Good visibility but expensive and needs better support
What is our primary use case?
We are managing hundreds of AWS and several on-premises accounts using Qualys agents and scanners to provide data inputs for Qualys. We are using several of the Qualys modules, VMDR, Cloud Agents, Connectors along with Global Asset View (GAV). GAV dynamic tagging is valuable for tracking owners of assets.
Qualys' main function is to provide us with vulnerability management information for our end users and is a major input to our CMDB. We rely on a combination of agents and scans to provide us with the system data.
How has it helped my organization?
We are seeing more of the issues we suspected were there. Qualys is allowing us to get an overall picture of our Risk posture. It has enabled us to identify assets we did not know existed.
However, Qualys has not enabled us to get a complete picture of our risk posture, due to our own limitations in our deployments and limitations in the Qualys back end, dashboards, UI, connector reliability, and the limitations of the Qualys Scripting Language (QSL).
Qualys implementation requires dedicated back-end support from various teams which was not clearly explained to us or planned for.
What is most valuable?
Cloud Agents: lots of control available and very trouble-free. It pulls all systems information, including installed software and open ports. It's very configurable to adjust impact to systems.
Connectors: Pulls all the cloud information per account and helps to build a CMDB. Qualys connectors do some control evaluations to help manage these accounts.
Global Asset View (GAV): With the ability to establish dynamic tagging and perform queries GAV has become a very valuable research tool to our teams.
What needs improvement?
Support: It's often overseas and often following a script, basically asking us to redo what we opened the case with.
Multiple APIs: There seems to be a lack of easy onboarding into Qualys. We had to use manual inputs and some API calls to get items in place.
Dashboard: It is very rudimentary with very little customization. The Qualys Scripting Language (QSL) works differently in different Qualys modules, so when you get it working in one area you have to modify the syntax in others.
User account management: We often have to give users more rights than needed just to give them what they need.
Integration with the various Qualys Modules: You can tell the UI is different based on of the different teams that created them.
QSL syntax same in all modules
Responsiveness of some of the components: They time out, you get a blank screen, etc.
Backend updates between the various modules: You update connectors and information takes a few minutes to show in VMDR or Global Asset View
Connectors: Connectors have a throttling issue with AWS which causes them to frequently fail unless you manually run them again.
For how long have I used the solution?
I've used the solution for three years.
What do I think about the stability of the solution?
Stability is not the issue. However, the reliably of the different modules is a concern. I have never seen all of Qualys go down.
What do I think about the scalability of the solution?
The solution is very scalable (with a matching cost, in that, it gets expensive as you grow).
How are customer service and support?
Our CSM has awesome, however, support is often overseas at conflicting hours. Support seems to follow scripts and forces us to go through the same scripts. Some solutions required months from Qualys to implement.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We used Tenable.IO which we found very limited. However, in our other cloud environment, we had to use Teanble.SC with which we were able to use a Lambda function and a few API calls to make it operate very well in the cloud.
How was the initial setup?
The setup is complex in many ways, from setting up agents and connectors to trying to create dashboards that fit our needs.
What about the implementation team?
We managed the setup in-house.
What was our ROI?
Management is very concerned about the cost of using Qualys; it keeps going up as we pursue 100% deployment.
What's my experience with pricing, setup cost, and licensing?
The price is very high and escalates quickly based on the number of appliances you need.
Which other solutions did I evaluate?
We evaluated Tenable.SC and Rapid7.
What other advice do I have?
If you're going to deploy Qualys it is key to have someone dedicated to supporting the back end, making sure all the components are working as expected. This is not a fire-and-forget solution.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
This Vulnerability Management Tool rocks
What do you like best about the product?
I used this for corporate scanning and I am satisfied with the performance and VA reports. False positives are very minimal even if scans are unauthenticated. Technical support is fantastic. What I like about Qualys VM is the dashboard presentation. It's very good.
What do you dislike about the product?
I do not like that all of the data is stored on the cloud. I would like to see this solution more developed and competitive in the Cloud space
What problems is the product solving and how is that benefiting you?
Improve the API speed.
Make some minimal dashboard improvements.
Improve the user interface.
Recommendations to others considering the product:
It is more expensive vs. other products on the market.
