TrustRadius
Qualysguard, from San Francisco-based Qualys, is network security and vulnerability management software.https://dudodiprj2sv7.cloudfront.net/product-logos/1N/CX/TQWNNZZX56H0.jpegQualysguard to improve the quality of your security postureWe used the Qualys API and python to create rolling scheduled scans of every 2 weeks for every network for our organization. We first focused on critical and high vulnerabilities with direction to remediate or remove the system within 30 days. We saw a drastic reduction in number of attacks and compromises for systems across the enterprise.,API Task scheduling and configuration Threat database updates through authenticated scanning of Windows and Unix operating systems Reporting capabilities,The API query can only support limited number of connections in a time period without calling support to request more, I would suggest removing that limitation.,8,ROI was noticed with reduction of compromises which required server downtime and incident response.,Nessus, OpenVAS and Nmap,Palo Alto Networks Next-Generation Firewalls - PA Series, Palo Alto Networks Threat Protection, Palo Alto PanoramaThe better vulnerability management toolWe used Qualysguard to automate testing of our environment for vulnerabilities. We used several groups to run the testing some with longer and more extensive tests. Mostly this was done in two phases, once before a resource was deployed for use and then several times after over duration to ensure any vulnerabilities were caught.,User setup for multiple groups Ease of automation, set it and forget it Reporting features were a huge plus,Took time to learn the UI Could be cumbersome for first time users Not much online documentation that was useful,9,I was not involved in the purchase but the personal ROI really helped make my job quicker and more efficient.,Nessus, NMap and Metasploit,Nmap, MetasploitQualysguard for Asset Discovery and Verification of Patching/Secure ConfigAt my current organization, Qualysguard is primarily used for discovery of assets and verification of secure configuration/patching by our security team. Our team is also assessing Qualysguard WAS to build into our secure development practices.At my previous organization, we provided self-service capability for our engineers designing/building our products to perform their own infrastructure scans to identify security configuration flaws as early in the build process as possible. We also used Qualysguard for discovery of assets and verification of secure configuration/patching.In both organizations, Qualysguard has added a ton of value.,Discovery of assets on a network. Identifying infrastructure security configuration flaws for a number of different OS types. Easy UI to navigate.,Easier way for VM scan custom profile management. A way to determine if there are duplicate scan profiles created to reduce redundancy with multiple administrators. This may have been addressed, but my previous organization had a lot of difficulties integrating Qualysguard with RSAM. Add trending over time capabilities to dashboard.,8,Provides the business the information needed to prioritize security requirements and secure appropriate budget. Provides self-service capabilities for users to perform their own scans. Provides visibility for asset discovery which was previously a difficult task.,Nessus and eEye,RSA Archer, Veracode, Burp Suite
Unspecified
Qualysguard
13 Ratings
Score 8.3 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Qualysguard Reviews

Qualysguard
13 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101
Show Filters 
Hide Filters 
Filter 13 vetted Qualysguard reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-3 of 3)
  Vendors can't alter or remove reviews. Here's why.
Alex Waitkus, CISSP-ISSAP, OSCP profile photo
August 25, 2017

Review: "Qualysguard to improve the quality of your security posture"

Score 8 out of 10
Vetted Review
Verified User
Review Source
We used the Qualys API and python to create rolling scheduled scans of every 2 weeks for every network for our organization. We first focused on critical and high vulnerabilities with direction to remediate or remove the system within 30 days. We saw a drastic reduction in number of attacks and compromises for systems across the enterprise.
  • API Task scheduling and configuration
  • Threat database updates through authenticated scanning of Windows and Unix operating systems
  • Reporting capabilities
  • The API query can only support limited number of connections in a time period without calling support to request more, I would suggest removing that limitation.
Qualysguard is well suited for all IT vulnerability scanning. Because of its noise (which is configurable) it is not recommended for ICS environments without customization.
Read Alex Waitkus, CISSP-ISSAP, OSCP's full review
Alan Matson, CCNA:S, MCP profile photo
July 29, 2016

Qualysguard Review: "The better vulnerability management tool"

Score 9 out of 10
Vetted Review
Verified User
Review Source
We used Qualysguard to automate testing of our environment for vulnerabilities. We used several groups to run the testing some with longer and more extensive tests. Mostly this was done in two phases, once before a resource was deployed for use and then several times after over duration to ensure any vulnerabilities were caught.
  • User setup for multiple groups
  • Ease of automation, set it and forget it
  • Reporting features were a huge plus
  • Took time to learn the UI
  • Could be cumbersome for first time users
  • Not much online documentation that was useful
Of many of the other vulnerability testing suites I used, this offered the most robust features and, once you learned the UI, was a go-to tool. The reporting was very nice for not only us technical but for reports for management as well that were easy to understand and prioritize fixes.
Read Alan Matson, CCNA:S, MCP's full review
No photo available
January 22, 2016

Review: "Qualysguard for Asset Discovery and Verification of Patching/Secure Config"

Score 8 out of 10
Vetted Review
Verified User
Review Source

At my current organization, Qualysguard is primarily used for discovery of assets and verification of secure configuration/patching by our security team. Our team is also assessing Qualysguard WAS to build into our secure development practices.

At my previous organization, we provided self-service capability for our engineers designing/building our products to perform their own infrastructure scans to identify security configuration flaws as early in the build process as possible. We also used Qualysguard for discovery of assets and verification of secure configuration/patching.

In both organizations, Qualysguard has added a ton of value.

  • Discovery of assets on a network.
  • Identifying infrastructure security configuration flaws for a number of different OS types.
  • Easy UI to navigate.
  • Easier way for VM scan custom profile management. A way to determine if there are duplicate scan profiles created to reduce redundancy with multiple administrators.
  • This may have been addressed, but my previous organization had a lot of difficulties integrating Qualysguard with RSAM.
  • Add trending over time capabilities to dashboard.
I've seen Qualysguard work really well for discovery, however you need to have good knowledge of your organization's network topology to ensure Qualys is able to access. In some cases you may end up requiring multiple appliances due to capacity or access contraints. Qualysguard is also very good for verifying patching, server hardening configurations, and other compliance requirements.
Read this authenticated review

Qualysguard Scorecard Summary

About Qualysguard

Qualysguard, from San Francisco-based Qualys, is network security and vulnerability management software.

Qualysguard Technical Details

Operating Systems: Unspecified
Mobile Application:No