Qualys CyberSecurity Asset Management Reviews

Name: Qualys CyberSecurity Asset Management
Brand: Qualys
Rating: 4.5 (35 reviews)

Vendor: Qualys

4.5 out of 5

35 reviews
97% willing to recommend

Leave a review

What is Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management provides key features including asset inventory management, end-of-life tracking, dynamic tagging, and integration with CMDB, offering extensive visibility and support for proactive threat response.

Get the Qualys CyberSecurity Asset Management Buyer's Guide and find out what your peers are saying about Qualys CyberSecurity Asset Management, CrowdStrike Falcon, SentinelOne Singularity Cloud Security and more!

Qualys CyberSecurity Asset Management is the #2 ranked solution in top Attack Surface Management (ASM) solutions, #3 ranked solution in top Cyber Asset Attack Surface Management (CAASM) solutions, #4 ranked solution in top Patch Management solutions, #4 ranked solution in top Software Supply Chain Security solutions, and #7 ranked solution in top Vulnerability Management solutions. PeerSpot users give Qualys CyberSecurity Asset Management an average rating of 9.0 out of 10. Qualys CyberSecurity Asset Management is most commonly compared to CrowdStrike Falcon: Qualys CyberSecurity Asset Management vs CrowdStrike Falcon. Qualys CyberSecurity Asset Management is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 13% of all views.

Buyer's Guide

Qualys CyberSecurity Asset Management

January 2026

Get the report

Helped 880,511 peers since 2012

Featured Qualys CyberSecurity Asset Management reviews

Arshad N. R.

Cyber Security Specialist at UBS Financial

We use the True Risk Score for vulnerability prioritization, though we do not solely rely upon it since some assets may be decommissioned soon or not in use. From Qualys CyberSecurity Asset Management, we primarily focus on internet-facing assets. We have created separate tasks for internet-facing assets and track the True Risk dashboard specifically for these assets. If the True Risk Score is higher for any internet-facing assets, then we take action accordingly. The True Risk Score is very helpful for prioritization. The initial setup was straightforward and easy. We needed to create customized tags, group them twice, and validate whether the operating system detection was true positive or false positive. We encountered some false positives, which required coordination with the IT team for verification. In six months, we had approximately 20-25 machines that needed verification on a weekly basis. We coordinated with the IT team to identify the exact operating system specifications.

Read full review

Christopher Mateski

SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees

The CMDB Sync affects our mean time to remediation. Using the VMDR module with the CMDB, we sync our vulnerabilities to the CMDB and asset information. We receive asset owner information and application owner information, which helps us understand who we need to work with to remediate vulnerabilities. When we can pull that information from the CMDB, it's very helpful.The TruRisk score helps me prioritize vulnerabilities and assets. The TruRisk score allows us to show where we have our highest risk. When an asset has a very high TruRisk score, it's easy to demonstrate to partners that an asset needs immediate remediation. However, when a TruRisk score is moderate or low and has vulnerabilities on the attack surface, it appears healthier than it is. Our partners might delay addressing these assets due to the lower score, despite their presence on the attack surface making them more vulnerable. Qualys CyberSecurity Asset Management enables us to identify end-of-life and end-of-support software.

Read full review

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

The alternative solution I used was Tenable. I used to prefer Tenable, thinking of Qualys as the underdog. However, after working more with Qualys, I’ve come to appreciate it more. It's not because it’s more powerful or because it doesn’t have any issues or better features, but because it is more transparent. Tenable is very easy to use, but it doesn’t provide a clear understanding of its inner workings. In contrast, Qualys can be more complex to use due to its numerous settings and the need for additional training, but at least it gives you a clearer idea of what it does. Comparing the two is challenging. Tenable is more powerful, but whether that power is necessary depends on your specific needs. I acknowledge that Tenable is more expensive, as it requires purchasing additional modules. Overall, Qualys is a great option.

Read full review

Qualys CyberSecurity Asset Management mindshare

Product category:

As of January 2026, the mindshare of Qualys CyberSecurity Asset Management in the Cyber Asset Attack Surface Management (CAASM) category stands at 10.5%, up from 5.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cyber Asset Attack Surface Management (CAASM) Market Share Distribution
Product	Market Share (%)
Qualys CyberSecurity Asset Management	10.5%
Axonius	28.2%
Armis	19.4%
Other	41.9%

Cyber Asset Attack Surface Management (CAASM)

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Type	Title	Date
Category	Cyber Asset Attack Surface Management (CAASM)	Jan 19, 2026	Download
Product	Reviews, tips, and advice from real users	Jan 19, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Armis	Jan 19, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Axonius	Jan 19, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs JumpCloud	Jan 19, 2026	Download

Valuable Features

Qualys CyberSecurity Asset Management offers invaluable features such as detailed asset discovery, tagging, end-of-life tracking, and dynamic asset management. It enhances risk identification, allows integration with third-party tools, and provides visibility into vulnerabilities. With real-time monitoring, External Attack Surface Management, and TruRisk scoring, it aids efficient prioritization and remediation. Users appreciate its user-friendly interface, automated processes, comprehensive inventory, and alignment with security standards, optimizing cybersecurity operations effectively.

"Regarding return on investment, I first look at the reality of the environment and the decrease in critical vulnerabilities with Qualys CyberSecurity Asset Management, which equals a positive return on investment."
"Getting different kinds of modules and inventory in one solution is good enough."
"I really enjoy the flexibility of the interface setup configuration for my network VLANs, which makes it very easy to configure."

Room for Improvement

Price and CMDB Sync limitations affect adoption. Integration with non-ServiceNow systems is needed. Improved reporting and user interface are crucial for ease of use. Users seek customizable features and enhanced scan capabilities. The agent's resource consumption and platform responsiveness require improvement. Enhanced tagging, role access, and asset discovery processes are necessary. Better integration and support for third-party tools would enhance functionality. Training resources and query language consistency are essential for effective use.

"In the best practice for categorizing assets with the C-SAM module in Qualys CyberSecurity Asset Management, I see potential for improvement with integration of other CMDB systems in creating a relationship with Qualys and other solutions."
"Qualys CyberSecurity Asset Management is moderately good, while Rapid7 is slightly much better."
"I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating process."

ROI

Qualys CyberSecurity Asset Management led to a significant reduction in critical vulnerabilities and costs, optimizing resource allocation. It streamlined processes, reducing tagging time and manual efforts by up to 45% and cutting costs by 35%. There was an observed ROI of about 95% while decreasing labor costs by approximately $109,000 annually. Enhanced client trust resulted in around $99,000 in new contracts. Efficiency improvements were seen in vulnerability management and compatibility adjustments with AWS cloud.

Pricing

Enterprise users find Qualys CyberSecurity Asset Management pricing somewhat high, especially as an add-on to VMDR, yet many acknowledge its competitive and transparent pricing model. They appreciate the value and comprehensive features it offers, despite some finding it suitable mainly for larger organizations. While some mention that bundling with other services could enhance its appeal, others suggest pricing could be adjusted for small organizations. Overall, it is deemed fair for its value and features.

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"The pricing is market-competitive."

Popular Use Cases

Organizations primarily use Qualys CyberSecurity Asset Management for asset tracking, vulnerability management, and enhanced security visibility. It helps in identifying and categorizing hardware and software assets, monitoring external attack surfaces, and addressing zero-day vulnerabilities. It enables effective patch management and compliance through real-time insights, facilitating risk reduction. By collecting detailed asset information, it supports asset lifecycle management and security posture improvement, ensuring comprehensive governance across IT environments.

Service and Support

Users find Qualys CyberSecurity Asset Management's customer support timely, effective, and knowledgeable. Their technical team efficiently resolves complex issues, offering comprehensive documentation and responsive forums. Though occasional delays and redirections occur, support generally rates high, with ratings often reaching nine or ten out of ten. Customer service assigns support executives quickly, and user-friendly resources such as a ticketing system and training programs enhance support experiences, providing consistent, dedicated assistance for various technical needs.

Deployment

Initial deployment of Qualys CyberSecurity Asset Management is generally straightforward and efficient, especially for VMDR users who find activation quick. Existing networks benefit from seamless transitions, while larger distributed environments may encounter challenges. Cloud deployment proves easier due to minimal maintenance needs. Documentation assists in understanding configurations, and support from experienced professionals eases the process. Deployment times vary based on environment size and prior experience, with some organizations completing it within a week.

Scalability

Qualys CyberSecurity Asset Management is praised for scaling effectively across diverse environments, from small setups to extensive networks exceeding tens of thousands of endpoints. Users highlight its ability to handle large datasets and integrate seamlessly as deployment scales. Organizations across various locations report successful scalability, with ratings often reaching the higher end. Its cloud-based nature allows smooth scaling and adaptability, making it highly satisfactory for managing substantial assets globally. Scalability issues are rarely encountered.

Stability

Qualys CyberSecurity Asset Management is consistently stable, with many users rating its stability between eight to ten out of ten. Occasional issues like syncing or slowness are usually linked to updates or network. Users appreciate its reliability, noting few severe performance issues over time. Stability is generally high, though some users mentioned recent declines in performance, experiencing slower page requests and access issues, but these instances are limited and usually promptly addressed.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys CyberSecurity Asset Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	2
Large Enterprise	23

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	128
Midsize Enterprise	76
Large Enterprise	291

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

13%

Manufacturing Company

Comms Service Provider

Outsourcing Company

Government

Insurance Company

Educational Organization

Performing Arts

Retailer

Transportation Company

Healthcare Company

Media Company

Non Profit

University

Construction Company

Real Estate/Law Firm

Marketing Services Firm

Logistics Company

Energy/Utilities Company

Wholesaler/Distributor

Consumer Goods Company

Legal Firm

Hospitality Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Qualys offers comprehensive visibility across hardware and software assets, aiding in tracking unauthorized applications and facilitating automated vulnerability remediation. Its user-friendly interface and dynamic risk scoring enhance security posture management. Users leverage it for vulnerability management and compliance, benefiting from real-time risk identification and efficient operations in cloud and on-premises environments.

What are the key features of Qualys CyberSecurity Asset Management?

Asset Inventory Management: Provides detailed visibility over hardware and software assets.
End-of-Life Tracking: Helps identify technical debt by pinpointing outdated hardware and software.
Dynamic Tagging: Allows flexible classification and categorization of assets.
Real-Time Risk Identification: Detects risks as they arise, enhancing threat response capabilities.
CMDB Integration: Streamlines data integration for comprehensive asset insights.

What benefits should users look for in Qualys reviews?

Improved Security Posture: Enables proactive threat management and streamlined operations.
Efficient Remediation: Automates vulnerability management and patch deployment.
User-Friendly Operations: Simplifies cybersecurity operations with an intuitive interface.
Comprehensive Asset Visibility: Offers unparalleled insight into organizational assets.
Scalable Solutions: Facilitates asset tracking across cloud and on-premises environments.

Cybersecurity teams in various industries, such as financial services, healthcare, and manufacturing, utilize Qualys to manage technical debt through end-of-life tracking and facilitate robust patch management. It supports compliance and visibility initiatives, essential for maintaining data integrity and operational security in dynamic environments.

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

SentinelOne Singularity Cloud Security vs Qualys CyberSecurity Asset Management

Wiz vs Qualys CyberSecurity Asset Management

Darktrace vs Qualys CyberSecurity Asset Management

Qualys VMDR vs Qualys CyberSecurity Asset Management

Tanium vs Qualys CyberSecurity Asset Management

Microsoft Configuration Manager vs Qualys CyberSecurity Asset Management

JFrog Xray vs Qualys CyberSecurity Asset Management

NinjaOne vs Qualys CyberSecurity Asset Management

Orca Security vs Qualys CyberSecurity Asset Management

Tenable Vulnerability Management vs Qualys CyberSecurity Asset Management

BigFix vs Qualys CyberSecurity Asset Management

Check Point CloudGuard CNAPP vs Qualys CyberSecurity Asset Management

Trend Vision One - Cloud Security vs Qualys CyberSecurity Asset Management

FortiCNAPP vs Qualys CyberSecurity Asset Management

See all alternatives

Qualys CyberSecurity Asset Management Reviews Summary
Author info	Rating	Review Summary
Cyber Security Specialist at UBS Financial	5.0	We use Qualys CyberSecurity Asset Management for daily asset identification, tracking True Risk Scores for vulnerability prioritization, and coordinating with IT to verify machine specifications. Its extensive asset categorization outperforms alternatives like Rapid7 and CrowdStrike.
SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees	4.0	I've used Qualys CyberSecurity Asset Management for 10 months to manage assets and remediation, but issues with inaccurate data, slow performance, and high costs limit its effectiveness, though its integration and TruRisk scoring are valuable.
Information Security Engineer at a manufacturing company with 5,001-10,000 employees	4.0	I found Qualys CyberSecurity Asset Management valuable for asset visibility and automation, though its discovery and integration features need improvement. It's stable, scalable, and offers good value, but exporting data is challenging and setup requires technical effort.
Vulnerability Management Analyst III at America First Credit Union	4.5	I use Qualys CyberSecurity Asset Management mainly for tagging and asset tracking; it's stable and scalable but needs better activity logs, search features, and manual merging. Support has improved, though the interface and some functionalities remain frustrating.
IT Security Manager at a manufacturing company with 10,001+ employees	4.5	Qualys CyberSecurity Asset Management helps me monitor and manage our environment effectively, though support can be slow at times. Setup was smooth, and I find features like TruRisk scoring and EOL detection especially valuable for prioritizing vulnerabilities.
IT Security Manager at Alter Domus	5.0	We've used Qualys CyberSecurity Asset Management for a few months to gain a holistic view of assets, prioritize vulnerabilities using TruRisk, and support multiple security teams, though the UI still needs improvement for smoother navigation.
Security Delivery Senior Analyst at Accenture	5.0	I've used Qualys CyberSecurity Asset Management for over three years, mainly for VMDR and web app scanning, valuing its accuracy, ease of use, low false positives, strong support, and time-saving capabilities during penetration testing.
Senior Software Engineer at Volkswagen Group Technology Solutions India	4.0	I've used Qualys CyberSecurity Asset Management for four years and found it effective for handling large asset inventories, with strong categorization and integration features, though the interface could improve; overall, I rate it 8 out of 10.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	137 interviews Add to research
SentinelOne Singularity Cloud Security	4.3	N/A	99%	116 interviews Add to research

Qualys CyberSecurity Asset Management Reviews

What is Qualys CyberSecurity Asset Management?

Featured Qualys CyberSecurity Asset Management reviews

Qualys CyberSecurity Asset Management mindshare

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Related questions

Product Categories

Popular Comparisons