Try our new research platform with insights from 80,000+ expert users

Qualys CyberSecurity Asset Management pros and cons

Vendor: Qualys

4.6 out of 5

17 reviews
100% willing to recommend

Pros & Cons summary

Qualys CyberSecurity Asset Management offers asset discovery, dynamic tagging, and robust remediation, providing real-time visibility into application vulnerabilities. Users appreciate its performance and features, including application management. However, improvements are needed in pricing, VMDR integration, agent configuration, cloud device syncing, and role-based access control. Challenges include CPU usage, scan frequency control, and false positives in the EASM module. Despite some limitations, it enhances security posture by managing vulnerabilities effectively.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys CyberSecurity Asset Management provides real-time visibility into assets across development and operational environments, significantly enhancing security posture.

The asset discovery feature through cloud agent or IP-based scanning offers in-depth visibility into both hardware and software.

The tagging feature efficiently categorizes servers and assets without manual input, reducing effort.

Qualys CSAM offers superior asset information collection capabilities, including comprehensive hardware and software inventorying and end-of-life visibility.

It effectively identifies and helps prioritize critical application vulnerabilities, ensuring efficient risk management.

CONS

Qualys CyberSecurity Asset Management could offer more value by lowering the price or integrating with existing VMDR features.

More comprehensive tagging and dynamic rule setup would be helpful to enhance asset management.

Configuring scan frequency in the EASM module needs improvement as there is a lack of user control after the initial setup.

Users face challenges with agent configuration, such as reliably changing the tenant the agent is pointing to.

Integrating with other cloud agents and products, particularly improving communication with external vendors, requires further development.

Qualys CyberSecurity Asset Management Pros review quotes

Cyber Risk Advisory – Consultant at Deloitte

Sep 6, 2024

When you implement a dynamic tag using a query, you do not need to manually tag all the servers. It categorizes all the servers that come under that query. The tagging part is automatically done within a few minutes. It reduces the effort.

Read full review

reviewer2590236

Information Security Lead at Infosys

Nov 4, 2024

We have a diverse organization with a robust infrastructure of more than 300,000 assets. By creating unauthorized lists and rules in the Qualys CSAM module, I can block certain software from being used in the organization.

Read full review

Scott Frederick

Director of Vulnerability Management at a insurance company with 1,001-5,000 employees

Oct 25, 2024

Our favorite features are the tagging and the ability to quickly find assets in the portal.

Read full review

Qualys CyberSecurity Asset Management

Free Report: Qualys CyberSecurity Asset Management Reviews and More

Learn what your peers think about Qualys CyberSecurity Asset Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

831,020 professionals have used our research since 2012.

Kakarla Saikrishna

Senior Cyber Security Analyst at a financial services firm with 10,001+ employees

Oct 11, 2024

Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software.

Read full review

BS

Beatrice Sirchis

Application Security Manager at IDB BAnk

Jul 22, 2024

Tags are very useful for us since we can tag virus applications in infrastructure types such as databases, operating systems, or web platforms.

Read full review

Analyst III - Information Security and Compliance at a financial services firm with 201-500 employees

Sep 20, 2024

The best feature is asset discovery through their cloud agent or IP-based scanning.

Read full review

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

The end-of-life and end-of-service software and hardware are some of my favorite features.

Read full review

KU

Krishna KantUpadhyay

Android Developer at Droidforge

Oct 28, 2024

The most valuable feature is the real-time visibility Qualys CyberSecurity Asset Management provides into all assets across our development and operational environments.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 28, 2024

My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software.

Read full review

Windows Patch Operation 3 at CBTS

Sep 17, 2024

The most valuable aspect we receive from Qualys is the remediation.

Read full review

Show 7 more reviews (out of 17)

Qualys CyberSecurity Asset Management Cons review quotes

Cyber Risk Advisory – Consultant at Deloitte

Sep 6, 2024

One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team.

Read full review

reviewer2590236

Information Security Lead at Infosys

Nov 4, 2024

Currently, in the EASM module, the scan frequency is limited to once daily, but allowing end users control over scan scheduling would be advantageous.

Read full review

Scott Frederick

Director of Vulnerability Management at a insurance company with 1,001-5,000 employees

Oct 25, 2024

Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules.

Read full review

Qualys CyberSecurity Asset Management

Free Report: Qualys CyberSecurity Asset Management Reviews and More

Learn what your peers think about Qualys CyberSecurity Asset Management. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

831,020 professionals have used our research since 2012.

Kakarla Saikrishna

Senior Cyber Security Analyst at a financial services firm with 10,001+ employees

Oct 11, 2024

From the user experience perspective, we need a simpler interface and reduced complexity in certain features, particularly with the Qualys Query Language.

Read full review

BS

Beatrice Sirchis

Application Security Manager at IDB BAnk

Jul 22, 2024

It is automatically exporting the vulnerabilities and the assets. However, it would be useful to have the ability to select or to filter which we would like to export.

Read full review

Analyst III - Information Security and Compliance at a financial services firm with 201-500 employees

Sep 20, 2024

In our reporting, we faced a challenge syncing with cloud devices.

Read full review

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features.

Read full review

KU

Krishna KantUpadhyay

Android Developer at Droidforge

Oct 28, 2024

The UI needs improvement as it can become overwhelming after prolonged use.

Read full review

reviewer2589096

Senior Information Security Engineer at Infosys

Oct 28, 2024

Qualys could improve by enhancing its dynamic tagging and role-based access control features, and by refining its user interface for a more intuitive and efficient user experience.

Read full review

Windows Patch Operation 3 at CBTS

Sep 17, 2024

Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address.

Read full review

Show 7 more reviews (out of 17)

Product Categories

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

Popular Comparisons

Armis vs Qualys CyberSecurity Asset Management

Axonius vs Qualys CyberSecurity Asset Management

See all alternatives

Product Categories

Product Categories

Cyber Asset Attack Surface Management (CAASM)

Vulnerability Management

Patch Management

Attack Surface Management (ASM)

Software Supply Chain Security

Popular Comparisons

Popular Comparisons

Armis vs Qualys CyberSecurity Asset Management

Axonius vs Qualys CyberSecurity Asset Management

See all alternatives

Related questions

11

Why is Cyber Asset Attack Surface Management (CAASM) important for companies?