Vicarius vRx Reviews

We use vRx for third-party patching, OS patching, and vulnerability scanning.

We realized the benefits pretty quickly. One of our clients, who is in the financial sector, required a vulnerability solution. It has reduced our mean vulnerability resolution time. I wouldn't say it's reduced our vulnerability patching time, but it has enabled us to catch some things that were missed by our primary patching tool. 

We like Vicarius' vulnerability scanning and patching. The solution is also useful as a backup for our RMM. It helps to catch some things that may have been missed, but vulnerability scanning typically benefits our clients the most.

We were looking for a tool that combines vulnerability discovery and remediation. We've used vRx's patchless protection feature a few times. It doesn't come up that often, but we have had success with it when we've tried to use it. 

Some of vRx's reporting is difficult to configure. It requires multiple steps, especially if you're configuring more than one report at the same time. 

I have used Vicarius vRx for around six months.

I've never had issues with vRx's stability in the six months that I've used it. 

We only have about four clients. 

I haven't contacted Vicarius support, but some other team members have. It was related to account creation. Some users were locked out. They were responsive and helpful. 

We also use CyberCNS. Vicarius has a more user-friendly interface. It's a more premium tool, but it's also more expensive. On the other hand, CyberCNS has a more feature-rich AP compared to other solutions on the market. Vicarius vRx is more robust. 

Deploying vRx is straightforward. One instance takes about one or two hours to deploy. Onboarding takes a few hours. We had help from Vicarius during deployment. They spent 30 minutes to an hour showing us things. We were able to pick it up from there and deploy it on our own. It doesn't require any maintenance. 

I'm not involved in purchasing, but vRx isn't cheap. It's one of the more expensive tools. 

I rate Vicarius vRx nine out of 10. Even if you already have a patching product, your primary patch management tool will always miss some things. It's always good to have a second tool for validation, especially for clients that deal with heavy regulation, such as financial services or government contracting. You need to be confident they are fully patched and have reports to provide to the auditors. 

We use it to patch and update Microsoft Windows and third-party applications.

We had some legacy patching solutions that were slow and took hours to patch Windows servers. We were looking to improve the speed. That solution also did not patch third-party applications.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. It is extremely helpful. It would be a lot harder to get vulnerabilities remediated if we had to source everything ourselves. We provide access to our developers, and they can easily deploy Java and Tomcat patches without having to go to each vendor to download everything. We are very secure, especially in our external facing applications. We are a lot more secure than we were a year ago.

I have used the Vicarius vRx user community. I have not provided any of my own solutions or anything like that, but I find it helpful. If there is a new vulnerability, but I do not know how to fix it, there is usually some documentation in there, so it is very helpful.

We do monthly updates from Windows, and we have to take down our applications during the day. That is a nuisance for the business. Previously, it was hours of downtime, whereas now, it is less than an hour in a lot of cases, so we have improved there. We were out of date on a lot of third-party applications before, whereas now, we are remediating hundreds of thousands of vulnerabilities each month, so we are improving our security posture with this tool. It has been a great experience so far.

Vicarius vRx has reduced the amount of time we spend on patching. Typically, with our previous solution of ManageEngine, it took about three hours to patch Windows Server, and now, that is less than an hour. It means less downtime for the business each month when we do patches. We are able to get our users back into applications like SAP more quickly. We are able to start addressing other issues, so it has made everybody more efficient. There is about 60% time saving.

We can easily deploy patches for third-party applications. It automatically downloads the patches for you. You do not have to download them, upload them to the solution, and configure your own scripts or anything like that. It is all automatic.

The vulnerability dashboards are extremely helpful. It can help us target the highest-priority vulnerabilities. That is awesome and very helpful.

I have a server engineer who uses this very heavily. She is used to her legacy solution. She recommended some improvements to the interface. They were just minor things related to scheduling and adding some more options to schedule patches that are deployed. Their support was very open to the suggestions. They implemented her recommendation. Their support has been great to work with.

There is not much to improve. There can be more scripting capability and more filtering capability. We should be able to filter more granular details in the operating system such as whether it is a service, application, executable, or something like that. For the most part, we are satisfied with what we are able to filter. These are minor suggestions. Overall, we are pretty satisfied with the platform.

We have been using it for almost a year.

The only issue we have experienced so far is with patches from Microsoft being delayed. If they come out on Tuesday, Vicarius might not be able to deploy the patches until Wednesday. That is all we have experienced so far. Overall, it has been pretty reliable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We have about 200 endpoints and six administrators. We have servers and desktops, but primarily, we have servers.

We are all over the globe. We are primarily in the US.

I am satisfied with their support. They are very helpful.

I would rate their support a nine out of ten. I do not have any complaints. I  consider Nutanix support to be a ten.

Positive

We were using ManageEngine. It was slow, and it only patched certain things. We were only taking advantage of Windows patch functionality. There was an interface that was hosted in the cloud, so we were able to get rid of a server from our internal network, and then we were able to speed up patching a great deal—from less than three hours to one hour. It is integrated with Microsoft Azure, and it patches everything efficiently without having to create a bunch of manual updates. We went from a legacy slow solution to a cloud-based solution that prioritizes security and is very quick.

If you want something that is able to focus on security and do it quickly with minimal infrastructure, Vicarius vRx is a great tool.

It is deployed on the cloud. Its deployment was very straightforward. We had to just whitelist a few URLs in the new firewall, deploy an agent on our servers, and do SSO integration. You can have all this deployed in the day. It is very easy.

For the most part, it takes a day. The agent deployment is complex. You have to take that slow. Getting an agent into the solution takes probably less than an hour, so it is very easy.

It is pretty straightforward to learn. If you want to deploy a Windows patch, it usually takes less than 15 minutes to train somebody to do that. It is very easy.

In terms of maintenance, you can have the agent set up. Once you set up automatic updates for the agent, it is streamlined. You are basically telling it what to patch. That is it.

We had just two people involved in its deployment. It was me architecting it and then my server engineer deploying it. It did not take long at all.

I do not know if we can quantify that, but I know that we are saving hours of patching time, making our administrators more efficient, and getting our users back into the systems more quickly. I am sure we are seeing a significant return on investment.

It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced.

To a colleague who is considering Vicarius vRx but says they already have a patch management tool within another platform, I would say that I have used lots of patch management solutions such as Intune and Tenable, which used to be from SolarWinds. Vicarius vRx is by far the easiest to maintain. It does have a security focus. If you want to make sure that your Windows servers are patched with the latest version, or you want to make sure that your third-party updates are completely up to date on a monthly basis, it is possible. You are able to track that easily with the dashboards that are easy to read. Go with a solution with which you do not have to maintain any internal infrastructure. It is just set-it-and-forget-it. I would definitely recommend Vicarius vRx over a lot of other solutions if you are just looking for a patching solution.

I always do a thorough PoC. I cannot account for everybody's use case, but strictly speaking, if you are just looking for vulnerability management and quick and easy updates, definitely consider Vicarius vRx.

We have not used the Patchless Protection functionality. We understand that this capability is there, but we have not used it yet. We have not had a use case for it. We have got a pretty good patching program, so fortunately, we have been able to patch everything. We have not had the need for it.

I would rate Vicarius vRx a nine out of ten.

We primarily use Vicarius vRx for vulnerability detection and patch management. Its support services, interface, and scripting capabilities are all quite good. The network functionality and audit compliance features are valuable assets that our end customers frequently request.

Vicarius vRx is an excellent platform for consolidating vulnerability discovery, prioritization, and remediation. The vRx agent, deployed on endpoints, detects vulnerabilities at both the OS and application level. It prioritizes these vulnerabilities based on various criteria, including Vicarius's xTag system, which considers application usage and network activity. This automated prioritization, ranging from critical to low, eliminates the need for manual intervention. After installation, the agent automatically scans for vulnerabilities every 15 minutes and plans for remediation.

We automated the installation of critical OS patches and browser updates, as well as updates for essential applications used in every environment, such as Microsoft Word, Excel, and important server-level applications.

The time saved by using the automation depends on the environment and the number of endpoints we have.

The vSociety forum fosters collaboration among Vicarius members, customers, partners, and industry analysts to address vulnerabilities and emerging security needs. For example, when a recent CrowdStrike Falcon update presented an issue, the vSociety community swiftly decided on a mitigation strategy, and carriers remediated the problem within hours, benefiting all end customers.

The benefits of Vicarius were immediately apparent, with no downtime ensuring continuous performance. Patches could be deployed to computers as soon as agents were installed on the endpoints.

As a security engineer, I believe all endpoints and applications should be patched regularly, ideally weekly or monthly. Unpatched systems are inherently vulnerable to security threats. Automated tools like Vicarius can help streamline the patching process and ensure comprehensive security coverage.

Vicarius's patchless protection is a valuable feature that uses a dedicated engine to protect applications from vulnerabilities, especially when patches are unavailable. Many applications have exposed APIs, which malicious actors can exploit to bypass security measures. Vicarius's patchless protection monitors application activity for exploitation attempts and blocks them in protector monitor mode, effectively mitigating the risk of exposed APIs and other vulnerabilities.

A scripting engine allows the creation of custom scripts to mitigate threats, which is especially useful for those with in-house applications. Since these applications aren't publicly available, a repository is needed for patching, and the scripting engine facilitates this. Additionally, the engine can be used to deploy or uninstall third-party applications on endpoints.

Vicarius vRx reduces the mean time to remediate by automatically remediating vulnerabilities in critical applications such as Microsoft Edge and Office within 24 hours of detection.

Vicarius vRx significantly reduced our patching time by 50 percent by automating what was previously a manual process.

Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status. This simplifies updates for IT managers and executives.

Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process.

I have been using Vicarius vRx for almost three years.

While we have not experienced any stability problems, a recent issue with login tokens caused a two-hour system outage.

Vicarius vRx is scalable and it continues to improve in their roadmap.

We have contacted the support several times, and they have always resolved our issues within one or two phone calls. 

Positive

While I've used Qualys and ManageEngine, Vicarius vRx offers patchless protection, a key performance indicator of data security that the other two solutions lack.

Deployment is straightforward using Vicarius's one-line PowerShell script installer, which automatically installs the vRx software on edge and endpoint devices. Vicarius also supports deployment through other tools like Microsoft Intune MDM.

The deployment, on average, takes two days to complete. 

Vicarius vRx offers a competitive price point for the features it provides.

I would rate Vicarius vRx eight out of ten.

Vicarius vRx is a more robust remediation solution compared to other tools, offering excellent support, features, and performance. We have experienced no downtime with this solution.

Periodic maintenance for vRx is required on the cloud service and for agent updates.

Vicarius vRx is a user-friendly patch management solution that allows for centralized vulnerability management. Through a single portal, users can identify and automatically remediate vulnerabilities.

We mainly use Vicarius vRx for Windows patching.

We were using another product previously for third-party patching, but it did not have any reporting functionality. It did not have any dashboards to see which devices had been successfully patched and whether there was anything outstanding. It did not give us any security insights into CVEs. That is why we ended up looking at Vicarius vRx so that we could have a single pane of glass to see what patches needed to go out and what sort of vulnerabilities we had on our Windows machines.

Vicarius vRx has been really good at protecting our Windows machines and patching them, keeping them compliant. It has definitely helped us. 

Vicarius vRx also helps us stay compliant with our security certifications. We do ISO 27001 and Cyber Essentials in the UK. This product definitely helps us maintain those security certifications. Without a product like Vicarius vRx, we would not remain compliant with those.

We have attempted automation, and it seems to be working well. We have automated the patching for Windows devices for the operating systems and any sort of third-party vulnerabilities. It was very easy to set up and seems to be working well. It has saved about 40% of the time.

Vicarius vRx has a feature called Patchless Protection. We have used it a few times. It is good to have an option where if a patch is not available, it can still help remediate the security vulnerability. It is not something we had in our previous product, so it is good to see.

We could see its benefits immediately. We could see the changes it was making compared to the product we used before. We were using the product called VFA before, so as soon as we switched over to using this, we could see the difference.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. That is very important. That impressed us when we were evaluating the product. We were impressed by how it was geared towards that. The other products we looked at had patching tagged on another product, whereas this solely looked after the patching and vulnerabilities, which is good. We did not see any other products with such capability.

It would be good if there were more login options. At the moment, it sends you an email to verify your email address, and then you can log in. It would be beneficial to have other options for signing in, like MFA or maybe security keys, especially since it is a security product.

We have used Vicarius vRx for around a month.

There have been no issues; it has been absolutely fine.

It is very straightforward to scale up with more machines, so there are no problems there.

I have not contacted their support. We only received help from someone at Vicarious during the initial implementation.

Positive

We were using a product called VSA before. We switched because it did not have good reporting on vulnerabilities. When you set up the patching, it would try to update the apps, but you would not be able to tell in a single pane of glass what was successful and what was outstanding. It did not look into security vulnerabilities.

The customer support and account management were also not very good. That played a big part in it as well.

It was not as easy as it could have been, but it was fairly straightforward.

The initial deployment took about a week. We received help from someone at Vicarious during a call, but most of the deployment was done in-house.

It does not require any maintenance on our end.

Only one person was required for the deployment.

By using Vicarius vRx, the meantime to remediate vulnerabilities has gone down by about 60% to 70% as compared to VSA. 

In terms of reducing the time spent on patching, it is a little bit difficult at the beginning because you are initially setting the product up. It has probably saved about 50% of the time.

I think the pricing is very good. The pricing was very reasonable and fair compared to other products.

I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT.

We did have a look at a few other products. One of the things I liked about Vicarius vRx is that it had quite a wide support for updating different products. Quite a few products we looked at for patching did not update many third-party applications. They were more geared towards patching Windows, which we did not need, whereas vRx seemed to be able to pretty much handle any application we had in our fleet. That was what drew us into Vicarius vRx.

We looked at NinjaOne mainly. Earlier on, we did look at a few other products, but they got dismissed due to not having much support for third-party patching.

Vicarius vRx is definitely more robust than others as a remediation solution.

I would advise testing it out because it is dedicated to patching rather than being an add-on product to an existing tool, which is what happens with most of the competition. For instance, when we were using VSA, we had to pay for VSA, and then we had to pay for an add-on to do third-party patching. We did not need or use a lot of the functionality of VSA that we were paying for, whereas Vicarius vRx is more of a focused product to do patching, so you are getting the full use of the product.

To new users, I would advise ensuring that your deployment methods are working and then testing with a small user group to make sure there is a smooth transition.

Overall, I would rate Vicarius vRx an eight out of ten.

We use Vicarius vRx to manage vulnerabilities and patch more than 300 assets in total. 

We use Vicarius vRx daily. It is great. Without it, we could never manage these many assets at once.

We have automated vulnerability management, patching updates, software updates, systems reboots, or other smaller tasks like network scans. With its automation, we save two to four hours daily.

The scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities.

We were able to realize its benefits immediately. The first benefit that I noticed was how easy it was to deploy. Right after deployment, it made an inventory of my assets, applications, and OS, and it was very easy to look at my attack surface from another perspective. After that, there was also all the patching and management.

Vicarius vRx is protecting my environment. In the report, I can see the vulnerability score and vulnerability number. Since using Vicarius vRx, there has been a reduction in issues.

I use Patchless Protection on almost every client because some applications cannot be patched automatically or are homemade. With Patchless Protection, it is easy for me to keep clients protected.

Its scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities, but we use another product for this. The script that I am using is very powerful. We use it for Nmap scanning and mitigation.

Vicarius vRx has reduced the mean time to remediate vulnerabilities. I do not have to look at other websites for new patches. I have everything in one dashboard. It is very easy. It saves two to four hours daily in vulnerability checks and remediation.

We hardly spend any time on patching. With automation and scripting, I never have to think about it.

The ability to consolidate vulnerability discovery, prioritization, and remediation in one platform is crucial. 

I find the user community very useful. We can find a lot of tips and tricks on how to manage vulnerabilities and how to patch vulnerabilities that are not patchable.

Based on the request from our clients, it would be great to have an MDM solution. If they can manage vulnerabilities on mobile devices too, that would be great. Having scripting capabilities on mobile devices would be very useful. That was the request we had from lots of clients.

I have been using Vicarius vRx for more or less one year.

I have never experienced any lagging or crashing. There was a minor issue related to the automatic rebooting of the system, but it was resolved quickly with the help of technical support.

Vicarius vRx scales very well. It is very easy to deploy, and you can manage multiple customers from the same dashboard, making it very scalable.

They are great. I have contacted technical support during the testing stages in the EU environment, and they have always been available and kind. I would rate their support a ten out of ten.

Positive

We did use other solutions, but I personally did not use any.

It is deployed on the cloud. Now that they have a data center in Europe, it is easier for our clients because of the GDPR compliance. The console is just on the cloud.

Its initial setup was easy. We made a script with our RMM solution. Within seconds, we deployed more than 200 agents.

It takes about 20 minutes to fully deploy vRx for one client.

It does not require any maintenance from our end. You have to set up automation scripts, but once you have done that carefully and properly, you do not have to look at it much. I check it maybe once a month to see if everything is running correctly and whether the remediation is being applied. Anything can go wrong, but I have not seen any problem, so no maintenance is required.

It is more of a one-person job. While you can define multiple groups and assign different clients to different managers, we handle it with one person.

The pricing is great because we are a reseller of the product. It is really up to us and Vicarius, and they are very easy to work with.

I have seen a lot of other platforms for vulnerability management, but they do not do prioritization as Vicarius vRx does. It is very easy to know which application and which process you have to manage or patch first. With other solutions, you cannot do that or you cannot do that so easily.

I would advise trying the platform as it is very efficient in vulnerability management and prioritization.

I would rate Vicarius vRx a ten out of ten.