Try our new research platform with insights from 80,000+ expert users

Qualys VMDR pros and cons

Vendor: Qualys

4.2 out of 5

96 reviews
94% willing to recommend

Pros & Cons summary

Qualys VMDR provides robust vulnerability detection and automated remediation, enhancing security operations with efficient patch management and integration with platforms like ServiceNow. It features continuous endpoint monitoring and rapid vulnerability prioritization, backed by commendable technical support, though some users face slow responses and deployment complexities. Despite powerful capabilities, users report issues like time-consuming reports, false positives, and limited automation without additional modules, impacting its effectiveness for some buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys VMDR provides robust vulnerability detection capabilities and automated remediation workflows, which improve security operations.

It features efficient patch management and the ability to mitigate vulnerabilities automatically.

Qualys VMDR integrates seamlessly with platforms like ServiceNow for enhanced ticketing and system management.

It offers continuous endpoint monitoring and prioritization of critical vulnerabilities, aiding in swift remediation.

Technical support for Qualys VMDR is commendable, ensuring users have access to necessary assistance.

CONS

Qualys VMDR's support is often slow to respond and lacks timely updates for reported issues.

Running reports in Qualys VMDR can be time-consuming, taking several hours to complete.

Qualys VMDR struggles with accurately identifying vulnerabilities, resulting in false positives.

Deployment is complicated due to a lack of proprietary tools for agent deployment, necessitating third-party software.

Patch management is not automated within Qualys VMDR without purchasing an additional module.

Qualys VMDR Pros review quotes

Security Compliance Analyst at a healthcare company with 501-1,000 employees

Aug 20, 2014

Once you are set up properly and have proper acceptance from support teams, device owners and senior management you can start to scan your environment much more often which increases your organizations ability to detect vulnerabilities more often reducing your overall vulnerability footprint and corresponding business risk.

Read full review

Consultant with 501-1,000 employees

May 31, 2015

Using the vulnerability management module you can track the list of vulnerabilities and can take action to remediate them.

Read full review

ITSM & AntiFraud Consultant at a tech company with 51-200 employees

May 16, 2017

Vulnerability management is the most valuable one and it’s a must in every organization.

Read full review

Free Report: Qualys VMDR Reviews and More

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,873 professionals have used our research since 2012.

Senior IT Security Analyst at a tech services company with 501-1,000 employees

Jun 8, 2015

We can now perform vulnerability scans with WAF integration, and the WAF has improved the vulnerability identification and reports to the SOC and CSO.

Read full review

Security Consultant at Cyber Intelligence Sdn Bhd

Jun 14, 2015

Use it. It is a great product.

Read full review

Linux Administrator at a comms service provider with 501-1,000 employees

Jun 16, 2015

Vulnerability scans are easily managed and maintained using Qualys.

Read full review

Technical Services Manager at a tech company with 10,001+ employees

Jun 16, 2015

I would definitely recommmend using this product, as this is very simple and yet an effective way to do vulnerability assessment.

Read full review

Manager Information Security at a healthcare company with 10,001+ employees

Jun 16, 2015

It has helped to automate the vulnerability management program, increasing the security posture and helped us to identify the security risks in our infrastructure.

Read full review

Customer Technical Leader for Galeries Lafayette at a tech company with 10,001+ employees

Jun 17, 2015

The top one for me is that the vulnerabilities are kept up to date.

Read full review

Manager System Security at a comms service provider with 1,001-5,000 employees

Jun 23, 2015

With QualsyGuard we have been able to achieve this by utilizing its modules, such as vulnerability management, policy compliance, web scanning, malware detection, and asset tagging.

Read full review

Show 10 more reviews (out of 77)

Qualys VMDR Cons review quotes

Security Compliance Analyst at a healthcare company with 501-1,000 employees

Aug 20, 2014

Ticket management

Read full review

Consultant with 501-1,000 employees

May 31, 2015

I can't say as I have worked mostly on its vulnerability management module.

Read full review

ITSM & AntiFraud Consultant at a tech company with 51-200 employees

May 16, 2017

One of the biggest issues from the clients' perspective is that all Qualys computing is on the cloud.

Read full review

Free Report: Qualys VMDR Reviews and More

Learn what your peers think about Qualys VMDR. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,873 professionals have used our research since 2012.

Senior IT Security Analyst at a tech services company with 501-1,000 employees

Jun 8, 2015

The IT infrastructure, especially server administration, needs to be improved.

Read full review

Security Consultant at Cyber Intelligence Sdn Bhd

Jun 14, 2015

Maybe the reporting features. It is too granular, so that if someone new wants to get familiar with it, they will have a hard time.

Read full review

Linux Administrator at a comms service provider with 501-1,000 employees

Jun 16, 2015

The reporting is lacking a little, and it would be nice to have reports sent via email.

Read full review

Technical Services Manager at a tech company with 10,001+ employees

Jun 16, 2015

The support needs to improve a lot, their response is absolutely slow.

Read full review

Manager Information Security at a healthcare company with 10,001+ employees

Jun 16, 2015

Web application security model needs some work.

Read full review

Customer Technical Leader for Galeries Lafayette at a tech company with 10,001+ employees

Jun 17, 2015

I’m convinced it could be possible to do a simpler interface.

Read full review

Manager System Security at a comms service provider with 1,001-5,000 employees

Jun 23, 2015

As users of Qualys for the last three years, we have identified and shared many areas where Qualys needed to have improvements, including vulnerability database having some false positives, web scan module requiring authentication to access basic web forms, asset tagging being a complex technique, and for policy compliance they need to add more leading IT standards for leading IT service providers like Juniper, Cisco, and Microsoft.

Read full review

Show 10 more reviews (out of 77)

Related questions

31

Qualys VM vs Tenable Nessus: Comparison

40

How does Tenable Nessus compare with Qualys VM?

49

How does Pentera compare with Qualys VMDR?

29

What are the main differences between Qualys VMDR and Tenable Nessus?

105

How inadvisable is it to use a single vulnerability analysis tool?

69

What are the benefits of continuous scanning for vulnerability management?

76

When evaluating Vulnerability Management, what aspect do you think is the most important to look for?

62

What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?

257

What are the main KPIs that need to be implemented to have better posture in vulnerability projects?

148

Which is the best vulnerability scanner tool?