I would rate Qualys ability to cover the entire attack surface a nine out of ten. Previously, we used Tenable as our preferred tool but switched to Qualys for the cost-effectiveness. However, upon switching to Qualys, our primary concern was ensuring the seamless deployment of agents across our infrastructure. Fortunately, Qualys agents proved to be remarkably lightweight. Additionally, Qualys excels in network security, allowing us to identify vulnerabilities, track SSL and TSL certificates, and monitor their expiration dates. Qualys also offers robust password management capabilities, surpassing Tenable in this regard. Moreover, Qualys' reporting functionality is unparalleled, outperforming competitors like Tenable and other tools in the market. Qualys identifies all risk factors for our assets. For example, assigning a globally traceable computer name or using easily compromised passwords can create vulnerabilities. Qualys provides immediate alerts if any compromise occurs in our environment, highlighting specific loopholes. Consider a scenario where a programmer in a testing environment uses a simple password instead of a complex one. Hackers can easily exploit this, and Qualys will immediately identify the issue, generate a report pinpointing the responsible individual, and notify us. This real-time identification and reporting capability surpasses traditional PAM solutions, allowing for swift remediation of potentially exploitable changes. We use the risk scoring to prioritize the issues by criticality. We use Qualys to convert deployed cloud agents into passive sensors for VM ESX. Whenever new servers or network devices are added, Qualys immediately detects them and flags them as unregistered assets on the network. Based on this information, other teams often reach out to us to onboard or install an agent for enhanced visibility and management within Qualys.
