Sold by: QualysÂ
Deployed on AWS
Risk-Based Vulnerability Management, Patch Management & end point protection
Overview
Industry leading risk-based vulnerability management solution (VMDR) & Patch Management, with Multi-Vector EDR with Antimalware
Highlights
- Comprehensive risk-based vulnerability management solution - Automate patching for cloud and on-prem assets (operating systems & 100+ 3rd party applications) - Consolidate IT and Security Tools for vulnerability assessment, remediation and ransomware protection
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
VMDR ProtectIT (64) | Package of 64 Hosts for VMDR ProtectIT | $880.00 |
VMDR ProtectIT (128) | Package of 128 Hosts for VMDR ProtectIT | $1,540.00 |
VMDR ProtectIT (256) | Package of 256 Hosts for VMDR ProtectIT | $2,750.00 |
VMDR ProtectIT (512) | Package of 512 Hosts for VMDR ProtectIT | $4,946.00 |
VMDR ProtectIT (1024) | Package of 1024 Hosts for VMDR ProtectIT | $8,381.00 |
VMDR ProtectIT (1536) | Package of 1536 Hosts for VMDR ProtectIT | $11,399.00 |
VMDR ProtectIT (2048) | Package of 2048 Hosts for VMDR ProtectIT | $14,168.00 |
VMDR ProtectIT (2560) | Package of 2560 Hosts for VMDR ProtectIT | $16,763.00 |
Vendor refund policy
Licensed Qualys customers should refer to their Service User Agreement (SUA) or contact their Qualys Technical Account Manager if they have questions about refund or cancellation policies which would apply to them.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
https://www.qualys.com/support/Â || US/Canada: +1 (866) 801-6161 (toll free) or +1 (650) 801-6161 || UK/Europe/International: +44 (0)1753 872102 || France: +33 1 41 97 35 81
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Qualys
By Rapid7
By Sophos
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Vulnerability Management
Risk-based vulnerability assessment and management across cloud and on-premises assets
Patch Management
Automated patching for operating systems and over 100 third-party applications
Endpoint Detection and Response
Multi-vector endpoint detection and response with integrated antimalware capabilities
Asset Discovery
Comprehensive discovery and assessment of IT infrastructure across different environments
Security Consolidation
Unified platform for vulnerability assessment, remediation, and ransomware protection
Attack Surface Mapping
Comprehensive visibility into security exposures across endpoints, cloud infrastructure, and application environments
Exposure Detection
Native and third-party telemetry aggregation for identifying vulnerabilities with high-fidelity risk context
Automated Risk Prioritization
Risk scoring mechanism that evaluates potential compromise blast radius and prioritizes remediation actions
Compliance Management
Automated discovery and enforcement of organizational security policies across hybrid environments
Integration Capabilities
Native no-code automation with over 450 integrations supporting security and ITOps tool ecosystems
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, and detect potential malicious activities with integration to AWS GuardDuty and SecurityHub
Endpoint Protection
Advanced agent-based protection against malware, fileless threats, and ransomware for Windows and Linux hosts in cloud environments
Threat Detection and Response
24/7 managed detection and response service leveraging telemetry from multiple security solutions including endpoint, firewall, network, email, and identity platforms
Cloud Workload Protection
Security agents designed to protect cloud-based Windows and Linux hosts against modern cyber threats including ransomware
Network Security
Cloud edge firewall solution providing network visibility, protection, and response across public, private, and hybrid cloud environments using cloud native, virtual, and physical appliances
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
-
-
Standard contract
No
No
No
Customer reviews
2
1 ratings
1 AWS reviews
|
24 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Nabanita Roy
Strong report clarity and efficient deployment but customer support needs faster resolution
Reviewed on May 22, 2025
Review provided by PeerSpot
What is our primary use case?
My main use cases for Qualys VMDRÂ are for server vulnerability and missing patches.
What is most valuable?
The most helpful and useful features of Qualys VMDRÂ are its user-friendly design.
Qualys VMDR is easy to understand and provides detailed reports.
It impacts my workflow overall, with the patch management features as it has the missing patches listed in detail, making it easier to get a comprehensive report and providing some dashboards that offer visual representation.
What needs improvement?
There were some issues later with Qualys VMDR regarding security, specifically with numerous false positive reports.
What was my experience with deployment of the solution?
It doesn't take much time to deploy Qualys VMDR. There is a process mentioned already on the website about how to proceed with the installation, so we followed that process.
How are customer service and support?
I am satisfied with the support of Qualys VMDR as they are supportive. However, there are sometimes issues where we cannot talk to customer support directly, and we have to raise tickets, which sometimes takes a lot of time to resolve issues because it goes through their own phase. We cannot change the SLA or the priority of the tickets, so that is an issue.
How would you rate customer service and support?
Positive
Which other solutions did I evaluate?
Our organization changed to something else due to a higher management decision, and that might be the reason for the change regarding the pricing.
What other advice do I have?
We are not using any AI features with Qualys VMDR.
Overall, I would rate Qualys VMDR as good, giving it an eight.
reviewer2588394
User-friendliness and effective prioritization improve remediation efforts
Reviewed on Mar 05, 2025
Review provided by PeerSpot
What is our primary use case?
We use Qualys VMDRÂ for daily vulnerability management, scanning vulnerabilities, identifying vulnerabilities, reporting, creating dashboards, and the whole vulnerability management process. We also use it for patch management.
What is most valuable?
What I find valuable about Qualys VMDR is the capability of the tool and its user-friendliness. It is easy to use and provides accurate results, which is exactly what we are looking for. The prioritization of vulnerabilities has improved our remediation efforts by around thirty to thirty-five percent. The tool's integration between Patch Management and other Qualys products is also indispensable.
What needs improvement?
They can tweak their UI since the new version seems a bit jumbled up, and the old UI was more user-friendly.
For how long have I used the solution?
I have been using Qualys VMDR for three years.
What do I think about the stability of the solution?
We find Qualys VMDR quite stable and have not faced any performance issues with it.
What do I think about the scalability of the solution?
I believe the solution is scalable.
How are customer service and support?
We usually get on calls with tech support, and they are very helpful. I would rate the technical support a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We worked with Nessus and Rapid7 before switching to Qualys VMDR. Qualys offers better pricing and more features compared to other tools. We did not find anything particularly missing from previous tools.
How was the initial setup?
The setup is straightforward and easy. We deployed scanners and agents on all our devices, configured the network, whitelisted policy scanners, and public URLs. Testing was conducted before deploying, and it went smoothly.
What about the implementation team?
We had a team of five to six people involved in the deployment aspect due to the large number of assets.
What was our ROI?
Qualys VMDR helps us be compliant, and vulnerability management is a crucial part of maintaining our organization's security, significantly contributing to ROI.
What's my experience with pricing, setup cost, and licensing?
Qualys offers better pricing and is feature-packed compared to other tools.
Which other solutions did I evaluate?
We evaluated Nessus and Rapid7 before choosing Qualys VMDR.
What other advice do I have?
I would recommend getting both VMDR and the Cloud Agent to ensure comprehensive asset coverage. Understanding the network architecture is crucial to ensure no segments are missed under Qualys. Overall, I rate Qualys a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Ankesh Raj
Real-time responses and reporting streamline vulnerability management
Reviewed on Dec 04, 2024
Review provided by PeerSpot
What is our primary use case?
We mostly use Qualys VMDR for vulnerability management and compliance practices. Every week, my team and I run automated scans that are scheduled, and we share whatever vulnerabilities are found with the infrastructure team to remediate them.
What is most valuable?
Qualys VMDRÂ provides a real-time response and reporting feature, which is excellent. It allows us to see real-time graphs and reports for every asset, server, and more, which is very user-friendly.Â
Our clients have given good feedback, and they are satisfied with the tool. We use it daily to fix vulnerabilities by connecting with infrastructure to remediate. The feedback from the client side is very good.
What needs improvement?
Regarding improvement, compliance features haven't been utilized much. I anticipate more benefits in this area in the future. Integrating other teams, such as GRV, with Qualys would be very beneficial.Â
Additionally, if AI features were integrated, it could enhance the capabilities significantly.
For how long have I used the solution?
I have been using Qualys VMDR for about six months. I started working in vulnerability management with my company in the SOC.
What do I think about the stability of the solution?
I haven't experienced any downtime during my working hours. However, there might be times when it could go down. I would rate stability around 8.5 or nine out of ten.
What do I think about the scalability of the solution?
Qualys VMDR can handle scalability, although increasing the inventory can raise the licensing costs. However, it can escalate and adapt to many needs if required.
How are customer service and support?
Customer support is satisfactory. When reaching out via email, they reply quickly. I would rate their customer support eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used another vendor for a different client, which is Rapid7. However, I found Rapid7 not as user-friendly as Qualys. The console is less user-friendly, and running sample templates or scans is more complex compared to Qualys.
What's my experience with pricing, setup cost, and licensing?
I am not aware of the exact pricing, as it comes as an MSP model from the client. However, I have a notion that Qualys might be more expensive than Rapid7.
Which other solutions did I evaluate?
I have evaluated Rapid7 along with Qualys. In a rating out of five, I would give Qualys four and Rapid7 two, as Rapid7 is more complex and not as user-friendly.
What other advice do I have?
I would recommend Qualys VMDR to others comparing it with other VM tools, due to its valuable features, including real-time responses and detailed reporting.Â
Overall, I would rate Qualys eight out of ten. With potential improvements and AI integration, it could offer even more.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Shubhajit Saha
Efficient and helpful vulnerability management enhances team collaboration
Reviewed on Nov 18, 2024
Review provided by PeerSpot
What is our primary use case?
The primary use case of Qualys VMDRÂ was to monitor around two hundred users, servers, and VMs weekly. We needed to ensure that all vulnerabilities were tracked and addressed. Our users were mainly developers using various applications, and we needed to ensure compliance with client requirements. The goal was to keep our systems up-to-date and secure.
How has it helped my organization?
Before using Qualys VMDRÂ , we used OpenVAS, an open-source solution. It was challenging to find a direct solution for vulnerabilities.Â
With Qualys VMDR, it became simple to understand the severity of issues and prioritize fixes. We could ensure our top management was satisfied, knowing issues were visible and addressed.Â
It allowed us to divide tasks easily among teammates, significantly improving efficiency. We saw a return on investment in time, money, and resources.
What is most valuable?
Qualys VMDR offers a one-stop solution for monitoring and reporting. The UI is straightforward and user-friendly, and even beginners can master it in a day.Â
It allows for simplicity in understanding issues and generating reports for clear visibility. The benefits of task division among teammates and the ability to work together without delays were significant.
What needs improvement?
Qualys VMDR identifies vulnerabilities and suggests fixes. However, it does not automate patching unless the patch management module is purchased separately.Â
Automating features could reduce manual efforts and make the process less lengthy. Integration of AI could enhance benefits, especially in handling false positives.
For how long have I used the solution?
I have used the solution for around three years.
What do I think about the stability of the solution?
We did not experience any bugs, glitches, or downtime. I would rate the stability a nine out of ten.
What do I think about the scalability of the solution?
Scalability depends on the license and the number of assets being monitored. I would rate the scalability an eight out of ten.
How are customer service and support?
The technical support provided by Qualys is pretty good, and I would rate it an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Before Qualys VMDR, we used Greenhorn’s OpenVAS. It was open-source, but it offered no direct solutions. Reports were only available with scheduled scans, which made immediate issue resolution difficult.
How was the initial setup?
The initial setup was straightforward. The deployment was up and running in a day with assistance from the support team.
What about the implementation team?
Only one person was involved in implementing Qualys VMDR.
What was our ROI?
We saw a return on investment through significant savings in time, money, and resources. The solution allowed for efficient task management among team members.
What's my experience with pricing, setup cost, and licensing?
For smaller enterprises, the pricing is on the pricier side. However, for larger enterprises, it's considered okay. I would rate the pricing between seven to eight out of ten.
Which other solutions did I evaluate?
We previously used OpenVAS.
What other advice do I have?
Overall, the solution is highly rated because of its simplicity and efficiency. I would rate it a nine out of ten.
reviewer2592618
Automated reporting enhances vulnerability management capabilities
Reviewed on Nov 11, 2024
Review provided by PeerSpot
What is our primary use case?
We use it for vulnerability management and report generation mostly. I am trying to solve the issue wherein the stakeholders can get automated vulnerability reports to their mailbox.
How has it helped my organization?
Using this product, we now have a vulnerability management cycle wherein VMDR plays a major role. It has greatly increased the capability on the detection aspect of the vulnerability and improved our scope and visibility on all other endpoints.
What is most valuable?
I like the automated report generation and vulnerability report generation.
What needs improvement?
I don't have any improvement requests on top of my mind right now. The response time of technical support takes a while.
For how long have I used the solution?
It's been more than two years now.
What do I think about the stability of the solution?
I would rate the stability as nine out of ten. It's quite stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
My rating for the technical support for Qualys is six out of ten. The response time takes a while.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I personally didn't use a different solution before Qualys.
How was the initial setup?
Although I was not present during the initial deployment process, it's pretty straightforward. It's just an agent installation, which automatically connects it to the cloud platform, so the implementation won't take as long.
What other advice do I have?
I would recommend Qualys VMDRÂ to the other stakeholders because it already has its place in the market, and it's very reliable.
I'd rate the solution eight out of ten.