Beware of Qualys
September 12, 2020

Beware of Qualys

Anonymous | TrustRadius Reviewer
Score 3 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Qualys Policy Compliance (PC)

We currently use Qualys for threat detection and penetration testing on several of our SaaS solutions. We also install the cloud agent on every workstation. Only the IT and IS departments have access to the admin console. The business problem that it addresses is vulnerability scanning and increases the hardening of our critical systems.
  • Penetration Testing
  • Threat detection
  • Vulnerability scanning
  • Difficult to use
  • Poor support
  • Hard to control threats on workstations
  • Overall negative impact leading to switching to a different product
  • No positive return to speak of
  • Only useful thing was penetration testing and vulnerability scanning
The VMware Carbon Black suite of products is highly superior than Qualys. This is what our organization has switched to and we couldn't be happier. It feels much more modern and easier to use/naviagte than Qualys. They also offer great threat detection on the end-user's workstations. It is a nice complete package.
I would rate the overall support for Qualys to be a three out of ten. It always took so long to get a response from their support team. It was also confusing on the proper workflow that was required to even submit a case to begin with. Would not recommend.
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.

Do you think Qualys Policy Compliance (PC) delivers good value for the price?

No

Are you happy with Qualys Policy Compliance (PC)'s feature set?

No

Did Qualys Policy Compliance (PC) live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Qualys Policy Compliance (PC) go as expected?

I wasn't involved with the implementation phase

Would you buy Qualys Policy Compliance (PC) again?

No

VMware Carbon Black Cloud Endpoint Standard (formerly Cb Defense), VMware Carbon Black Cloud Managed Detection (formerly cb threatsight), Virtru
It is well suited if you only need a tool that is going to be used for threat detection and penetration testing for your internal systems. It would be less appropriate if you are looking for a strong threat management system for end-user workstations. I would suggest looking elsewhere for that.

Qualys PC Feature Ratings

Common repository of GRC items
Not Rated
Risk management
8
Integration with Corporate Performance Management (CPM) systems
5
GRC policy management
Not Rated
Incident management
5