Skip to main content
TrustRadius
Qualys TruRisk Platform

Qualys TruRisk Platform
Formerly Qualys Cloud Platform / Qualysguard

Overview

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide…

Read more
Recent Reviews

TrustRadius Insights

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, …
Continue reading

Qualys Review

8 out of 10
January 24, 2023
Incentivized
Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) …
Continue reading

Qualys strikes again

8 out of 10
January 20, 2023
Incentivized
Qualys Cloud Platform (specifically the Global AssetView module) enabled us to manage, view, and control all devices and endpoints in our …
Continue reading

Beware of Qualys

3 out of 10
September 12, 2020
Incentivized
We currently use Qualys for threat detection and penetration testing on several of our SaaS solutions. We also install the cloud agent on …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 12 features
  • IT Asset Realization (9)
    8.8
    88%
  • Web Scanning (8)
    8.8
    88%
  • Vulnerability Classification (7)
    8.7
    87%
  • Threat Recognition (7)
    8.3
    83%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

108 people also want pricing

Alternatives Pricing

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

Return to navigation

Features

Threat Intelligence

Features for categories that leverage threat intelligence in network security

8.7
Avg 8.2

Vulnerability Management Tools

Tools that focus on locating, identifying, and prioritizing vulnerabilities in a network that need to be patched.

8.5
Avg 8.5
Return to navigation

Product Details

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Qualys TruRisk Platform Video

Qualys Cloud Platform

Qualys TruRisk Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Reviewers rate Automated Alerts and Reporting highest, with a score of 9.

The most common users of Qualys TruRisk Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(86)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, offering detailed visibility into IT services. Users have successfully utilized the Qualys API and Python to schedule scans of their networks, focusing on critical and high vulnerabilities. This proactive approach has resulted in a reduction in attacks and compromises across the enterprise. Additionally, the integration capabilities of Qualys Cloud Platform have proven valuable for users consolidating multiple tools, providing a unified dashboard for better visibility and management of their IT infrastructure and risks.

One key use case of Qualys Cloud Platform is policy compliance. Users have praised Qualys Policy Compliance for its ability to create policies, establish controls, and manage compliance across the organization. The user-friendly UI and unified dashboard aid decision-making for C-level executives. Furthermore, Qualys Cloud Platform has been used to continuously assess workloads in multi-cloud environments and ensure they align with security policies.

Vulnerability detection and prioritization are also critical use cases for Qualys Cloud Platform. It is relied upon by users for network security monitoring, web application monitoring, asset discovery, threat protection, and compliance monitoring. With a comprehensive view of network security and critical applications, users can determine the need for patching and effectively secure their IT infrastructure. The software's effectiveness extends to monitoring and managing diverse assets such as servers, switches, Windows, UNIX systems, NAS appliances, and web URLs.

Another benefit of Qualys Cloud Platform is its automation capabilities for scanning and reporting tasks. This automation saves time while providing real-time awareness of security levels, vulnerability detection, and prioritized remediation needs. Users appreciate the user-friendly interface, organized asset management features, integration with Splunk, centralized logging for investigation purposes, as well as patching status monitoring. Overall, Qualys Cloud Platform equips organizations with the necessary tools to protect their IT infrastructure—such as data, applications, endpoints—and achieve compliance while streamlining security processes.

Informative Reports: Many users have praised the informative reports generated by Qualys Cloud Platform. Several reviewers have mentioned that the platform provides detailed and comprehensive reports, allowing them to easily identify security vulnerabilities in their systems. This feature has been highly appreciated by a significant number of customers.

Accurate Vulnerability Identification: The platform's capabilities in accurately identifying security vulnerabilities have been lauded by numerous users. Reviewers have highlighted that Qualys Cloud Platform effectively scans and detects potential weaknesses in their systems, providing them with reliable information to address these issues promptly. This aspect has received positive feedback from a substantial portion of customers.

User-friendly Interface: A considerable number of reviewers have commended the user-friendly interface of Qualys Cloud Platform. Users appreciate how easy it is to navigate through the platform and access different features without any technical difficulties. This intuitive design has made it convenient for many customers to use and maximize the benefits of the platform.

Complicated Program: Some users have found the program to be complicated and challenging to navigate, requiring intuition to execute tasks effectively. This complexity can make it difficult for new users to quickly understand all of its functions.

Messy Interface: Users have mentioned that the interface is cluttered and lacks clear organization, making it hard to find the options they need. The disorganized layout can lead to frustration and inefficiency in navigating the program.

Lack of Customer Support: Several users expressed dissatisfaction with Qualysguard's customer support, citing slow response times and missed SLAs. Prompt and efficient support is crucial for users when encountering issues or seeking assistance, but some felt let down by their experiences with Qualysguard's support team.

Users recommend using Qualys for security purposes, such as security validation and vulnerability assessment. They have found that Qualys does a solid job of detecting network vulnerabilities and reporting on them. Some users specifically recommend deploying agents on all endpoints and doing authenticated scans with Qualys to improve the accuracy of the results.

Users advise exploring product trials carefully to understand where Qualys might fall short of expectations. While many users find Qualys to be a valuable tool for security improvement and business analysis, they also note that it has a learning curve and can be difficult to set up initially.

Users mention that Qualys is more expensive compared to other products on the market but still worth the investment. They recommend integrating Qualys into the workflow of security scanning and highlight its functionalities and inbuilt features as reasons to choose it. Some users also suggest improving customer support for Qualys as an area of enhancement.

Overall, users strongly recommend Qualys as a reliable tool for security assessment, especially for enterprise organizations where vulnerabilities can have serious consequences for the business.

Attribute Ratings

Reviews

(1-25 of 25)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Qualys Cloud Platform makes the dark corners of your webapp visible. What's visible can be made secure.
This allows you to focus on the important: your security and compliance posture.
With the automated scheduled scanning, reporting, and notifying you pretty much don't have any heavy lifting to do.
It also offers native integrations with the major Cloud Providers.
January 24, 2023

Qualys Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
In our company basically we use Qualys to scan periodically environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners helping them to addressing the findings scheduling to apply patches. So the tool's functionality fulfills the purpose expected from us.
Henry Coronel | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
It is essential for a company that works largely on the web to maintain stable security and visualize the vulnerability of its state and of the web applications that are regularly put to the test; Qualys Cloud Platforms is the perfect program that will help you with these aspects, as well As long as it's priced right for its features, it's always a pleasure to recommend and showcase the great features of the Qualys Cloud Platform.
January 20, 2023

Qualys strikes again

Score 8 out of 10
Vetted Review
Verified User
Incentivized
It's a pretty good overall tool. Honestly, it becomes a scale issue. If you have less than 100 devices altogether, this is not the tool for you. There are so many ways to sort devices and keep track of important tags, but below a certain level it is entirely overkill.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
with some training it is easy to scan your networks and find assets on your networks.
also unmanaged assets are found and the automated remediation guidance helps to quickly solve or at least remediate the vulnerability.

because the training is really needed to understand the services, it is not easy to let a colleague also use it when you're not available
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Qualys Cloud Platform was used by us in terms of patch deployment for internal and external customers. We used it as to provide Patch management services. Qualys Cloud Platform was integral part of our whole Patch Management as service which was part of the larger officering and completed the whole security aspect.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Qualys cloud is well suited as a global solution for monitoring the security of your network. It is well suited for vulnerability scanning, policy compliance, asset discovery and threat protection as well as cloud inventory and application security scanning (for both public web apps and in-house applications). The best feature and also the one that provides us the most value is the VMDR (vulnerability management, detection and response). This is a crucial part of our overall security function. Scenarios where we find it less appropriate are in patch management.
Varun Khare | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
As a member of an Endpoint security team, I worked on finding a variety and quantity of Endpoints on the network and Qualys VMDR helped us a lot to find those and do security and compliance risk. It continuously protects all your endpoints from suspicious activity and attacks from prevention to detection to response.
Score 7 out of 10
Vetted Review
ResellerIncentivized
Qualys Cloud Platform is well suited for organizations that need additional tools to secure and bolster their security from end to end. The automated, real-time threat protection is very quick to notify an admin of potential vulnerabilities and risks, as well as recommending quick fixes to resolve/close the gap before an incident occurs. QCP excels at portraying all of these in a single pane of glass, and find that the Qualys reports are more detailed than competitor product lines. One of our big issues with QCP is that you do have to pay for each scanner, which can quickly add up to large costs. For this reason, I would rate Qualys at a ~7 due to great features and functionality, but overall value could be better for a large organization. I would also say that QCP may make more sense for smaller organizations due to this pricing model.
Rahul Deshmukh | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
If you have a large IT landscape of different operating systems and want a common assessment tool for vulnerabilities, and compliance and also have your own policies, you can create your own customized Compliance management view. Create your own customized controls apart from NIST, and CIS controls. Have a parallel scanner to improve scanning performance and reduce the timeline.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Some of the major drivers behind why companies deploy Qualys Cloud --Compliance obligations, Policy enforcement validation and policy violations, Continuous monitoring and incident response, Detect and prioritize vulnerabilities and mis-configurations across the IT estate, as well as supporting automated patching and remediation activities continuous monitoring, event triage and threat hunting. Security should be a top business priority in every industry and a lack of funding is no excuse
Score 9 out of 10
Vetted Review
Verified User
Incentivized
As per my past experience with qualys vm tool, we implemented for scanning the assets in cloud as well as on-prem. Also we had used for web application scanning. Integrated with splunk for centralised monitoring and reporting purpose for missing patch on assets, patched assets status, not scanned assets, etc.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Qualys really excels in internal/external vulnerability reporting (across physical, on-premise virtual and cloud-based devices), PCI scanning and cloud configuration security. Their products are full-featured, reliable and relatively easy to use, for the most part. Technical support and account management functions work well together to deliver a successful customer experience.
Score 5 out of 10
Vetted Review
Verified User
Incentivized
It does have its pros but they are outweighed by the cons. There are better scanners out there. WAS gets stuck at scanning a single page for such a long time that it barely covers any part of the application before reaching the 24-hour limit and concluding testing. It could be also because of the nature of our application, but I would expect dynamic scanners to be a bit smarter than this.
September 12, 2020

Beware of Qualys

Score 3 out of 10
Vetted Review
Verified User
Incentivized
It is well suited if you only need a tool that is going to be used for threat detection and penetration testing for your internal systems. It would be less appropriate if you are looking for a strong threat management system for end-user workstations. I would suggest looking elsewhere for that.
March 04, 2020

Happy Qualys user.

Score 9 out of 10
Vetted Review
Verified User
Incentivized
Qualys really covers most of the operational security needs of my team and support for multiple clouds is making it easy for us to go with any cloud. We are able to see the value immediately and correct any potential violations right away. However we are also looking for a system that can proactively identify common mistakes whenever new resources are spun up that can violate our security policies rather flag it later.
January 15, 2020

Delivers as intended!

Score 8 out of 10
Vetted Review
Verified User
Incentivized
For regulatory companies that must adhere to certain guidelines, PC provides a quick and relatively easy way to identify when an asset is out of compliance making audits a worry-free event.
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Installation: Qualys is a cloud-based service (cloud management), in case you require an offline solution, Qualys is not the solution for you.
You can scan all types of devices: servers, endpoints, network equipment, FW, and much more, including Cloud workloads (they have a dedicated appliance for IaaS).
For endpoints, it's better to use their Agent in order to avoid running the scans over the network. this has an additional cost.
For Compliance needs, Qualys is good enough.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
It is well suited for environments that are looking for a solution that is top notch for vulnerability scanning, and is the most accurate at doing so. It would also fit environments that have a lot of endpoints to scan or like to have scanning done on an automatic basis.

It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Of many of the other vulnerability testing suites I used, this offered the most robust features and, once you learned the UI, was a go-to tool. The reporting was very nice for not only us technical but for reports for management as well that were easy to understand and prioritize fixes.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
I've seen Qualysguard work really well for discovery, however you need to have good knowledge of your organization's network topology to ensure Qualys is able to access. In some cases you may end up requiring multiple appliances due to capacity or access contraints. Qualysguard is also very good for verifying patching, server hardening configurations, and other compliance requirements.
Return to navigation