Skip to main content
TrustRadius
Qualys TruRisk Platform

Qualys TruRisk Platform
Formerly Qualys Cloud Platform / Qualysguard

Overview

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide…

Read more
Recent Reviews

TrustRadius Insights

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, …
Continue reading

Qualys Review

8 out of 10
January 24, 2023
Incentivized
Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) …
Continue reading

Qualys strikes again

8 out of 10
January 20, 2023
Incentivized
Qualys Cloud Platform (specifically the Global AssetView module) enabled us to manage, view, and control all devices and endpoints in our …
Continue reading

Beware of Qualys

3 out of 10
September 12, 2020
Incentivized
We currently use Qualys for threat detection and penetration testing on several of our SaaS solutions. We also install the cloud agent on …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 12 features
  • IT Asset Realization (9)
    8.8
    88%
  • Web Scanning (8)
    8.8
    88%
  • Vulnerability Classification (7)
    8.7
    87%
  • Threat Recognition (7)
    8.3
    83%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

108 people also want pricing

Alternatives Pricing

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

Return to navigation

Features

Threat Intelligence

Features for categories that leverage threat intelligence in network security

8.7
Avg 8.2

Vulnerability Management Tools

Tools that focus on locating, identifying, and prioritizing vulnerabilities in a network that need to be patched.

8.5
Avg 8.5
Return to navigation

Product Details

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Qualys TruRisk Platform Video

Qualys Cloud Platform

Qualys TruRisk Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Reviewers rate Automated Alerts and Reporting highest, with a score of 9.

The most common users of Qualys TruRisk Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(86)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, offering detailed visibility into IT services. Users have successfully utilized the Qualys API and Python to schedule scans of their networks, focusing on critical and high vulnerabilities. This proactive approach has resulted in a reduction in attacks and compromises across the enterprise. Additionally, the integration capabilities of Qualys Cloud Platform have proven valuable for users consolidating multiple tools, providing a unified dashboard for better visibility and management of their IT infrastructure and risks.

One key use case of Qualys Cloud Platform is policy compliance. Users have praised Qualys Policy Compliance for its ability to create policies, establish controls, and manage compliance across the organization. The user-friendly UI and unified dashboard aid decision-making for C-level executives. Furthermore, Qualys Cloud Platform has been used to continuously assess workloads in multi-cloud environments and ensure they align with security policies.

Vulnerability detection and prioritization are also critical use cases for Qualys Cloud Platform. It is relied upon by users for network security monitoring, web application monitoring, asset discovery, threat protection, and compliance monitoring. With a comprehensive view of network security and critical applications, users can determine the need for patching and effectively secure their IT infrastructure. The software's effectiveness extends to monitoring and managing diverse assets such as servers, switches, Windows, UNIX systems, NAS appliances, and web URLs.

Another benefit of Qualys Cloud Platform is its automation capabilities for scanning and reporting tasks. This automation saves time while providing real-time awareness of security levels, vulnerability detection, and prioritized remediation needs. Users appreciate the user-friendly interface, organized asset management features, integration with Splunk, centralized logging for investigation purposes, as well as patching status monitoring. Overall, Qualys Cloud Platform equips organizations with the necessary tools to protect their IT infrastructure—such as data, applications, endpoints—and achieve compliance while streamlining security processes.

Informative Reports: Many users have praised the informative reports generated by Qualys Cloud Platform. Several reviewers have mentioned that the platform provides detailed and comprehensive reports, allowing them to easily identify security vulnerabilities in their systems. This feature has been highly appreciated by a significant number of customers.

Accurate Vulnerability Identification: The platform's capabilities in accurately identifying security vulnerabilities have been lauded by numerous users. Reviewers have highlighted that Qualys Cloud Platform effectively scans and detects potential weaknesses in their systems, providing them with reliable information to address these issues promptly. This aspect has received positive feedback from a substantial portion of customers.

User-friendly Interface: A considerable number of reviewers have commended the user-friendly interface of Qualys Cloud Platform. Users appreciate how easy it is to navigate through the platform and access different features without any technical difficulties. This intuitive design has made it convenient for many customers to use and maximize the benefits of the platform.

Complicated Program: Some users have found the program to be complicated and challenging to navigate, requiring intuition to execute tasks effectively. This complexity can make it difficult for new users to quickly understand all of its functions.

Messy Interface: Users have mentioned that the interface is cluttered and lacks clear organization, making it hard to find the options they need. The disorganized layout can lead to frustration and inefficiency in navigating the program.

Lack of Customer Support: Several users expressed dissatisfaction with Qualysguard's customer support, citing slow response times and missed SLAs. Prompt and efficient support is crucial for users when encountering issues or seeking assistance, but some felt let down by their experiences with Qualysguard's support team.

Users recommend using Qualys for security purposes, such as security validation and vulnerability assessment. They have found that Qualys does a solid job of detecting network vulnerabilities and reporting on them. Some users specifically recommend deploying agents on all endpoints and doing authenticated scans with Qualys to improve the accuracy of the results.

Users advise exploring product trials carefully to understand where Qualys might fall short of expectations. While many users find Qualys to be a valuable tool for security improvement and business analysis, they also note that it has a learning curve and can be difficult to set up initially.

Users mention that Qualys is more expensive compared to other products on the market but still worth the investment. They recommend integrating Qualys into the workflow of security scanning and highlight its functionalities and inbuilt features as reasons to choose it. Some users also suggest improving customer support for Qualys as an area of enhancement.

Overall, users strongly recommend Qualys as a reliable tool for security assessment, especially for enterprise organizations where vulnerabilities can have serious consequences for the business.

Attribute Ratings

Reviews

(1-25 of 25)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use Qualys Cloud Platform to perform automated Web App Scans on internally developed platforms. Once set, and with the scheduled scans features, there's no more heavy lifting: just wait for the notifications either via mail or the ticketing system, download the report in pdf format, and escalate/assign to the right stakeholders.
January 24, 2023

Qualys Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners to let them know what's the current situation regarding their environment to schedule
Henry Coronel | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
The performance that we have had with this program has been great since it has been the only program that has offered us a long list of options to scan as well as manage the level of vulnerability in all the applications and websites where our system runs, thanks With the help of Qualys Cloud Platform you can see in detail all the IT services that I use the most.
January 20, 2023

Qualys strikes again

Score 8 out of 10
Vetted Review
Verified User
Incentivized
Qualys Cloud Platform (specifically the Global AssetView module) enabled us to manage, view, and control all devices and endpoints in our organizations and sort them in various ways, push scripts selectively based on group, and generally keep things organized in a way that helped our whole team understand where everything was, and what state it was in, and address concerns immediately if need be.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use Qualys Cloud Platform to help us to identify vulnerabilities, monitor for threats, and respond to security incidents.
The automation of the scanning and reporting, saves us a lot of time and makes it possible to be aware of the security level of both our internal and external systems and to detect vulnerabilities and prioritize the remediation of them.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We used the platform as a part of the Patch Management tool for us and our customer environments. It was good and effective tool, to work on the patching activities, with ease of access, smooth functioning. When compared to other tools this was a bit cost effective and also was worth the purchase.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use Qualys cloud platform to monitor our network security, monitor public and privately hosted web applications, and also for asset discovery, threat protection and compliance monitoring. It is a comprehensive security platform that gives us a global single pane of glass view into the security of our network and critical applications.
Varun Khare | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Integration was one of our key challenges as we were going through a consolidation of many tools. Bringing everything together and getting visibility in one Qualys dashboard has helped us. To secure our IT infrastructure and manage all risks related to our assets in one place is very easy now. Now we can see everything related to asset on dashboard and take action quickly.
Score 7 out of 10
Vetted Review
ResellerIncentivized
Qualys Cloud Platform provides our organization with the tools needed to protect our organization, from end-to-end. It bolsters our security stance in a multi-faceted approach, including our IT infrastructure, our data and applications in the cloud, our endpoints, and compliance all over the world. The best feature of Qualys would be it's automated threat protection which gives us alerts & warnings in realtime, leading to actionable insights that keep our business secure.
Rahul Deshmukh | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Qualys Policy Compliance helps an organization to create policy, establish controls, write user-defined controls and manage the entire compliance of the organization. It also has an easy-to-use UI and creates a unified dashboard that helps C-level executives with decision-making based on the security posture of the organization. Based on the reports and dashboard, it's easy to take corrective action.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
** To use Qualys Cloud to continuously assess the workloads in the multi-cloud environment and make sure they are in line with our security policies
** Application Security and Policy Compliance
** Reduce risk and increase their levels of compliance in a cost-effective manner
**Detect and prioritise vulnerabilities and misconfigurations across the IT estate, as well as supporting automated patching and remediation activities
Score 9 out of 10
Vetted Review
Verified User
Incentivized
In my previous organisation (capgemini), I had implemented and used qualys for vulnerability scanning and management. It is very user friendly tool and it has very organised way to manage the scanning asset and option profile as well as reporting service and remediation steps. Can be easily integrated with splunk to get the logs at centralised location to investigate and monitor the status of patching.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use the Qualys Cloud Platform for three main strands in our information security. Firstly it gives us excellent visibility of internal and external vulnerabilities across our technology estate. This allows us to identify any potential gaps in software patching, and determine whether any vulnerable end-of-life software is installed on any of our physical or virtual devices. Secondly, we use Qualys for scheduling, analysing and managing PCI scans, a requirement of our PCI DSS certification as a Level 1 service provider. Finally, and more and more crucially as we migrate an increasing number of workloads into the cloud, we use the Qualys CloudView product to report on any potential insecure configuration issues across our AWS & Azure estates. Using a single vendor for these three key pieces of functionality enables us to better manage costs, and leverage our existing customer success relationship. Qualys are excellent both at reactive customer support for security incidents or technical queries, and proactively reaching out to us to make sure we're both making the best use of the functionality included in our existing contract and working with us to see if there's anything they can do to help with our emerging and ongoing security challenges and requirements.
Score 5 out of 10
Vetted Review
Verified User
Incentivized
We used it for pre-release scans of our products each month. It was used by the Information Security team who would help the Development teams to ensure that products are bug-free before they get released to our customers.
September 12, 2020

Beware of Qualys

Score 3 out of 10
Vetted Review
Verified User
Incentivized
We currently use Qualys for threat detection and penetration testing on several of our SaaS solutions. We also install the cloud agent on every workstation. Only the IT and IS departments have access to the admin console. The business problem that it addresses is vulnerability scanning and increases the hardening of our critical systems.
March 04, 2020

Happy Qualys user.

Score 9 out of 10
Vetted Review
Verified User
Incentivized
We are using Qualys to monitor all our infrastructure residing in both AWS and Azure infrastructure. We also monitor web URLs. This is used by both IT and operations. We periodically run the scans and get the reports and make sure all the systems are in line with our security policies. As a result of this we are able to correct any violation almost immediately especially around the new resources that are continuously created.
January 15, 2020

Delivers as intended!

Score 8 out of 10
Vetted Review
Verified User
Incentivized
We installed Qualys Policy and Compliance approx. 1 year ago in order to help automate our assets security configuration profile and be alerted when something deviates. This helps keep our yearly attestations in check with minimal manual research. This aids in not only compliance but greatly increases our security posture by alerting when an IT administrator or client support staff install something outside normal approved software.
Score 7 out of 10
Vetted Review
Verified User
Incentivized
We use Qualys as the main vulnerability scanner. It is used to scan the on-premise devices such as servers, switches, etc.
We have several scanners deployed in different locations in order to cover all sites, and scheduled scans that run on a periodic basis.
Qualys helps us to prioritize the mitigation, it includes not only OS patches, but also 3rd party software.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
It is being used both across the whole organization, as well as at the department level. It is the platform used. It is used mainly for vulnerability scanning endpoints on the network, and then remediating those vulnerabilities. It is also used by some do do reporting and tracking of vulnerabilities. Internally, we mainly use it to scan individual computers, and well as groups of computers within a certain department. With regards to the vulnerabilities, we can determine if patching is needed on the endpoints.

It addresses the business problem of helping to secure networks from intrusions and vulnerabilities. It helps IT see what computers on the network has vulnerabilities, and offers them an opportunity to remediate those vulnerabilities.
January 21, 2019

I love Qualys PC

Larry Sullivan | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
ResellerIncentivized
I am a Qualys Consultant, so we use Qualys Policy Compliance (PC) as a tool for clients and assist in the purchase and install of Qualys products. For the money I find Qualys to be the most sensible investment a small to medium-sized company can make.
Alex Waitkus, CISSP-ISSAP, OSCP | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We used the Qualys API and python to create rolling scheduled scans of every 2 weeks for every network for our organization. We first focused on critical and high vulnerabilities with direction to remediate or remove the system within 30 days. We saw a drastic reduction in number of attacks and compromises for systems across the enterprise.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We used Qualysguard to automate testing of our environment for vulnerabilities. We used several groups to run the testing some with longer and more extensive tests. Mostly this was done in two phases, once before a resource was deployed for use and then several times after over duration to ensure any vulnerabilities were caught.
Score 8 out of 10
Vetted Review
Verified User
Incentivized

At my current organization, Qualysguard is primarily used for discovery of assets and verification of secure configuration/patching by our security team. Our team is also assessing Qualysguard WAS to build into our secure development practices.

At my previous organization, we provided self-service capability for our engineers designing/building our products to perform their own infrastructure scans to identify security configuration flaws as early in the build process as possible. We also used Qualysguard for discovery of assets and verification of secure configuration/patching.

In both organizations, Qualysguard has added a ton of value.

Score 10 out of 10
Vetted Review
Verified User
Incentivized
As an enterprise wide vulnerability management solution, Qualys Private Cloud Platform has given us a very keen insight into our security posture both internally and externally. Like most global enterprises, our landscape is very diverse and the ease with which Qualys Private Cloud Platform embraced that landscape has made this a valuable tool indeed. From Windows to UNIX to NAS appliances, we have been able to bring everything into view.
Return to navigation