Try our new research platform with insights from 80,000+ expert users

Qualys VMDR pros and cons

Vendor: Qualys

4.2 out of 5

96 reviews
94% willing to recommend

Pros & Cons summary

Qualys VMDR provides robust vulnerability detection and automated remediation, enhancing security operations with efficient patch management and integration with platforms like ServiceNow. It features continuous endpoint monitoring and rapid vulnerability prioritization, backed by commendable technical support, though some users face slow responses and deployment complexities. Despite powerful capabilities, users report issues like time-consuming reports, false positives, and limited automation without additional modules, impacting its effectiveness for some buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys VMDR provides robust vulnerability detection capabilities and automated remediation workflows, which improve security operations.

It features efficient patch management and the ability to mitigate vulnerabilities automatically.

Qualys VMDR integrates seamlessly with platforms like ServiceNow for enhanced ticketing and system management.

It offers continuous endpoint monitoring and prioritization of critical vulnerabilities, aiding in swift remediation.

Technical support for Qualys VMDR is commendable, ensuring users have access to necessary assistance.

CONS

Qualys VMDR's support is often slow to respond and lacks timely updates for reported issues.

Running reports in Qualys VMDR can be time-consuming, taking several hours to complete.

Qualys VMDR struggles with accurately identifying vulnerabilities, resulting in false positives.

Deployment is complicated due to a lack of proprietary tools for agent deployment, necessitating third-party software.

Patch management is not automated within Qualys VMDR without purchasing an additional module.

Qualys VMDR Pros review quotes

ITSM & AntiFraud Consultant at a tech company with 51-200 employees

May 16, 2017

Vulnerability management is the most valuable one and it’s a must in every organization.

Read full review

Junior Information Security Analyst at Visma

May 21, 2018

Monitors workstations and servers for vulnerabilities and creates reports.

Read full review

RR

RaghunandanRaju

Senior Vulnerability Analyst at a comms service provider with 10,001+ employees

Oct 28, 2018

I find the most valuable features are the continuous monitoring. Even on premises, there is constant monitoring.

Read full review

Free Report: Qualys VMDR Reviews and More

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,082 professionals have used our research since 2012.

Information Security Engineer at a tech services company with 1,001-5,000 employees

Oct 28, 2018

It is a simple solution that makes scanning easy. You just give it a scheduled task, and it will do everything for you.

Read full review

MW

SecuritySpec783

Information Security Specialist at a manufacturing company with 10,001+ employees

Oct 28, 2018

It is quite easy to implement.

Read full review

Senior Information Security Engineer at a financial services firm with 501-1,000 employees

Oct 28, 2018

There are fewer false positives when using this solution.

Read full review

Information Security Officer at Zamil

Aug 29, 2019

They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability.

Read full review

Dr. SureshHungenahally

Chief Executive Officer at a consultancy with 1-10 employees

Sep 8, 2019

Technical support is fantastic.

Read full review

PK

Technology Security Expert at T-Mobile Polska (Deutsche Telekom)

Oct 10, 2019

The most valuable feature is the certificate management.

Read full review

reviewer1248798

Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

Dec 11, 2019

The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network.

Read full review

Show 10 more reviews (out of 77)

Qualys VMDR Cons review quotes

ITSM & AntiFraud Consultant at a tech company with 51-200 employees

May 16, 2017

One of the biggest issues from the clients' perspective is that all Qualys computing is on the cloud.

Read full review

Junior Information Security Analyst at Visma

May 21, 2018

Improve the API speed.

Read full review

RR

RaghunandanRaju

Senior Vulnerability Analyst at a comms service provider with 10,001+ employees

Oct 28, 2018

They have integrated with other third parties, but it is still not viable.

Read full review

Free Report: Qualys VMDR Reviews and More

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,082 professionals have used our research since 2012.

Information Security Engineer at a tech services company with 1,001-5,000 employees

Oct 28, 2018

The only improvement I can think of is on the implementation side. At times it is a bit slow.

Read full review

MW

SecuritySpec783

Information Security Specialist at a manufacturing company with 10,001+ employees

Oct 28, 2018

When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself.

Read full review

Senior Information Security Engineer at a financial services firm with 501-1,000 employees

Oct 28, 2018

I do not like that all of the data is stored on the cloud.

Read full review

Information Security Officer at Zamil

Aug 29, 2019

What we have found is that the solution is not closely tied with the patch management. It is okay with newer ones, like Windows 10 machines; it gives the correct patch. But for Windows 7 or Windows Server 2008, it does not give us the correct patch so we have to manually identify the patches. This is a major problem.

Read full review

Dr. SureshHungenahally

Chief Executive Officer at a consultancy with 1-10 employees

Sep 8, 2019

It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check.

Read full review

PK

Technology Security Expert at T-Mobile Polska (Deutsche Telekom)

Oct 10, 2019

The reporting in this solution can be improved.

Read full review

reviewer1248798

Sr. Manager, Vulnerability Management at a transportation company with 10,001+ employees

Dec 11, 2019

I would like to see this solution more developed and competitive in the Cloud space.

Read full review

Show 10 more reviews (out of 77)

Related questions

21

Qualys VM vs Tenable Nessus: Comparison

22

How does Tenable Nessus compare with Qualys VM?

55

How does Pentera compare with Qualys VMDR?

17

What are the main differences between Qualys VMDR and Tenable Nessus?

64

How inadvisable is it to use a single vulnerability analysis tool?

38

What are the benefits of continuous scanning for vulnerability management?

37

When evaluating Vulnerability Management, what aspect do you think is the most important to look for?

30

What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?

227

What are the main KPIs that need to be implemented to have better posture in vulnerability projects?

111

Which is the best vulnerability scanner tool?