Qualys CyberSecurity Asset Management Reviews

Name: Qualys CyberSecurity Asset Management
Brand: Qualys
Rating: 4.5 (34 reviews)

Vendor: Qualys

4.5 out of 5

34 reviews
97% willing to recommend

Leave a review

What is Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Get the Qualys CyberSecurity Asset Management Buyer's Guide and find out what your peers are saying about Qualys CyberSecurity Asset Management, CrowdStrike Falcon, SentinelOne Singularity Cloud Security and more!

Qualys CyberSecurity Asset Management is the #2 ranked solution in top Attack Surface Management (ASM) solutions, #3 ranked solution in top Cyber Asset Attack Surface Management (CAASM) solutions, #4 ranked solution in top Patch Management solutions, #4 ranked solution in top Software Supply Chain Security solutions, and #7 ranked solution in top Vulnerability Management solutions. PeerSpot users give Qualys CyberSecurity Asset Management an average rating of 9.0 out of 10. Qualys CyberSecurity Asset Management is most commonly compared to CrowdStrike Falcon: Qualys CyberSecurity Asset Management vs CrowdStrike Falcon. Qualys CyberSecurity Asset Management is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 13% of all views.

Buyer's Guide

Qualys CyberSecurity Asset Management

December 2025

Get the report

Helped 879,899 peers since 2012

Featured Qualys CyberSecurity Asset Management reviews

Arshad N. R.

Cyber Security Specialist at UBS Financial

We use the True Risk Score for vulnerability prioritization, though we do not solely rely upon it since some assets may be decommissioned soon or not in use. From Qualys CyberSecurity Asset Management, we primarily focus on internet-facing assets. We have created separate tasks for internet-facing assets and track the True Risk dashboard specifically for these assets. If the True Risk Score is higher for any internet-facing assets, then we take action accordingly. The True Risk Score is very helpful for prioritization. The initial setup was straightforward and easy. We needed to create customized tags, group them twice, and validate whether the operating system detection was true positive or false positive. We encountered some false positives, which required coordination with the IT team for verification. In six months, we had approximately 20-25 machines that needed verification on a weekly basis. We coordinated with the IT team to identify the exact operating system specifications.

Read full review

Christopher Mateski

SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees

The CMDB Sync affects our mean time to remediation. Using the VMDR module with the CMDB, we sync our vulnerabilities to the CMDB and asset information. We receive asset owner information and application owner information, which helps us understand who we need to work with to remediate vulnerabilities. When we can pull that information from the CMDB, it's very helpful.The TruRisk score helps me prioritize vulnerabilities and assets. The TruRisk score allows us to show where we have our highest risk. When an asset has a very high TruRisk score, it's easy to demonstrate to partners that an asset needs immediate remediation. However, when a TruRisk score is moderate or low and has vulnerabilities on the attack surface, it appears healthier than it is. Our partners might delay addressing these assets due to the lower score, despite their presence on the attack surface making them more vulnerable. Qualys CyberSecurity Asset Management enables us to identify end-of-life and end-of-support software.

Read full review

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

The alternative solution I used was Tenable. I used to prefer Tenable, thinking of Qualys as the underdog. However, after working more with Qualys, I’ve come to appreciate it more. It's not because it’s more powerful or because it doesn’t have any issues or better features, but because it is more transparent. Tenable is very easy to use, but it doesn’t provide a clear understanding of its inner workings. In contrast, Qualys can be more complex to use due to its numerous settings and the need for additional training, but at least it gives you a clearer idea of what it does. Comparing the two is challenging. Tenable is more powerful, but whether that power is necessary depends on your specific needs. I acknowledge that Tenable is more expensive, as it requires purchasing additional modules. Overall, Qualys is a great option.

Read full review

Qualys CyberSecurity Asset Management mindshare

Product category:

As of January 2026, the mindshare of Qualys CyberSecurity Asset Management in the Cyber Asset Attack Surface Management (CAASM) category stands at 10.5%, up from 5.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cyber Asset Attack Surface Management (CAASM) Market Share Distribution
Product	Market Share (%)
Qualys CyberSecurity Asset Management	10.5%
Axonius	28.2%
Armis	19.4%
Other	41.9%

Cyber Asset Attack Surface Management (CAASM)

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Type	Title	Date
Category	Cyber Asset Attack Surface Management (CAASM)	Jan 11, 2026	Download
Product	Reviews, tips, and advice from real users	Jan 11, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Armis	Jan 11, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs Axonius	Jan 11, 2026	Download
Comparison	Qualys CyberSecurity Asset Management vs JumpCloud	Jan 11, 2026	Download

Valuable Features

Qualys CyberSecurity Asset Management excels in real-time visibility, asset discovery, and dynamic tagging. It efficiently manages both authorized and unauthorized applications, tracks end-of-life assets, and offers External Attack Surface Management insights. Integrated with third-party tools, it automates vulnerability scanning, supports inventory reconciliation, and utilizes TrueRisk scoring for prioritization. Users benefit from comprehensive data, easy navigation, and adaptive support, all of which enhance cybersecurity infrastructure management across cloud and on-prem environments.

"Getting different kinds of modules and inventory in one solution is good enough."
"I really enjoy the flexibility of the interface setup configuration for my network VLANs, which makes it very easy to configure."
"I use it primarily with tagging, asset counts, and groups that we can put them in, and we also use it to tell if a device has been merged and seen in Qualys CyberSecurity Asset Management, so that's beneficial for us too."

Room for Improvement

Qualys CyberSecurity Asset Management needs better integration with various systems and a more intuitive user interface to streamline navigation tasks. Additionally, pre-built reports and dynamic tagging features should be expanded. Its deployment process can become complicated and lacks the ability to handle complex configurations without vendor support. Enhanced automation for tasks would be beneficial, including the addition of more comprehensive customization options for user dashboards and reports. Improved account management and customer guidance during setup would also be advantageous.

"Qualys CyberSecurity Asset Management is moderately good, while Rapid7 is slightly much better."
"I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating process."
"The activity log is terrible."

ROI

Qualys CyberSecurity Asset Management offered significant ROI by saving about 45% of time through reduced manual tagging efforts for 5,000 servers and lowering costs by 35%. Businesses noted a 95% return, decreased security incidents, labor cost savings of $109,000 annually, and an increase in new contracts worth $99,000. Users appreciated increased efficiency in vulnerability management, reduced in-house development, and enhanced security infrastructure, leading to significant business growth. It condensed tasks, improving efficiency and productivity.

Pricing

Enterprise buyers find Qualys CyberSecurity Asset Management pricing competitive yet potentially costly, especially for those with fewer assets. The service typically adds value through its comprehensive features and transparent, flexible pricing model. Organizations experience it as a cost-effective solution when bundled with VMDR or other Qualys services. Its market-competitive pricing aligns with large-scale needs, but smaller enterprises might find better tier options beneficial. The perceived expense is often balanced by its reliability and comprehensive asset management capabilities.

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"The pricing is market-competitive."

Popular Use Cases

Organizations primarily use Qualys CyberSecurity Asset Management for managing assets and vulnerabilities. It enhances asset visibility, tracks hardware and software lifecycles, identifies vulnerabilities, and categorizes assets with custom tags. This tool helps monitor security posture, prioritize vulnerabilities, and identify unauthorized software to ensure compliance. Integration with network scanning and reporting capabilities provides a comprehensive view of IT infrastructure, addressing end-of-life issues, and facilitating effective asset and security management.

Service and Support

Qualys CyberSecurity Asset Management's customer service is praised for quick and effective assistance. Users frequently commend their responsiveness and knowledgeable support, despite occasional slower resolutions for complex issues. Documentation and community resources are extensive. Assistance by technical account managers is notable, providing prompt resolutions. While there can be some redirection among support teams, users rate interaction experiences highly, often a nine or ten out of ten, valuing detailed response times and engagement.

Deployment

Initial deployment of Qualys CyberSecurity Asset Management is straightforward with existing VMDR users finding it nearly immediate. Deployment involves cloud agents and passive sensors, with maintenance minimal due to its cloud nature. Complexity varies with team experience and environment size. Experienced users handle it smoothly, while larger setups require coordination and time. Documentation aids in the process, but newer users may face challenges due to less intuitive resources. Assistance from the vendor is helpful.

Scalability

Qualys CyberSecurity Asset Management possesses significant scalability, effectively managing environments of varying sizes and asset counts. Many users commend its seamless performance across multiple locations and diverse systems, frequently rating its scalability highly. It supports thousands of users and assets without issues, adapting well to different needs through its SaaS platform. Users note its capacity for handling expansive deployments, with substantial data support, smoothly integrating features as usage expands.

Stability

Qualys CyberSecurity Asset Management is typically reliable. Some syncing issues follow major updates, and occasional queries crash. Most find it stable, with ratings between seven to ten, noting occasional slowness linked to network factors. Many users experience no major problems, appreciating continuous updates. Recent months saw a decline, with login delays and crashing. Reports of significant downtime are rare, though slight lags occur. Monitoring updates is beneficial for maximizing value.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys CyberSecurity Asset Management Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	2
Large Enterprise	23

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	127
Midsize Enterprise	76
Large Enterprise	289

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

13%

Manufacturing Company

Comms Service Provider

Outsourcing Company

Government

Insurance Company

Educational Organization

Performing Arts

Retailer

Transportation Company

Healthcare Company

Media Company

Non Profit

University

Real Estate/Law Firm

Marketing Services Firm

Construction Company

Logistics Company

Energy/Utilities Company

Wholesaler/Distributor

Consumer Goods Company

Legal Firm

Hospitality Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?

Real-time Visibility: Offers continuous insight into asset status and condition.
Dynamic Tagging: Allows for flexible organization and assessment of assets.
External Attack Surface Management: Identifies potential threats from external sources.
Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
Unauthorized Software Management: Detects and manages software not approved for use.
Asset Purge Rule: Automates the removal of obsolete assets from the inventory.

What benefits should users look for in reviews?

Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
Improved Compliance: Assists in meeting industry standards and regulations.
Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

SentinelOne Singularity Cloud Security vs Qualys CyberSecurity Asset Management

Wiz vs Qualys CyberSecurity Asset Management

Darktrace vs Qualys CyberSecurity Asset Management

Qualys VMDR vs Qualys CyberSecurity Asset Management

Tanium vs Qualys CyberSecurity Asset Management

Microsoft Configuration Manager vs Qualys CyberSecurity Asset Management

JFrog Xray vs Qualys CyberSecurity Asset Management

NinjaOne vs Qualys CyberSecurity Asset Management

Orca Security vs Qualys CyberSecurity Asset Management

BigFix vs Qualys CyberSecurity Asset Management

Tenable Vulnerability Management vs Qualys CyberSecurity Asset Management

Check Point CloudGuard CNAPP vs Qualys CyberSecurity Asset Management

Trend Vision One - Cloud Security vs Qualys CyberSecurity Asset Management

Cymulate vs Qualys CyberSecurity Asset Management

See all alternatives

Qualys CyberSecurity Asset Management Reviews Summary
Author info	Rating	Review Summary
Cyber Security Specialist at UBS Financial	5.0	We use Qualys CyberSecurity Asset Management for daily asset identification, tracking True Risk Scores for vulnerability prioritization, and coordinating with IT to verify machine specifications. Its extensive asset categorization outperforms alternatives like Rapid7 and CrowdStrike.
SENIOR MANAGER, CYBERSECURITY THREAT, RISK & ARCHITECTURE at a tech vendor with 1,001-5,000 employees	4.0	I've used Qualys CyberSecurity Asset Management for 10 months to manage assets and remediation, but issues with inaccurate data, slow performance, and high costs limit its effectiveness, though its integration and TruRisk scoring are valuable.
Information Security Engineer at a manufacturing company with 5,001-10,000 employees	4.0	I found Qualys CyberSecurity Asset Management valuable for asset visibility and automation, though its discovery and integration features need improvement. It's stable, scalable, and offers good value, but exporting data is challenging and setup requires technical effort.
Vulnerability Management Analyst III at America First Credit Union	4.5	I use Qualys CyberSecurity Asset Management mainly for tagging and asset tracking; it's stable and scalable but needs better activity logs, search features, and manual merging. Support has improved, though the interface and some functionalities remain frustrating.
IT Security Manager at a manufacturing company with 10,001+ employees	4.5	Qualys CyberSecurity Asset Management helps me monitor and manage our environment effectively, though support can be slow at times. Setup was smooth, and I find features like TruRisk scoring and EOL detection especially valuable for prioritizing vulnerabilities.
IT Security Manager at Alter Domus	5.0	We've used Qualys CyberSecurity Asset Management for a few months to gain a holistic view of assets, prioritize vulnerabilities using TruRisk, and support multiple security teams, though the UI still needs improvement for smoother navigation.
Security Delivery Senior Analyst at Accenture	5.0	I've used Qualys CyberSecurity Asset Management for over three years, mainly for VMDR and web app scanning, valuing its accuracy, ease of use, low false positives, strong support, and time-saving capabilities during penetration testing.
Senior Software Engineer at Volkswagen Group Technology Solutions India	4.0	I've used Qualys CyberSecurity Asset Management for four years and found it effective for handling large asset inventories, with strong categorization and integration features, though the interface could improve; overall, I rate it 8 out of 10.

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	N/A	97%	136 interviews Add to research
SentinelOne Singularity Cloud Security	4.3	N/A	99%	114 interviews Add to research

Qualys CyberSecurity Asset Management Reviews

What is Qualys CyberSecurity Asset Management?

Featured Qualys CyberSecurity Asset Management reviews

Qualys CyberSecurity Asset Management mindshare

PeerResearch reports based on Qualys CyberSecurity Asset Management reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys CyberSecurity Asset Management with alternative products

Learn more about Qualys CyberSecurity Asset Management

Related questions

Product Categories

Popular Comparisons