Try our new research platform with insights from 80,000+ expert users

Qualys Policy Compliance pros and cons

Vendor: Qualys

4.4 out of 5

8 reviews
100% willing to recommend

Pros & Cons summary

Qualys Policy Compliance enhances security with automated threat detection and risk reduction. It facilitates enterprise policy definition, automates compliance checks, and offers easy-to-read reports and dashboards. While predefined templates simplify compliance, improvements in reporting, technical support, and policy creation are needed. Lack of clear CIS control mapping and a knowledge base can hinder users. Despite these challenges, its ability to assess asset compliance and display levels effectively is beneficial for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

QualysGuard Policy Compliance offers automation that detects real-time threats and decreases risks.

It allows defining enterprise policies and automatically checks compliance levels based on these policies.

The platform generates reports and dashboards, providing easy access to compliance levels.

QualysGuard Policy Compliance includes predefined templates for compliances, enabling straightforward application of requirements.

It provides valuable reporting and security checks.

CONS

Reporting needs improvement.

Technical support could be faster.

There is no clear mapping for CIS controls, making implementation challenging.

Policy creation aspect requires enhancement.

Improvement needed in CI/CD reporting and scan downloads from pods.

Qualys Policy Compliance Pros review quotes

Head of Information Security Department at a financial services firm with 201-500 employees

Mar 28, 2018

We have tightened our infrastructure using the solution and it's a safer environment from cyber crime and cyber attacks.

Read full review

VJ

Vladimir Jirasek

CEO at Foresight Cyber Ltd

Aug 8, 2022

It's a simple product.

Read full review

Bhupendra Nayak

Cyber Security Consultant at Confidential

Nov 22, 2023

The most valuable feature of QualysGuard Policy Compliance is the automation that can detect real-time threats and decrease risks.

Read full review

Qualys Policy Compliance

Free Report: Qualys Policy Compliance Reviews and More

Learn what your peers think about Qualys Policy Compliance. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,933 professionals have used our research since 2012.

BS

Beatrice Sirchis

Application Security Manager at IDB BAnk

Jul 23, 2024

The platform allows multiple features that are very useful. The first one is being able to define the enterprise policy. The second one is to be able to automatically check the compliance level based on that policy, and the third one is that it allows us to generate reports and dashboards to see the compliance level easily.

Read full review

AT

Cyber Security Analyst at a tech vendor with 10,001+ employees

Oct 10, 2024

The reporting and security checks are valuable.

Read full review

reviewer2201862

Information Security Engineer at a university with 1,001-5,000 employees

Feb 11, 2025

The solution's interface looks good, which enhances asset scanning and ensures automatic patching.

Read full review

reviewer2508633

Technical Security Solutions Architecture at a tech vendor with 10,001+ employees

Jun 17, 2025

From the Qualys Policy Compliance, the best feature is that they have predefined templates for compliances, allowing easy application of compliance requirements against our products and providing clear reports on whether assets are compliant or not.

Read full review

reviewer1906245

Information Security Analyst at a tech services company with 11-50 employees

Nov 17, 2025

The reason I decided to stick with Qualys is that for the past three years, we went through evaluating other tools, but Qualys was always our priority and always our first choice because of what it was offering as a platform.

Read full review

Qualys Policy Compliance Cons review quotes

Head of Information Security Department at a financial services firm with 201-500 employees

Mar 28, 2018

We are not entirely satisfied with technical support but it's not bad.

Read full review

VJ

Vladimir Jirasek

CEO at Foresight Cyber Ltd

Aug 8, 2022

The reporting needs improvement.

Read full review

Bhupendra Nayak

Cyber Security Consultant at Confidential

Nov 22, 2023

It would be good if the solution’s technical support could be faster.

Read full review

Qualys Policy Compliance

Free Report: Qualys Policy Compliance Reviews and More

Learn what your peers think about Qualys Policy Compliance. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,933 professionals have used our research since 2012.

BS

Beatrice Sirchis

Application Security Manager at IDB BAnk

Jul 23, 2024

There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides.

Read full review

AT

Cyber Security Analyst at a tech vendor with 10,001+ employees

Oct 10, 2024

The policy creation aspect needs improvement.

Read full review

reviewer2201862

Information Security Engineer at a university with 1,001-5,000 employees

Feb 11, 2025

Some sort of education or knowledge base about the product would be beneficial for beginners.

Read full review

reviewer2508633

Technical Security Solutions Architecture at a tech vendor with 10,001+ employees

Jun 17, 2025

They need to improve the reporting part of the CI/CD pipelines and the ability to download scans from pods.

Read full review

reviewer1906245

Information Security Analyst at a tech services company with 11-50 employees

Nov 17, 2025

There are a couple of vulnerabilities where the metrics that are already there and the way Qualys measures those metrics and labels them as critical, high, or low does not align with my understanding from a user standpoint.

Read full review

Product Categories

Product Categories

Popular Comparisons

Popular Comparisons

RSA Archer vs Qualys Policy Compliance

IBM OpenPages vs Qualys Policy Compliance

Diligent One Platform (formerly Highbond) vs Qualys Policy Compliance

Broadcom Control Compliance Suite vs Qualys Policy Compliance

eIQnetworks SecureVue vs Qualys Policy Compliance

See all alternatives

Product Categories

Product Categories

Popular Comparisons

Popular Comparisons

RSA Archer vs Qualys Policy Compliance

IBM OpenPages vs Qualys Policy Compliance

Diligent One Platform (formerly Highbond) vs Qualys Policy Compliance

Broadcom Control Compliance Suite vs Qualys Policy Compliance

eIQnetworks SecureVue vs Qualys Policy Compliance

See all alternatives

Related questions

78

What is your recommended automated audit software for internal and external audit?

36

SailPoint IdentityIQ vs. CA Identity Governance

31

What aspect does Symantec Control Compliance Solution cover in IT Governance, Risk and Compliance?

56

Why is Identity Governance and Administration (IGA) important?

10

When evaluating IT Governance, what aspect do you think is the most important to look for?

31

How many ISO norms do we have in the entire ISO27k security family standards?

12

Why is IT Governance important for companies?