Qualys Enterprise TruRisk Management Reviews

I mostly work on Qualys Enterprise TruRisk Management. I work in an organization where I use cybersecurity to address cyber threats and system vulnerabilities. We focus on keeping the systems away from attackers, ensuring the system stays up to date and healthy, and increasing the performance of the system. For that purpose, we use Qualys Enterprise TruRisk Management.

Qualys has multiple products, and the particular product we use is Qualys Enterprise TruRisk Management. As per your need, if you want to use Qualys Enterprise TruRisk Management for the assessment of vulnerabilities and only scanning, we use Qualys software for scanning the systems, taking out the report, taking out the remedies, and taking out the severity and compliances for these things. If someone wants to understand what purpose exactly they want to use Qualys Enterprise TruRisk Management for, it would be better to evaluate their needs. There are seven to eight other similar tools to Qualys Enterprise TruRisk Management, such as cybersecurity asset management, TruRisk management, vulnerability management, detection, and response. If they want to only take out the report for vulnerability management, detection, and response, that tool will be better. If they want compliance reports, remedies reports, severity reports, and everything that will impact their infrastructure, then Qualys Enterprise TruRisk Management will be better. Additionally, we can push the patch from Qualys Enterprise TruRisk Management to a particular system or server. If someone wants all things handled only by Qualys Enterprise TruRisk Management, they can go with the advanced version.

Qualys Enterprise TruRisk Management is quite good for analyzing and scanning the systems individually. It not only scans the system but also shows the hardware vulnerability as well. If there is any low hardware, for example, if there is one application running on DDR3 RAM, and the same application running on DDR4 RAM, it will show that this application will perform better on DDR4. It will be good or best to change your hardware. These kinds of things Qualys Enterprise TruRisk Management shows to us. For our infrastructure, it helps us understand how we can run our infrastructure smoothly without preventing any downtime. It also shows the remedies, such as how we can close those vulnerabilities, bugs, and loopholes if we find in our systems and infrastructure on our servers. It scans each and everything deeply. For example, if you just created a text file and you keep that file for one year, it will show you that file name, file path, and it will reflect as a vulnerability. It shows why this file was just left in your system for the last one year. Qualys Enterprise TruRisk Management is a very good software application to scan each and every vulnerability. Through that, it prevents the attackers from exploiting the systems, servers, or our data. It prevents data leaks in short.

Qualys Enterprise TruRisk Management has a few things that need to be enhanced. First, there is the issue of superseded patches. Superseded means if we miss the current month patch, for example, if we miss the January patch to deploy on a particular server, Microsoft includes January changes in the second month security patch, and then the second month security patch includes all things in March. For example, if we miss two month patches and we directly deploy the March month security patch on a system, the other two patches, such as January and February, will be closed. Superseded means these patches are not deployed on a system, but after the latest one, which we already deployed, the older one does not need to be installed or deployed on a system. Qualys Enterprise TruRisk Management takes a report of each and every vulnerability and shows that the January month patch was not deployed on a system and the February month patch was not deployed on a system. However, that is not a proper scanning method. If we have already deployed the latest patch that includes the older security things or older security parameters and the latest parameters, when we deploy that latest patch, why does Qualys Enterprise TruRisk Management show the older patches also in potential vulnerabilities? That is a main factor that should be improved from Qualys Enterprise TruRisk Management.

Second, the remedies provided by Qualys Enterprise TruRisk Management are sometimes not useful most of the time. In that case, we need to troubleshoot or find out the remedies by ourselves. The remedies will also be something that needs to be improved in the system or in the application.

We did not analyze or monitor any issues in our stability, performance, or crashes.

Qualys Enterprise TruRisk Management is scalable and flexible. It has multiple things for a particular need. For example, if we only want scanning, Qualys Enterprise TruRisk Management will provide that. Qualys Enterprise TruRisk Management has multiple products according to the infrastructure or the industrial demand. Whatever we choose as per our choice, we can choose, and in that application, such as Qualys Enterprise TruRisk Management that we use, we can add different plugins as well. It is flexible and scalable, and we can use it and modify it as per our needs.

We have already done technical support for Qualys Enterprise TruRisk Management so many times. Since we use it daily, I know much more than the Qualys Enterprise TruRisk Management technical supporter sometimes in some things. I would give out of ten around seven out of ten.

Positive

As a product and solution, Qualys Enterprise TruRisk Management is one of the best I have ever seen. Another solution I would mention is BigFix. BigFix is quite popular, and I would place that one in the first position and Qualys Enterprise TruRisk Management in the second position. Regarding the rating, Qualys Enterprise TruRisk Management is also better, but most of the features and things are more in BigFix. According to me, I would give eight out of ten for Qualys Enterprise TruRisk Management for all its features.

Qualys Enterprise TruRisk Management shows material impacts on security. For example, if we scan a UPI server from Qualys Enterprise TruRisk Management agent, it will show that if we are not going to update that UPI server, that UPI hardware, or that application, going forward, it will be risky to us. Anyone, even a small hacker, can exploit your server, lose your data, collect your data, and misuse it in a black market. Every parameter, small to small and high to high, each and every parameter Qualys Enterprise TruRisk Management identifies and shows in an alert way, functioning as a monitoring tool also. It shows the severity. If we are not going to close this vulnerability, then what will happen. Severity is there also. There are severity five, four, three, two, and one. If the severity is five, it is most critical, and that vulnerability needs to be closed as soon as possible.

In the current place where I work, they have their own infrastructure with multiple servers. We usually get a monthly report of vulnerabilities. The vulnerability count around monthly is approximately twenty thousand, thirty thousand, or more every month. We get a report from the Qualys Enterprise TruRisk Management department showing what the vulnerabilities are. We need to find out the most potential vulnerability. Qualys Enterprise TruRisk Management shows that the most important things are operating system related criticality, application related, and third-party application related vulnerabilities. It aggregates the most potential criticality in a severity. Severity means how critical this vulnerability is. There are numbers from one to five, with five being the most critical vulnerability. When we get a report, there is a column as a criticality tier. We usually filter it out with tier five, so all the vulnerabilities that are the most potential come up. For example, if I filter out with the five-tier, it usually shows around the most potential vulnerability count of one thousand or two thousand. This is not only for one server. We manage around eight hundred to nine hundred servers. We get a report every month for all servers' vulnerabilities, and it is approximately thirty thousand plus. It shows each and every potential critical vulnerability. We found two or three for each server. If we want to patch or deploy that vulnerability on each server, we need to take downtime. We have limitations to patch the servers each day. For example, in one day, we can patch fifty servers. If we want to patch five hundred servers, within ten days, we close that potential vulnerability by taking downtime as per the scheduled time. Mostly we take downtime at night for the deployment and patching those vulnerabilities.

Once we complete our side patching, as per the Patch Tuesday schedule when Microsoft releases their patches and security patches every second Tuesday, we do patches and close the vulnerability with the remedies Qualys Enterprise TruRisk Management shows you. After patching, we take a report and share with the security team that we have closed this vulnerability and kindly scan the servers for rescanning. After patching, we take a reboot, and then after reboot, we rescan the system. We ensure everything is as per the expectation or not, and we verify if the vulnerability is closed or not. We rescan all the systems, and after rescan, it shows the previous vulnerabilities are closed in our scanned system.

Confidence comes when we do practical validation. If due to some vulnerabilities or some bugs or some loopholes, attackers attack the servers and successfully collect the data, we do the root cause analysis to understand why the server got compromised or data got compromised. In that case, we learn that the particular server has not been patched since the last one month, two months, or three months. Due to that, till now, this kind of attack has not happened in our infrastructure because we make sure that every month patches should be deployed on that particular server within one month, thirty days. It prevents the situation in which if Microsoft releases one security patch with some enhancement in security, we deploy that. It is not that a particular patch has total one hundred percent security enhancement. Every patch has a loophole and security enhancement both things. If we patch the system and after then, attackers will try to find out the loophole in that particular patch. But once they find the loophole, before that, the second patch will be released by Microsoft, and the second patch will be deployed on that particular server by the patching team. This is how all things work. The attacker will not get enough time. That is why monthly patching is most necessary. We call it patching or vulnerability management.

Monitoring tools such as Zabbix provide real-time or active monitoring. Zabbix alerts provide alerts in different colors and criticality. For example, if there is one system that uses one hundred percent CPU utilization or memory usage, or disk space issue, these kinds of real environment monitoring will show. If you search some websites on Google, sometimes that website takes a long time to be visible on your device. That happens due to latency, and latency happens due to high memory utilization or RAM utilization. It is the time travel between the sender and receiver. When you send the request to the server, the server will give a response to you. The latency depends on read and write data. Zabbix is used for that. It enhances user experience, prevents downtime, and provides latest alerts. It monitors each and everything.

My overall review rating for Qualys Enterprise TruRisk Management is eight out of ten.

Primarily, I use Qualys Enterprise TruRisk Management for assessing the current posture of my infrastructure as I am responsible for vulnerability management for my organization. Qualys Enterprise TruRisk Management gives me a clear picture of the current status of vulnerabilities relative to different criteria across my various integrated servers.

I work in a regulated banking entity, so we are highly regulated. Most of our data comes from Qualys itself, making all data auditable from the standpoint of Indian regulators. Every data point that comes out of Qualys is auditable.

I work with Qualys Enterprise TruRisk Management, though we are not using Patch Management. Beyond that, we are using Vulnerability Management and Secure Configuration, which is the new name for Policy Audit in Qualys.

The most valuable function of Qualys Enterprise TruRisk Management is that it provides a clear picture of how my vulnerabilities across different servers can be categorized. I must provide input about servers and their criticality, but based on that information, it gives me a clear understanding of whether a particular vulnerability on my server needs to be fixed based on the proof of concept and attack vectors available in the market. Based on this, it provides me a scoring mechanism that tells me which vulnerabilities I need to patch immediately or which ones I can defer for a later time.

Qualys Enterprise TruRisk Management provides me with a QDS scoring mechanism, which has helped me identify which vulnerabilities I need to patch immediately. It also provides me with the criticality rating of each vulnerability. Understanding whether a vulnerability needs immediate action or whether I can take some time based on my current posture and available bandwidth has been instrumental.

The live threat intelligence updates in Qualys are good, with updates provided on the last Friday of each month. However, I am not satisfied with Qualys support. The response time is slower than needed.

I have raised only technical cases with Qualys. I am comfortable with the GUI and how they have defined it. However, I do require a certain level of technical input, and they take considerable time to provide responses. This typically misses the timeline or the criticality of the particular matter. After three years of working with Qualys, I am familiar with most aspects of the system. When the system misbehaves and I need to raise a case with Qualys, they take an extended amount of time to provide input. Even after that, the response time for scheduling calls to discuss and understand the issue is slow.

Overall, they are good. A few bugs once or twice per month is acceptable because no tool is perfect. My primary recommendation is to increase their technical support team to ensure that clients are not impeded or running back and forth. We only raise support when we need urgent assistance or when action needs to be taken immediately. Receiving a response three to seven days later does not align with our needs.

I have been working with Qualys Enterprise TruRisk Management for approximately three years.

I rate the stability of Qualys Enterprise TruRisk Management at eight point five out of ten because I occasionally find bugs that are frustrating, and I have already commented on the support issues. Overall, eight point five is a good rating.

I rate the scalability of Qualys Enterprise TruRisk Management at nine out of ten. Scalability is not a challenge. Since it is primarily an on-premises solution, I can simply scale it up as needed.

Regarding pricing, Qualys Enterprise TruRisk Management is a more costly product compared to what is available in the market. However, it does provide good features that justify the investment. My competitors, including Tenable, Rapid7, and other products, do not provide a good GUI function where I can actively track my vulnerabilities in real time. I always need to pull down a report in Excel and then work with the Excel file. With Qualys Enterprise TruRisk Management, I can work directly on the dashboard itself and ensure that all my servers are scanned within twenty-four hours or four hours according to my feasibility. Regarding its competitors in the market, I believe Qualys Enterprise TruRisk Management has a strong offering.

The GUI in Qualys Enterprise TruRisk Management is excellent. Although it is quite elaborate and may require some navigation, it is very familiar and easy to use. Compared to other solutions, the GUI is superior.

Positive

I have experience with competitors including Tenable, Nessus, and Rapid7. To be honest, they ask a high price, but they also provide certain functionality that other competitors do not. In the market, if you are pricing higher, that is what you can expect.

Overall, the initial setup for Qualys Enterprise TruRisk Management is good and straightforward. I have taken the SaaS model and am not discussing the on-premises model. I am working with the SaaS model. Scanners and QGS need to be deployed on-premises, which is straightforward. I only need to build a server and deploy the ISO. Qualys provides the SaaS model itself. Overall, if I go with the SaaS model, I would not find much difficulty or hindrance.

I set up Qualys Enterprise TruRisk Management on my own. It was not difficult. If I followed the official documentation, I could learn everything I needed. The process was straightforward.

I rate the pricing of Qualys Enterprise TruRisk Management as high, giving it a six out of ten.

Agentic AI is one of the models running in the background for Qualys. It is responsible for all vulnerability closures and vulnerability testing. All data collected by agents in the field is gathered and pushed into the Agentic AI model, which then processes that information and provides output based on proof of concept mechanisms or the MITRE ATT&CK pattern.

Based on my understanding, I have not found any false positives in Qualys Enterprise TruRisk Management. There are some vulnerabilities that might not be applicable to my environment or that I do not want to address, but there have been no false positives in my environment. In the last three years, I have only seen one vulnerability for which the patch was not released, but that was also a true positive. The only issue was that the OEM did not release the patch for that particular vulnerability.

My final score for Qualys Enterprise TruRisk Management is eight out of ten.

When a company needs to review and focus on all the vulnerabilities for their endpoints from actualizations or patches and all the programs they have installed, they need actualizations or to have this function available regarding the main use cases for Qualys Enterprise TruRisk Management.

The best features of Qualys Enterprise TruRisk Management are the capability to search and mitigate vulnerabilities from attackers in endpoints and focus on the preventive view of organizational security through virtual patching, making this function automatic for cybersecurity teams.

Qualys is a very good tool for companies, and the different tools this brand offers bring all the necessary tools for good development for these companies. Once it is set up, it works well.

Qualys has a new tool called Total AI, which requires review of the use and correct use of AI in companies and review and protection of the information that collaborators use in AI.

When a customer does not have control over vulnerabilities or architecture and needs a solution that automates this function for the company, it can be difficult to identify the vulnerabilities.

Because the case study is of the business model, I think identifying different vulnerabilities is not easy as companies need to be prepared to make decisions in time regarding what affects the business.

I focus on areas that could be improved with Qualys Enterprise TruRisk Management.

I have experience with Qualys for about one year.

This tool has good and excellent performance in the companies that we sell to in the last months for customers, so stability is evident.

Qualys Enterprise TruRisk Management is a scalable solution.

In the brand I work for, we have a very good team of many engineers who are prepared and certified with the levels of support for these tools from this brand, which helps me evaluate the customer service from Qualys or their technical support.

The level of support is a nine out of ten.

They provide very good support.

Positive

We used Tenable before switching to Qualys for this type of threat management.

The main differences between Tenable and Qualys is the model that brands use to consume the product; the licensing or size is different between Tenable and Qualys.

I speak a little English.

I have experience with Check Point solutions and Microsoft solutions.

I have a little experience with the product portfolio of Check Point, as I have worked with this brand in a product manager commercial profile.

I sold a project two years ago about Check Point Harmony SASE or SASE product.

In the last twelve months with Check Point, I have experience with the firewalls and Harmony Email, but not with SASE.

With the Maestro lines, I have experience, but not with Quantum Force, as I have worked with Maestro and Harmony Email.

With CrowdStrike, I have a little experience, something about five months.

I have worked with Qualys Enterprise TruRisk Management and VMDR.

In the cybersecurity view, I understand what is being said.

I cannot understand the TrueConfirm capability or tool.

I am not familiar with the term TrueConfirm for threat enrichment capability.

Qualys is a reliable tool.

It is beneficial so far because the market today needs to protect all these factors that use AI for taking confidential information from the company.

My profile is more commercial, but I know about the deployment of these tools being easy for companies to be prepared for this; however, a good assessment is necessary to review the architecture of the customer for a good chronogram and good time for the development of these tools.

For this tool, we do not need cloud deployment because it requires some server and deployment from the endpoints of the company, so I do not have this technical knowledge.

Qualys has a good price for the benefits of the development of this tool.

My overall rating for this review is nine out of ten.