Qualys CyberSecurity Asset Management Reviews

We use Qualys CyberSecurity Asset Management mainly for asset management consolidation because we are using different tools. We have around 256 locations and 480 sites. We have created multiple platforms and are managing all the assets through Qualys CyberSecurity Asset Management.

We primarily focus on discovering and assessing vulnerabilities in internet-facing assets, web servers, and cloud services. Our activities include DNS enumeration, web crawling, and enhancing transparency in our processes. In the automotive sector, we also work with IT and OT devices. We assess the vulnerabilities of critical assets based on their contributions and potential exploits related to physical security. Our team checks for payload validations and actively monitors for exploitation attempts.

Additionally, our software team continuously monitors asset vulnerabilities, feeding this information into our Security Information Management (SIM) and vulnerability management systems, as well as Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) platforms.

The main thing I appreciate about Qualys CyberSecurity Asset Management is the cloud environment while tracking software and zero-day vulnerability risk, alongside asset discovery and tagging, as well as attack surface management. This is mainly focused on hardware and software assets across all on-premises and cloud environments, where we are tracking the lifecycle states and identifying vulnerabilities and everything related to risk management.

Integration of Qualys CyberSecurity Asset Management, particularly with ServiceNow, takes a very long time, and it needs prioritization of patch rules based on vulnerability risk. It should support complex environments, including MSP domains and multi-tenant setups.

The initial setup can be complex and requires coordination between IT and security teams, as API integration takes significant time. We have faced limitations on patch frequency control and legacy system support multiple times.

Additionally, the discovery elimination for unknown assets in CSAM should be enabled, as the discovery platform didn't segregate values properly when we are doing IT and OT assets. Furthermore, effective integration with CMDB such as ServiceNow for asset synchronization and a strong classification of risk scoring needs to allow us to focus on high-risk assets.

I have been using Qualys CyberSecurity Asset Management for around eight months.

We haven't observed any significant issues in the service. There were some issues about six months ago, but since then, it's been fine. Occasionally, we experience slowness, which might be a network issue on our end, but we only faced slowness once in the last six years, and that issue was addressed effectively.

We have a ticketing system in place and an internal team. Additionally, we have a technical account manager assigned from Qualys. Whenever we need support, we coordinate directly with this manager, and the Qualys support team assists us as needed, which happens occasionally.

I am happy with the quality and speed of the support provided by Qualys. We frequently reach out for support regarding different applications such as vulnerability management and web application scanning, especially given that we use multiple solutions for various clients. The support includes telephone availability, live chat options, and a solid support ticketing system. Additionally, the certification provided by Qualys has been beneficial for my SOC team, helping them with demo training and certification programs. We escalate incidents through the customer support portal for ongoing support tickets.

Positive

We also use BeyondTrust and TrapX. TrapX is suitable only for a very limited range of assets. It is primarily designed for the IT sector and may not be appropriate for other industries, such as automotive or healthcare, where multiple devices are involved.

When working in a small environment, everything tends to run smoothly. However, in larger and more distributed IT environments, especially at the lower tiers, challenges arise in compliance tracking and asset visibility. Initially, when we deploy these systems, we face multiple difficulties, particularly in coordinating with the support team. We have a technical account manager in place, and I hope they can help us navigate these issues more effectively.

For initial setups in smaller environments, everything is manageable. However, when scaling up to larger and distributed IT environments, there are significant challenges. For instance, the processes for asset visibility and content stacking can be quite complex. Automated tagging and continuous updates are essential for reducing manual asset management and enhancing the vulnerability prioritization process. Currently, significant initial configuration is required, along with software categorization and detailed reporting. In our work with a client, we would have customer calls for deployments, which would often coincide with support calls. Unfortunately, the documentation provided was not user-friendly, making it difficult to check and follow the necessary procedures.

For vulnerability management, we have a good price. We have a solid deal in place for the first and second years. However, as we expand to multiple locations, the pricing varies. For some clients, we have been able to adjust the pricing downwards due to lower costs for certain applications.

The risk score and asset evaluation are primarily based on multiple factors, including the asset criticality score and the Qualys Detection Score (QDS) for vulnerabilities, as well as their severity levels. Additionally, we consider the Asset Criticality Score (ACS) to reflect the value of critical assets. The QDS is also used for the Common Vulnerability Scoring System (CVSS) base score and to assess exploits, while checking on the maturity level and mitigation controls in place.

I would rate Qualys CyberSecurity Asset Management a nine out of ten.

I use Qualys CyberSecurity Asset Management for vulnerability management and patch management, as it gives me a global view of our infrastructure, including what is installed and what assets we have. As we always say, before securing your infrastructure, you need to know what you have. I use Qualys CyberSecurity Asset Management to obtain this global view of our infrastructure.

I recently implemented external attack surface management and have not yet explored it extensively. I'm in the process of discovering its features over time; I began monitoring our subdomains and websites from an external view about a month ago. Therefore, I don't have a detailed answer regarding its effectiveness yet. I am still in the early stages of implementing the external attack surface management solution. We haven't reached a point to provide feedback or evaluate how well it has helped us discover any previously uncovered assets in the vulnerability management program. I am currently working on this and plan to present my findings to our IT leadership.

In addition to identifying vulnerabilities, Qualys CyberSecurity Asset Management monitors our infrastructure, including tracking certificates and user access to assets. This information is useful in our IT department for compliance purposes.

The TruRisk scoring feature of Qualys CyberSecurity Asset Management helps prioritize vulnerabilities and assets, offering more information than traditional metrics, where we usually focus only on severities four and five. By examining TruRisk, we find vulnerabilities of severity five that might not be as dangerous as they appear, allowing us to target the exact vulnerabilities we need to fix better than just relying on severity alone. However, not all IT departments may focus on TruRisk, as most tend to adhere to traditional approaches.

I utilize the CMDB sync feature in Qualys CyberSecurity Asset Management. I want to mention that previously, in my last position, we used traditional CMDBs, but now we synchronize the CMDB with Qualys. This correlation with other information in Qualys, the VMDR module, gives us better visibility and correlation between our asset inventory and our vulnerability inventory.

The correlation between the VMDR and CMDB in Qualys CyberSecurity Asset Management affects our meantime to remediation significantly. If there is a vulnerability in one software, the CMDB correlation can provide all assets with this vulnerable software, allowing us to deploy remediation efforts efficiently and focus on the exact assets that require attention.

One of the useful cases for Qualys CyberSecurity Asset Management is during compliance or audit missions, where we need to report on assets with specific software. For instance, if we need to confirm how many assets comply with our software whitelist, Qualys CyberSecurity Asset Management greatly assists us in obtaining these reports quickly and with enhanced visibility of information.

I mainly appreciate Qualys CyberSecurity Asset Management for its patch management capabilities, which are essential in my job for deploying patches and remediating vulnerabilities. While deploying patches, I utilize Qualys CyberSecurity Asset Management to identify exactly which assets are vulnerable and which require new software installations or updates. One thing I appreciate about Qualys CyberSecurity Asset Management is that it is user-friendly; the interface is easy to navigate, and it provides extensive information. Before using Qualys CyberSecurity Asset Management, I relied on multiple applications for information, but it consolidates all that information from different platforms into one solution.

Qualys CyberSecurity Asset Management continues to improve and get better day by day, particularly with enhancements dashboards. I encountered a few problems while using Qualys CyberSecurity Asset Management, particularly regarding software inventory management. I primarily check for deployed updates; however, sometimes both updates and software types appear together on one list, making it hard to differentiate. For example, when I review what's deployed on my laptop, I see Microsoft software, Windows updates, and other software mixed together, resulting in noisy reports. 

Additionally, I find that while information is available regarding which users have access to our servers, retrieving it often requires checking servers individually rather than obtaining a consolidated extraction when needed. These two use cases are beneficial, but improvements in these features would be greatly appreciated.

I have been using Qualys CyberSecurity Asset Management for two years.

The scalability of Qualys CyberSecurity Asset Management system is satisfactory. It is indeed scalable. 

I have previously worked with Qualys technical support, and they were quite helpful and responsive, providing us with the exact solutions we needed when we reached out for assistance. I would rate the tech support of Qualys a perfect ten out of ten for their performance.

Positive

I have worked with different solutions associated with the CMDB, and for patch management.

We utilize the cloud version of Qualys, which is hosted on AWS. I haven't been involved in the purchasing or initial setup of this part.

Regarding the deployment of Qualys CyberSecurity Asset Management, I did not work directly on the project. I typically find that the project is already completed, so my role involves deploying the Qualys agent. I think this process is smooth, as my colleagues who manage the project have not reported any significant problems.

To a colleague at another company who believes they only need external attack surface management for their vulnerability management and detection response program, I would advise them to fully utilize Qualys CyberSecurity Asset Management for a better experience. By using all its features, rather than limiting themselves to just external attack surface information, they can gather more comprehensive information that can enhance their job performance.

For organizations considering Qualys CyberSecurity Asset Management, my advice is to fully utilize all the features available to maximize the experience. By leveraging all information provided, IT professionals can enhance their operations since every detail matters, and more information generally leads to better outcomes.

I would rate Qualys CyberSecurity Asset Management an eight out of ten.

We use it to collect all software-related information, including external attack surface information. All of this information is validated here.

We were facing issues with collecting information about external facing assets and getting vulnerabilities for assets not managed by us. We also wanted visibility into particular IP address configurations or domain-based information. Qualys CyberSecurity Asset Management helps us with visibility into the assets that we do not know about or that someone is misusing.

Other than that, we are using it for software inventory purposes. We can see whether any unauthorized software is registered on any machine or whether any required security tool is not installed on the machine. We can also see if any specific assets are critical and if there is anything we need to focus on from a network perspective. From the portal, we can get all this information as a report.

The visibility into all the assets is the main improvement. We are able to see any new external-facing assets, as well as the assets that we do not manage. For example, for the asset that we do not manage, we could get information about a particular port being open on an IP address or operating system. It helped us with about 20% of our assets.

Management of unmanaged assets enhances the organization's risk assessment capabilities.

The TruRisk mechanism helps us in some scenarios by giving an asset criticality score. It helps us focus on critical assets.

Qualys CyberSecurity Asset Management helps us identify any end-of-life software or unmanaged assets. With the CAPS mechanism, the Qualys agent can validate unmanaged assets and provide information.

Authorized and unauthorized software visibility is the best feature for me. It helps me understand security controls on our network and where we lack visibility. With a single security tool, we are able to get an extensive list. 

Additionally, I can verify version controls and port details for major applications.

There can be further simplification to reduce the overall noise and provide ESAM-related data. Some data modification might also be required, but that is not as critical as noise reduction.

I have used Qualys CyberSecurity Asset Management for over three years.

Its stability is good. I do not have an issue with it. I would rate it a ten out of ten for stability.

Its scalability is good. I would rate it a ten out of ten for scalability.

We are located in different countries. It is being used by our admin team with more than 50 people.

I would rate their support a nine out of ten. We might not always get a good solution. We might get only a workaround.

Positive

From the start, I have been using this solution in this organization.

It is very easy for me to deploy. There is no complexity. 

Its implementation takes about a week, but it can vary.  

Being a SaaS solution, it does not require much maintenance. It has an uptime of 99.9%. It is working perfectly with the scheduled information.

It has reduced resources and the time spent on gathering and combining data from different tools into a single tool. It used to be a tedious job, but it has now been reduced with the single software.

I would recommend this solution if you want a unique software to collect all the inventory data and have information about the attack surface.

I would rate Qualys CyberSecurity Asset Management a nine out of ten.

We use it to gain complete visibility into our assets and monitor our security posture.

Our overall experience has been very good. It gives us a 360-degree view of our assets. It gives us the complete data such as the types of services running or applications installed. If an asset or software is end-of-life or end-of-support, it provides the status related to that. Apart from that, we get to know the ports and services that are running.

Previously, I did not have visibility over the complete inventory. Qualys CSAM gives me the complete inventory with the number of assets connected to the network. Based on the cloud agents that were deployed and remote scans, we can see the whole inventory in a single module. The CSAM module allows us to track the end-of-life or end-of-support status of the software on our assets. We get to know in advance that particular software is going to be end-of-life or end-of-support. Such a feature helps us to take action proactively.

It gives visibility into the domains or subdomains managed by my organization. I can track those very effectively. I can even perform lightweight scans which are completely managed or controlled by Qualys, unlike remote scans that are performed by the end user. It gives visibility into the vulnerabilities related to applications or assets on a real-time basis because these scans are performed once a day on a daily basis. With one click, the EASM module provides the domain names related to my organization. Qualys directly performs the scan and if any applications or assets are not in my CMDB because I missed updating the details, it highlights them, so I have complete visibility over my publicly exposed assets or applications.

It is able to discover different kinds of assets, such as web servers, DB servers, or application servers. It can identify network devices. I even have visibility over the devices managed by ISPs, and I am able to take action appropriately.

Asset tagging is one of the main features of the CSAM module. While creating asset tags or after creating asset tags, we can set the asset criticality. Based on the vulnerabilities identified in the assets, Qualys provides a detection or TruRisk scoring.

TruRisk scoring helps prioritize vulnerabilities and assets. This prioritization is very helpful for me. In an infrastructure with 300,000 assets, we might see millions of vulnerabilities in the assets. We need to prioritize vulnerability remediation because we cannot focus on remediating all the vulnerabilities at the same time. We can start with the assets that are critical in our organization. TruRisk scoring helps with that.

It makes us more secure and also helps us with our KPIs or KRI. We have had zero attacks since we enabled all the features in Qualys CSAM.

It fetches the asset details based on remote scans or the cloud agents that are deployed. With passive sensors, I am able to see the rogue assets that are passing through a particular switch wherever passive sensors are deployed. I can see what other assets are connected to the network. One of my goals is to identify the assets that are missing with the cloud agents so that I can get the cloud agents deployed and get them added to my asset inventory. Network devices obviously cannot be installed with the cloud agents, but at least I have visibility that these are the network devices, or these are the endpoints, or these are the servers, whereas rogue assets are a threat to the organization. They may even compromise other assets in the network, so with these passive sensors, I am getting complete visibility.

Even IoT devices can be scanned through these passive sensors. The passive sensors can read the configuration of the devices passing through a particular switch. Previously, I used to perform remote scans on IoT devices. This effort of performing the remote scan is minimized because these passive sensors are able to find the vulnerabilities related to any of the IoT devices by reading their configuration. This is another feature that is helping me as part of our operations.

The External Attack Surface Management (EASM) module, available within CSAM, is valuable. It helps track all the domains and subdomains related to our organization. It performs the discovery scans and provides the results of the domains or subdomains related to my organization. It also performs scans to identify any vulnerabilities, which helps to take proactive measures before those vulnerabilities are identified by any attacker.

The IoT or OT asset discovery feature is valuable. We can analyze the traffic that is passing through at the L2 switch level with the passive sensors. It provides information about any rogue asset connected to a switch or a network. We can see all the unmanaged or managed assets.

The ability to define a list of unauthorized software and create a rule to define software authorization is helpful. We have a diverse organization with a robust infrastructure of more than 300,000 assets. By creating unauthorized lists and rules in the Qualys CSAM module, I can block certain software from being used in the organization. When I create such a rule, I can see all the assets having unauthorized software installed. I can then immediately take action by blocking that asset or remotely uninstalling that particular software. Such actions can be taken directly from its interface when I have unauthorized software rules in place. This is an important and helpful feature for my organization.

The scanning function could be improved. Currently, in the EASM module, the scan frequency is limited to once daily, but allowing end users control over scan scheduling would be advantageous. Publicly exposed assets are very critical. If a remediation action is taken by the end-user or the auditor working on a vulnerability management program, that person must be given access to run the scan as and when required. This way they can immediately check whether that particular vulnerability is present or not.

Also, allowing more comprehensive scan configurations could be beneficial. The lightweight scan that it does is only based on the ports or services that are identified through the Discovery Scan. It would be helpful for the auditors to be able to run a more comprehensive scan.

Additionally, while downloadable asset information is available in the CSAM module, it lacks mapping of software to assets in a consolidated report format. For instance, if I want to download information about 100,000 assets along with the software mapped to those assets, this option is currently not available. If I download the SH details, it will have only the BIOS information, the serial number of the device, the hostname, the MAC address, and the IP address. Only these details are available. It does not give information about the software installed on those assets. The software mapping with assets is not given in a consolidated report. Enhancing this capability would elevate its usefulness.

I have been using the CSAM module for about four to five years. It was previously known as AssetView. We used AssetView for over 12 years and then shifted to using CSAM when it was introduced four to five years ago.

The platform is quite stable as it is able to handle data from various sources, such as cloud agents or the VMDR module. It has the EASM capability. It is pretty stable even though it holds a lot of data related to our assets or applications. I would rate it a ten out of ten for stability.

Scalability is impressive, supporting a myriad of features and substantial data from diverse modules. It offers a comprehensive view of asset management and is equipped to handle an extensive array of data efficiently.

Our organization has its presence in different geographical locations. We have about 300,000 assets installed with agents worldwide.

There are 50 to 60 people from the IT team and the information security team working with Qualys CSAM.

I am satisfied with their support. I would rate their customer support a ten out of ten.

Positive

I was using the AssetView module before migrating to Qualys CSAM. AssetView has very basic features. Other than the asset tagging feature, AssetView does not have other features available in Qualys CSAM, such as EOL detection and software version detection. 

Knowing the software version is very useful for me when any zero-day vulnerability is published. I can check the version of the software that is vulnerable to a zero-day CVE, and then with the Qualys CSAM module, I can see the assets that are using that particular vulnerable version. Without even performing the active scan, I can get visibility over the assets having vulnerable versions. I can then take the remediation action. This is the most important feature in the CSAM module as compared to AssetView. 

The initial setup was straightforward. Although I was not a part of the implementation team, I understand it did not take much time due to an efficient cloud agent deployment and network connectivity setup.

It does not require any maintenance from our side. There is almost zero-touch maintenance because it is a SaaS platform managed by Qualys itself. We might have to modify or create asset tags or dashboards. These are operational tasks that we might have to do on a regular basis. Other than that, no maintenance is required from our side.

The implementation involved a small team of about five to six members who collaborated with the Qualys vendor.

Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers.

I would highly recommend this solution to other users looking to enhance their asset inventory visibility. Asset inventory is the primary source of truth for any IT team or information security team. Qualys CSAM provides that visibility. With the integration of CMDB, you get even better visibility over the asset inventory. You also get EOL information about the assets and applications. These are the main reasons for recommending it. I am pretty happy with it.

I would rate Qualys CSAM a ten out of ten.

We use Qualys CSAM for information related to EOL and EOS applications. For the machines connected to Qualys CSAM, we have information about the serial number and hardware ID. We have some integration mechanisms with AD. All these helped us to make sure the agents and applications that we use are good enough to run in our infrastructure.

We have a mechanism called authorized and unauthorized applications inside our organization. Qualys CSAM helps us implement this by reporting unauthorized applications through pop-ups or alerts. This mechanism ensures that any unauthorized application is quickly identified, and appropriate measures are taken swiftly. The tool provides valuable insights into our infrastructure.

For external attack surface management, we have a configuration profile that we configure with the domain name. With this domain name, we get all the information from Qualys. They have integration with Shodan and their own scanning mechanism to get publicly exposed IPs or domains for our organization and its subsidiaries. 

It is a useful solution for us for IT-related or security-related activities. We get information about all the assets in our organization, and we also get to know if any ports are open or exposed to the Internet.

It helps us with risk prioritization. It highlights any vulnerabilities that are exploitable. We have various reports. We can see EOL or EOS software or any unauthorized applications. All these reports are triggered in a daily manner. We get the latest list every day. We can also use the dashboard.

In addition to the asset criticality score that we have configured, we have the TruRisk score. All this data helps us to prioritize the assets and vulnerabilities. 

The most valuable features of Qualys CSAM include the ability to manage authorized and unauthorized applications efficiently. This feature helps in validating applications and maintaining a secure environment. 

Additionally, Qualys CSAM offers comprehensive data, including serial numbers, BIOS information, and software details related to EOL and EOS. These capabilities are crucial for ensuring infrastructure readiness and security.

In my opinion, the area that needs improvement is the role-based access control (RBAC). The access privilege management needs to be more robust and streamlined to enhance user access management. Additionally, improvements to the user interface could be beneficial.

I have been using Qualys CSAM for one and a half years.

I would rate the stability of Qualys CSAM a ten out of ten. The agent-related stability is excellent, and we have not experienced any lags.

The scalability of Qualys CSAM is good. It is a SaaS platform. I would rate it a nine out of ten for scalability.

We have it at multiple locations and countries. We have multiple networks and subsidiaries. We have about 300k users.

The customer service is excellent. I would rate them a nine out of ten. Although there have been occasional delays in response time, the support generally addresses issues promptly and effectively.

Positive

I have only used Qualys CSAM in this organization and have not switched from any previous solutions.

We have a hybrid setup. The initial setup is straightforward, requiring a single code within an agent file, making the deployment process very easy.

Other than the upgrades, it does not require any maintenance from our side.

I would strongly recommend Qualys CSAM to other users because of its reliable detection logic and high level of support. We have not seen any glitches with it. In the case of any issues, we can get them resolved promptly, maintaining efficiency. 

I would rate the Qualys CSAM a ten out of ten for its overall performance.

I use Qualys CyberSecurity Asset Management for management, cycle life, analysis, cataloging, enumeration, classification, and remediation.

I am using Qualys CyberSecurity Asset Management for managing assets with Qualys and CMDB, along with business intelligence for classification and extraction for information classification. I analyze this data with TruRisk score to understand the impact on business and risk classification.

I use Qualys CyberSecurity Asset Management for looking at the network with a focus on Shadow IT. I examine network devices across the network using TruRisk score for criticality, classification, risk assessment, and cycle life in remediation.

I use Qualys CyberSecurity Asset Management for metrics to check the timeline for resolution of problems. With RSC and classification of IT and devices, this represents the best practice of business. I use the metrics for resolutions to prioritize risk score for remediation, mitigation, classification, and reporting to the CISO and the board members.

I manage the cycle life with Qualys CyberSecurity Asset Management to make the work easier in practice.

Qualys CyberSecurity Asset Management has excellent resources for asset management, and the C-SAM module is complete and powerful. It manages assets and their roles on the network, access, and classification.

The solution provides analysis and criticality with TruRisk score for management and Shadow IT detection. It creates visualization in the network for the business.

Qualys CyberSecurity Asset Management delivers positive impact through organization management visualization and control for statistics on cycle life and remediation and mitigation in application standards and business rules, such as PCI DSS, and other filters with the PC module and classification in Qualys patch for remediation cycle life.

In the best practice for categorizing assets with the C-SAM module in Qualys CyberSecurity Asset Management, I see potential for improvement with integration of other CMDB systems in creating a relationship with Qualys and other solutions. I would like to see improvements in the criticality score and TruRisk, along with KDS and those classifications for analyzing the real risk impact for business, and in the periodic checking of devices and networking.

I have been using Qualys CyberSecurity Asset Management for three years.

Qualys CyberSecurity Asset Management is stable.

The scalability of Qualys CyberSecurity Asset Management is acceptable and working well.

There are no problems with the customer support of Qualys CyberSecurity Asset Management.

Positive

Qualys CyberSecurity Asset Management is the principal solution I use currently. However, in other organizations, I have used other solutions based on different CISO perspectives and administrative cultures.

Regarding return on investment, I first look at the reality of the environment and the decrease in critical vulnerabilities with Qualys CyberSecurity Asset Management, which equals a positive return on investment.

Qualys CyberSecurity Asset Management is a perfect tool at a nine out of ten rating. A perfect tool does not exist, but I rate it a nine for its recurring increase in capability and the increase in expertise among Qualys specialists. The more expert the team, the better the results.

I work more in the organization in the on-premises environment with Qualys CyberSecurity Asset Management. I do not have difficulty, but it requires more organization for successful results. I am using only integration with AWS and Azure.

With specialists, I do not have concerns regarding price with Qualys CyberSecurity Asset Management. For me, it is only a matter of organization and the architecture implementation. My experience with Qualys is excellent. I would rate Qualys CyberSecurity Asset Management a nine on a scale of one to ten.

My current use cases for Qualys CyberSecurity Asset Management involve hunting for software that is end of sale or end of life. I also use it to identify where prohibited software is installed on a device. For example, I identify if software that shouldn't be on an endpoint exists. That includes the vulnerabilities associated with certain software.

Improve software inventory capabilities

What I appreciate most about Qualys CyberSecurity Asset Management is the inventory feature, where I can look up assets, software, applications, open ports, and similar items because it's very useful. For example, with assets, I can see all the devices that have the protection installed and access one of these endpoints to see all the information about it. On the software side, I can see a list of all software installed on all my platforms, referring to all my endpoints that have the client installed.

The comprehensive approach that Qualys offers is beneficial because it includes the TruRisk score, which summarizes all vectors influencing the risk of an asset. For example, it highlights exploitations for certain vulnerabilities and provides all the links if they are available or public. Furthermore, the integrated Threat Intelligence platform within the interface allows me to see if there's a trend for certain vulnerabilities and check if I have that vulnerability on my platform.

One downside of Qualys CyberSecurity Asset Management is that I would prefer to see a more interactive dashboard. For example, when I see unknown software in the inventory and try to get a list of assets with certain software, I have to go inside the software menu. If I could have something more interactive that doesn't require going inside multiple categories, it would help. Also, I think the filters should accept three or more queries together to get broader results. However, this could also be an issue stemming from my knowledge or lack thereof.

I have been using Qualys CyberSecurity Asset Management in this company for at least one to two years, but the implementation has been around for three years.

I have experienced a couple of instances with lagging, but nothing substantial that impacts reporting. There may be some delays on the dashboard, but nothing affects the functionality of reporting vulnerabilities from the endpoint.

The scalability of Qualys CyberSecurity Asset Management is significant because you can deploy it across physical endpoints, cloud enviroments and VDI using a configuration file. If someone uses Windows Server, they could use a GPO to deploy it. There are many options. I've seen large platforms with numerous endpoints and vulnerabilities, and that makes me think they have an impressive capability for handling large volumes, which is very scalable in my opinion.

I haven't contacted Qualys technical support or customer support because we have a team that possesses extensive information and they reach directly to the vendor.

Positive

In the past, I used some open-source solutions at another company, but I don't remember the name. I recalled using them occasionally, but they didn't have this kind of reach. The same principle applies; you install a client on the endpoint, and it reports to the server.

I find the initial deployment of Qualys CyberSecurity Asset Management overall easy, especially with support from the vendor and personnel who understand how to handle the integration and permissions with the firewall to allow traffic.

The initial deployment took around a month or possibly less to fully deploy Qualys CyberSecurity Asset Management for the first time, though I wasn't present during the implementation.

I don't have access to the pricing information, but I understand that Qualys CyberSecurity Asset Management is expensive compared to other brands or vendors, although the price is worth it.

I have the most experience with Qualys CyberSecurity Asset Management, VMDR, and CSAM, as well as CA. Besides VMDR, I also used the Threat Intelligence model extensively.

Regarding the CMDB Sync feature, I learned about it just a couple of weeks ago. Although we don't have the implementation, we would find it useful to share information from Qualys, such as vulnerabilities and all devices, and track the person in charge of a certain device by creating a ticket.

The TruRisk score is a very useful feature, as it summarizes all the factors influencing the importance of a vulnerability concerning an asset or an endpoint. It helps with the prioritization of remediation.

We have both the passive sensor and the cloud agent. We use the cloud agent by installing it on the devices, while the passive sensor allows us to detect devices that don't have the protection and can't have the protection, for example, the networking devices.

We don't manage maintenance for Qualys CyberSecurity Asset Management as it depends on the vendor because they sometimes deploy updates and upgrades, but nothing is required on our end.

On a scale of 1-10, I rate this solution a 7.

I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection and a couple of failovers while managing different networks across different segments.

I really enjoy the flexibility of the interface setup configuration for my network VLANs, which makes it very easy to configure. When I'm doing multi-inputs with internet providers coming in, it's very easy to manage and set up with very little effort.

The technical support is super responsive; I generally get a response within an hour, two hours, or three hours. I've only had to contact them maybe two or three times for very minor issues, but there's no issue there. I think it's very responsive.

I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating process. Knowing that you can't update any of the packages until you've done the actual operating system update can be a bit confusing. Beyond that, I don't have any major issues. There are generally some user interface updates and tweaks here and there, but that's a lower priority in my opinion.

I've been using it for about eight years in my career.

For stability, I would give it a 10; I have no issues there.

Scalability works well; I would say it's probably going to be a nine.

The technical support is super responsive; I generally get a response within an hour, two hours, or three hours. I've only had to contact them maybe two or three times for very minor issues. I think it's very responsive.

Positive

I've used Unifi primarily in the last couple of years, probably three years now, at a separate site. It's nice, but it's not nearly as configurable. Qualys CyberSecurity Asset Management software's ability to do VPN, both with regard to Tailscale and OpenVPN, is really very easy to use, whereas Unifi is not ideal. Their security is open by default versus Qualys CyberSecurity Asset Management, which is closed, which is always going to be preferable.

For an entirely new site, the initial deployment would take some time to configure and set up. If you're coming from an existing setup or configuration, you effectively export the configuration, upload it, and make some minor updates. Even with the booting environments, it's easy in that if you make a mistake, you can go back or revert to an existing experience. It might take some time, but it's not overly complicated. I would say it requires minimal effort, especially if there's a plan in place ahead of what the structure will be.

One person can do this type of deployment, but you're going to need to be testing. Honestly, it's not nearly as complicated as a larger, more legacy offering, so I think it's very easy.

I'm not entirely sure about the pricing; I don't know.

Qualys CyberSecurity Asset Management does require some maintenance on my end, such as manual updates in terms of releases. Checking those out, doing some testing, and confirming it looks good in a non-prod environment is not that complicated. Even again, if you do the boot states, it's easy to manage. They come out about every 12 months, and I know that's one thing against Netgate—that they're a little bit slower on development—but honestly, that's probably preferable because it's not constantly updating. My review rating for this product is 9.