TrustRadius: an HG Insights company

Qualys VMDR

Score8.6 out of 10

34 Reviews and Ratings

Get a Demo

What is Qualys VMDR?

Qualys VMDR 2.0 with TruRisk gives enterprises visibility and insight into cyber risk exposure with the goal of making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure its true risk, and track risk reduction over time.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Qualys VMDR has to offer, as determined by TrustRadius' reviewers.
Based on 34 ratings of Qualys VMDR's features
View all features

Top Performing Features

  • Vulnerability Classification

    Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.

    Category average: 8.7

  • Automated Alerts and Reporting

    Systems in place to automatically alert, report, or notify of issues that may need timely remediation.

    Category average: 8

  • Vulnerability Intelligence

    Software that is able to label and store information about vulnerabilities to access for future use cases.

    Category average: 8.2

Areas for Improvement

  • Threat Intelligence Reporting

    Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)

    Category average: 7.7

  • Automated Threat Identification

    Leveraging multiple sources of information (such as threat intelligence databases) to automatically identify threats.

    Category average: 7.8

  • Authentication

    Authentication of users and services within a network to prevent vulnerabilities from being introduced to the network.

    Category average: 8.1

Reviews

What users are saying about Qualys VMDR.
View all reviews

The Swiss Army Knife of SecTools

Incentivized
Verified User
Director in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

The question to ask this is - what DOESN'T Qualys VMDR not do? Here are the widgets I have used: - Vuln scans of devices (server/PC/network) - Patch mgmt - Threat intel feed (with prioritization & use of MITRE) - Asset mgmt - PCI ASV onboard

Pros

  • Seamless reporting across the different widgets (i.e. TruRisk)
  • DEEP-DIVE into an asset's info/vulns
  • Baked-in PCI ASV scans that a Qualys QSA can approve

Cons

  • Add the container feature a little better
  • Less of use API's & more connectors to keep it simple for onboarding data
  • Agent for network devices - akin to what I get for server/desktop

Return on Investment

  • Taking the man-hours out & doing it with Qualys VMDR Vuln scans (i.e. CAPAT)
  • Same for patch mgmt
  • TruRisk gives super info on what your attack surface looks like

Usability

Alternatives Considered

Tenable Nessus, Metasploit, BeyondTrust Network Security Scanner and powered by Retina (Legacy)

Other Software Used

Tenable Nessus, Google Workspace, Google Cloud Platform

Vulnerability Management Detection

Mallayasamy kamatchiappanView profile
Infra cloud services in Information Technology at Infosys (5001-10,000 employees employees)

Use Cases and Deployment Scope

VMDR is using to identification, threat prioritization and patch management detection and EOL/EOS support detection.

Pros

  • Asset and inventory management
  • vulnerability management
  • threat prioritization
  • Patch management

Cons

  • High cost

Return on Investment

  • Patching and remediation
  • Real-time vulnerability and misconfiguration detection

Usability

A single guard on door with thousand hands.

Varun KhareView profile
Senior Analyst in Information Technology at Western Union (10,001+ employees employees)

Use Cases and Deployment Scope

Integration was one of our key challenges as we were going through a consolidation of many tools. Bringing everything together and getting visibility in one Qualys dashboard has helped us. To secure our IT infrastructure and manage all risks related to our assets in one place is very easy now. Now we can see everything related to asset on dashboard and take action quickly.

Pros

  • Cloud Security
  • Network Security
  • Infrastructure Security
  • Asset Management
  • Patch Management
  • Compliance
  • Reporting

Cons

  • Patch Management
  • Application Security
  • Ghost asset scanning

Most Important Features

  • Asset Management
  • Compliance
  • Cloud Security

Return on Investment

  • It Increases Visibility
  • It robust security posture
  • Sometimes Bit slow because of bandwidth

Alternatives Considered

Nessus

Other Software Used

Rapid7 InsightVM, Tenable.io

Qualys VMDR is a MUST for any large IT Department!

Incentivized
Verified User
Technician in Information Technology (51-200 employees employees)

Use Cases and Deployment Scope

In our organization we use the Qualys VMDR cloud solution in order to compliment our asset management team in recognizing vulnerabilities with our assets, collect information on our our IoT assets, and analyze risk with a proactive approach. In our line of work we focus highly on ensuring cybersecurity risks are at an all time low and Qualys VMDR reports help with that immensely as we have such a large environment.

Pros

  • Qualys VMDR automates the remediation process for risks without code.
  • Scans and detects all of our assets whether they are IT or IOT
  • Analyzes our environment for misconfigurations and measures risk against industry benchmarks

Cons

  • Qualys VMDR can definitely improve on its reporting of assets as we have caught devices not captured in the Qualys VMDR scans.
  • We would like to see an improvement on the dashboard interface as it is faulty sometimes.
  • Qualys VMDR should focus on more competitive pricing as it is very expensive.

Most Important Features

  • Automated risk remediation
  • Report comparisons to industry benchmarks allow us to fortify at an enterprise level.
  • Give visibility of what devices and assets have exposure to the internet to help reduce cybersecurity risks.

Return on Investment

  • The Qualys VMDR reports allow us to be proactive in mitigating risks which is an immediate positive ROI
  • With the asset scans we are able to see which devices we own and which ones are no longer in our environment and we can realize cost easier.
  • It helps us prevent cyber security attacks which also provides a great ROI as we lower the chances of outages.

Alternatives Considered

Syxsense Secure

Other Software Used

Microsoft Azure Active Directory, Microsoft Power BI, Domo

Qualys VMDR detailed review

Incentivized
Verified User
Consultant in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We have a big customer which has over 2 million devices to manage and it is a very complex infrastructure. Qualys VMDR did come in handy to manage vulnerability aspect of management. Its is very good tool to use and easy to learn. It has wide set of functionality with role management as well in place.

Pros

  • vulnerability detection
  • updated CVEs and support from product
  • Reporting
  • Scheduling tasks

Cons

  • Asset Management
  • Custom Reporting option
  • More options on the dashboard customization

Most Important Features

  • Reporting
  • Asset Management
  • Visibility into the vulnerable assets at a glance

Return on Investment

  • Faster patching
  • Easy reports for multiple teams to work in coordination
  • Solutions to patch vulnerabilities

Alternatives Considered

Tenable.io

Other Software Used

Akamai Bot Manager, Akamai Kona Site Defender, ServiceNow IT Asset Management, Salesforce CMS

Related Products

Products similar to Qualys VMDR that may also meet your needs.
All comparisons
Rapid7 InsightVM
CompareLearn more
Vulcan Cyber (discontinued)
CompareLearn more
Hackuity
CompareLearn more