Item: Qualys TruRisk Platform
Rating: 9
Author: Alan Matson, CCNA:S, MCP

Use Cases and Deployment Scope

We used Qualysguard to automate testing of our environment for vulnerabilities. We used several groups to run the testing some with longer and more extensive tests. Mostly this was done in two phases, once before a resource was deployed for use and then several times after over duration to ensure any vulnerabilities were caught.

Pros and Cons

User setup for multiple groups
Ease of automation, set it and forget it
Reporting features were a huge plus

Took time to learn the UI
Could be cumbersome for first time users
Not much online documentation that was useful

Return on Investment

I was not involved in the purchase but the personal ROI really helped make my job quicker and more efficient.

Alternatives Considered

Nessus, Nmap and Metasploit

Qualysguard gave us the tools we needed that were benificial to our job without us having to do too much manual interaction such as with Nmap, Metasploit , etc. It was a very efficient platform that I would go to again.

Other Software Used

Nmap, Metasploit

Likelihood to Recommend

Of many of the other vulnerability testing suites I used, this offered the most robust features and, once you learned the UI, was a go-to tool. The reporting was very nice for not only us technical but for reports for management as well that were easy to understand and prioritize fixes.

The better vulnerability management tool

Overall Satisfaction with Qualysguard