Skip to main content
TrustRadius
Qualys TruRisk Platform

Qualys TruRisk Platform
Formerly Qualys Cloud Platform / Qualysguard

Overview

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide…

Read more
Recent Reviews

TrustRadius Insights

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, …
Continue reading

Qualys Review

8 out of 10
January 24, 2023
Incentivized
Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) …
Continue reading

Qualys strikes again

8 out of 10
January 20, 2023
Incentivized
Qualys Cloud Platform (specifically the Global AssetView module) enabled us to manage, view, and control all devices and endpoints in our …
Continue reading

Beware of Qualys

3 out of 10
September 12, 2020
Incentivized
We currently use Qualys for threat detection and penetration testing on several of our SaaS solutions. We also install the cloud agent on …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 12 features
  • IT Asset Realization (9)
    8.8
    88%
  • Web Scanning (8)
    8.8
    88%
  • Vulnerability Classification (7)
    8.7
    87%
  • Threat Recognition (7)
    8.3
    83%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

108 people also want pricing

Alternatives Pricing

What is Microsoft Defender for Endpoint?

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection…

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

Return to navigation

Features

Threat Intelligence

Features for categories that leverage threat intelligence in network security

8.7
Avg 8.2

Vulnerability Management Tools

Tools that focus on locating, identifying, and prioritizing vulnerabilities in a network that need to be patched.

8.5
Avg 8.5
Return to navigation

Product Details

What is Qualys TruRisk Platform?

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Qualys TruRisk Platform Video

Qualys Cloud Platform

Qualys TruRisk Platform Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Reviewers rate Automated Alerts and Reporting highest, with a score of 9.

The most common users of Qualys TruRisk Platform are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(86)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Qualys Cloud Platform provides users with a wide range of options to scan and manage vulnerability levels in applications and websites, offering detailed visibility into IT services. Users have successfully utilized the Qualys API and Python to schedule scans of their networks, focusing on critical and high vulnerabilities. This proactive approach has resulted in a reduction in attacks and compromises across the enterprise. Additionally, the integration capabilities of Qualys Cloud Platform have proven valuable for users consolidating multiple tools, providing a unified dashboard for better visibility and management of their IT infrastructure and risks.

One key use case of Qualys Cloud Platform is policy compliance. Users have praised Qualys Policy Compliance for its ability to create policies, establish controls, and manage compliance across the organization. The user-friendly UI and unified dashboard aid decision-making for C-level executives. Furthermore, Qualys Cloud Platform has been used to continuously assess workloads in multi-cloud environments and ensure they align with security policies.

Vulnerability detection and prioritization are also critical use cases for Qualys Cloud Platform. It is relied upon by users for network security monitoring, web application monitoring, asset discovery, threat protection, and compliance monitoring. With a comprehensive view of network security and critical applications, users can determine the need for patching and effectively secure their IT infrastructure. The software's effectiveness extends to monitoring and managing diverse assets such as servers, switches, Windows, UNIX systems, NAS appliances, and web URLs.

Another benefit of Qualys Cloud Platform is its automation capabilities for scanning and reporting tasks. This automation saves time while providing real-time awareness of security levels, vulnerability detection, and prioritized remediation needs. Users appreciate the user-friendly interface, organized asset management features, integration with Splunk, centralized logging for investigation purposes, as well as patching status monitoring. Overall, Qualys Cloud Platform equips organizations with the necessary tools to protect their IT infrastructure—such as data, applications, endpoints—and achieve compliance while streamlining security processes.

Informative Reports: Many users have praised the informative reports generated by Qualys Cloud Platform. Several reviewers have mentioned that the platform provides detailed and comprehensive reports, allowing them to easily identify security vulnerabilities in their systems. This feature has been highly appreciated by a significant number of customers.

Accurate Vulnerability Identification: The platform's capabilities in accurately identifying security vulnerabilities have been lauded by numerous users. Reviewers have highlighted that Qualys Cloud Platform effectively scans and detects potential weaknesses in their systems, providing them with reliable information to address these issues promptly. This aspect has received positive feedback from a substantial portion of customers.

User-friendly Interface: A considerable number of reviewers have commended the user-friendly interface of Qualys Cloud Platform. Users appreciate how easy it is to navigate through the platform and access different features without any technical difficulties. This intuitive design has made it convenient for many customers to use and maximize the benefits of the platform.

Complicated Program: Some users have found the program to be complicated and challenging to navigate, requiring intuition to execute tasks effectively. This complexity can make it difficult for new users to quickly understand all of its functions.

Messy Interface: Users have mentioned that the interface is cluttered and lacks clear organization, making it hard to find the options they need. The disorganized layout can lead to frustration and inefficiency in navigating the program.

Lack of Customer Support: Several users expressed dissatisfaction with Qualysguard's customer support, citing slow response times and missed SLAs. Prompt and efficient support is crucial for users when encountering issues or seeking assistance, but some felt let down by their experiences with Qualysguard's support team.

Users recommend using Qualys for security purposes, such as security validation and vulnerability assessment. They have found that Qualys does a solid job of detecting network vulnerabilities and reporting on them. Some users specifically recommend deploying agents on all endpoints and doing authenticated scans with Qualys to improve the accuracy of the results.

Users advise exploring product trials carefully to understand where Qualys might fall short of expectations. While many users find Qualys to be a valuable tool for security improvement and business analysis, they also note that it has a learning curve and can be difficult to set up initially.

Users mention that Qualys is more expensive compared to other products on the market but still worth the investment. They recommend integrating Qualys into the workflow of security scanning and highlight its functionalities and inbuilt features as reasons to choose it. Some users also suggest improving customer support for Qualys as an area of enhancement.

Overall, users strongly recommend Qualys as a reliable tool for security assessment, especially for enterprise organizations where vulnerabilities can have serious consequences for the business.

Attribute Ratings

Reviews

(1-25 of 25)
Companies can't remove reviews or game the system. Here's why
January 24, 2023

Qualys Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • OS inventory
  • Updated Database
  • Vulnerability Addressed
  • Reports should be improved
  • Knowledge Base (forums)
  • documentation
Henry Coronel | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • One of the main features that I like about this program is the multiple options and powerful functions that I have at my fingertips to strengthen the security of my system.
  • Qualys Cloud Platform is a great program that gives the opportunity to all its users to keep track of each of the processes on the web, complying with the mandatory policies and manipulating the least risky applications.
  • Thanks to the support of this program, all my commercial projects on the web are entirely safe; Qualys Cloud Platform will take care of avoiding each of the threats on the web.
  • This program is really complicated, the multiple functions that are presented to us are not very clear and in some cases, it is a matter of intuition to execute a function, it is not very informative.
  • The interface of this program can be a real problem; for our taste, this program looks a bit messy, and the interface does not help or guide you to find the options you need.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • automated web application scanning
  • automated reporting
  • cloud asset management
  • remediation guidance
  • 2fa options are too limited right now
  • adding domains and networks needs a better and easier way
  • discovery and scanning setup could be better integrated
  • not all modules integrate well with eachother
Score 7 out of 10
Vetted Review
ResellerIncentivized
  • Real time threat protection, with alerts & remediation
  • Total visibility into the security of our organization via a single-pane
  • Easily scalable for additional infrastructure, end users, and policy updates
  • Customer support tends to be slower, often leading to the tail end of guaranteed SLA's
  • Major downside is that QCP charges you for each scanner, leading to high cost
  • False positives can end up wasting more time, rather than saving it
Rahul Deshmukh | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Controls Management.
  • Unified dashboard for security posture.
  • Organization security policy effectiveness.
  • Ease of configuration.
  • Some of the tasks to select sensors can be automated.
  • Controls customisation can be improved.
  • Technology support can be improved.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Patch management
  • Scanning the assets
  • Maintaining option profile
  • Reporting service
  • Reporting service should be available in excel or csv mode
  • Panel for vulnerabilities by category in dashboard
  • Integrated with splunk to monitor the status of missing patch
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Internal & external vulnerability management
  • Visibility of cloud security configuration issues
  • Completion of PCI ASV requirements
  • Cheaper entry-level offerings for startups and SMEs
  • Static, dynamic and third-party software security scans
  • Redesign user interface to be more intuitive and responsive, with a consistent user experience across all components of the platform
Score 5 out of 10
Vetted Review
Verified User
Incentivized
  • Scan configurations were quick and easy.
  • Offers wide range of settings for more targeted scans
  • Informative reports
  • Navigation is pretty complex and involves a lot of pages to click through
  • Redundantly scans pages in vain with little to no modification in the alphanumeric query parameter values
  • Scan duration and coverage
September 12, 2020

Beware of Qualys

Score 3 out of 10
Vetted Review
Verified User
Incentivized
  • Penetration Testing
  • Threat detection
  • Vulnerability scanning
  • Difficult to use
  • Poor support
  • Hard to control threats on workstations
March 04, 2020

Happy Qualys user.

Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Ease of use.
  • Continuous and comprehensive monitoring.
  • Good reporting and alerting mechanism.
  • Seemless JIRA Integration.
  • Automated intelligence to identify and report common issues for a company.
January 15, 2020

Delivers as intended!

Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Reporting - Qualys PC does a fantastic job in this arena. Reports are easy to customize and decipher.
  • Very nice and easy to read dashboard.
  • It's unfortunate that Policy and Compliance is an add-on to their Vulnerability scanning platform.
  • The GUI could be a little less complicated.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Really good and up to date vulnerability database
  • Good reporting capabilities
  • PCI ready
  • Price tag
  • Have the license based on live IPs, not on entire subnets, so then you pay for the exactly amount of servers you have.
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Cloud-based management.
  • Detailed info about the findings: reason, effect, risk, mitigations, etc.
  • Clear UI.
  • Additional modules can be added to the same management interface.(single point of management).
  • Notices some findings which were not clear why they appear(suspected false positive).
  • Working with Qualys support(for example due to the previous point) wasn't the best experience. the response was very slow.
  • Qualys limit the daily API requests. In case you need more, it will cost.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • It really does well at vulnerability scanning, which it is well known for. It's accuracy at finding vulnerabilities is top notch, more so than a lot of other vulnerability tools out there. In an organization/company you want this kind of accuracy at finding vulnerabilities in your network/endpoints
  • It is very good at managing endpoints on a consistent basis, meaning you can add endpoints to Qualys and have the platform scan/track/protect for vulnerabilities on an ongoing basis, without user intervention
  • It does really well at separating out and identifying what levels of criticality each vulnerability should fall into. This way, an organization/company can attack the more critical vulnerabilities first
  • Can be slow at times, namely when scanning endpoints. Scans can take a while, and results may not be immediately known
  • For IT personnel that have never used Qualys before, it can take some time to learn the platform, and how to actually use it. Some sort of training or consulting documentation on the product would be beneficial, as it's a more complicated platform
  • Automatic password resets for user/admin login to the platform can be frustrating, as this can happen occasionally, without user/admin awareness
  • False positives can also be detected, sometimes at a high rate. Need to lessen that as much as possible
January 21, 2019

I love Qualys PC

Larry Sullivan | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
ResellerIncentivized
  • Attestation is so easy with Qualys. I find this one feature makes the investment worth the cost
  • Ease of use. Within an hour of first installing, a person can be running compliance tests without a hitch.
  • Great training materials and support. I have never had to take more than twenty minutes to solve a problem either through support or the forums.
  • You must learn the terminology which can cause problems but is a minor thing.
Alex Waitkus, CISSP-ISSAP, OSCP | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • API Task scheduling and configuration
  • Threat database updates through authenticated scanning of Windows and Unix operating systems
  • Reporting capabilities
  • The API query can only support limited number of connections in a time period without calling support to request more, I would suggest removing that limitation.
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • User setup for multiple groups
  • Ease of automation, set it and forget it
  • Reporting features were a huge plus
  • Took time to learn the UI
  • Could be cumbersome for first time users
  • Not much online documentation that was useful
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Discovery of assets on a network.
  • Identifying infrastructure security configuration flaws for a number of different OS types.
  • Easy UI to navigate.
  • Easier way for VM scan custom profile management. A way to determine if there are duplicate scan profiles created to reduce redundancy with multiple administrators.
  • This may have been addressed, but my previous organization had a lot of difficulties integrating Qualysguard with RSAM.
  • Add trending over time capabilities to dashboard.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • The first benefit is actually in the vendor. Qualys provides free instructor-led training.
  • Ease of use in a diverse environment.
  • The Qualys Private Cloud Platform has a complete suite of reporting capabilities so you can use your data quickly.
  • The way that devices are catalogued can be tough in a DHCP environment.
Return to navigation