.
- You must learn the terminology which can cause problems but is a minor thing.
- API Task scheduling and configuration
- Threat database updates through authenticated scanning of Windows and Unix operating systems
- Reporting capabilities
- The API query can only support limited number of connections in a time period without calling support to request more, I would suggest removing that limitation.
- User setup for multiple groups
- Ease of automation, set it and forget it
- Reporting features were a huge plus
- Took time to learn the UI
- Could be cumbersome for first time users
- Not much online documentation that was useful
At my current organization, Qualysguard is primarily used for discovery of assets and verification of secure configuration/patching by our security team. Our team is also assessing Qualysguard WAS to build into our secure development practices.
At my previous organization, we provided self-service capability for our engineers designing/building our products to perform their own infrastructure scans to identify security configuration flaws as early in the build process as possible. We also used Qualysguard for discovery of assets and verification of secure configuration/patching.
In both organizations, Qualysguard has added a ton of value.
- Discovery of assets on a network.
- Identifying infrastructure security configuration flaws for a number of different OS types.
- Easy UI to navigate.
- Easier way for VM scan custom profile management. A way to determine if there are duplicate scan profiles created to reduce redundancy with multiple administrators.
- This may have been addressed, but my previous organization had a lot of difficulties integrating Qualysguard with RSAM.
- Add trending over time capabilities to dashboard.
- The first benefit is actually in the vendor. Qualys provides free instructor-led training.
- Ease of use in a diverse environment.
- The Qualys Private Cloud Platform has a complete suite of reporting capabilities so you can use your data quickly.
- The way that devices are catalogued can be tough in a DHCP environment.