Vicarius vRx Reviews

We're an MSP managing about 300 companies. I am responsible for seven of those. We're primarily using Vicariuse to protect against vulnerabilities and malware. 

One of Vicarius' biggest benefits is patchless protection, which enables us to address vulnerabilities in applications that do not have a patch yet. This has reduced our remediation time. To start with, it's easy to deploy the agents to the endpoints. Once they're deployed, you can patch whichever application you want with one click. You can also automate updates and patching with scripts. We can complete all these tasks in a quarter of the time. 

In the past, we spent maybe 25 percent of our time patching because we had to write the automation scripts, push them out after hours, and ensure the patch was applied correctly. With Vicarius, I've never seen a patch that failed or had to be rolled back. We're saving quite a bit of time.

Our clients using vRx haven't had any issues, and they've easily established patching for all their endpoints. If there aren't any problems, I assume it's doing its job and protecting the endpoints. 

My favorite feature is patchless protection. It's the primary reason we decided to use Vicarius. It can block malware for applications that don't have current patches. We were less interested in having a solution that could do multiple features simultaneously because we already have existing solutions for vulnerability scanning. We were looking for something that could patch a wide variety of applications easily. 

I also like how easy it is to use. We instructed some companies on how to use it, provided them with an account, and gave them the ability to deploy and patch. They could quickly figure it out. We can spend an hour in the office showing someone how everything works, and they're good to go. It's the same with our customers. 

One difficult thing is all the name changes. I sometimes get confused about what the product is called. It's called connect in some places and vRx in others. When you log into the website, it says it's in beta, which confuses me because it seems like a full-fledged product.  

Another complaint we've gotten is that the portal doesn't remember your username and password. You tell them your email, and it sends an invitation. You need to click that, and it takes you to a new portal, where you can finally log in. Maybe it's a security precaution, but it seems like a lot of extra steps to log in.

I have used Vicarius for seven months.

I rate Vicarius vRx eight out of 10. We haven't experienced any crashes or lagging. Initially, I was concerned about how deploying five or six patchless protections to an endpoint would affect resource usage. However, I tested it with 30, and it didn't seem to degrade the quality or use a ton of resources. I don't think I've reached the limit.

I give Vicarius vRx a 10 out of 10 for scalability. It's infinitely scalable. When we add a new company, we can deploy to their endpoints without any problems. Deploying to multiple tenants is effortless. 

I rate Vicarius support eight out of 10. I've only contacted them once with a question. They were very responsive. They got back to me in an hour or two. I can't remember the issue, but they resolved it quickly. 

Positive

Vicarius vRx is very easy to deploy. We did it all in-house because it's simple. I deployed it alone. After playing with it for around an hour, I could start deploying it to endpoints. You don't need a consultant or anything. They have it for Linux, too. If I recall correctly, the Linux deployment was a little trickier. The Windows-based deployment was much simpler. After deployment, it doesn't require much maintenance. 

We're an MSP, so we're always looking for new products to sell to our clients at a markup to make a profit. You can explain the product's benefits in three or four minutes, and we don't need to push the clients very hard. We already have seven or eight customers who use it, including one of our larger clients. 

We saw the benefits almost immediately because it's bringing us monthly profits, and it's an easy sell. It's almost like some of them just wanted to sign up on their own without any push from the sales department.

The price of vRx seems fair. None of our clients complained about the pricing. They all thought it was reasonable. Once people understood what it does, it didn't take much to get them to sign up.

We didn't consider anything else. We already have multiple layers of security and several patching tools that are giving alerts and updating with malware signatures. We never compared vRx with a short list of other products. It had features that we didn't already have, so we signed up for it.

I rate Vicarius vRx seven out of 10. It's a relatively new product, so I could increase my rating as they add more features. If you already have a vulnerability patching tool, I recommend using both to see if you like it more. I haven't seen another product with patchless protection.

If you are considering vRX, I suggest talking with the Vicarius team. The vRx team doesn't seem very large, but I think that's normal because the product is pretty new. Talk with someone there and do a trial or schedule an hour-long meeting. That should be enough time, so you don't have to click around on your own and figure it out. Have one of the vRx employees walk you through setting up a deployment and adding a tenant. It'll save you time in the end.

We use vRx to do the patch management, vulnerability assessment, and remediation.

Vicarius vRx helps consolidate multiple tools for patching and remediation. It's critical that Vicarius combines vulnerability discovery, prioritization, and remediation in a single platform. We selected it for that reason. It protects us well. We use other tools, but we always go back to Vicarius to ensure everything's in line.

It reduces the time needed to detect and remediate threats by about an hour. I would estimate it saves us about 20 hours each month that we can allocate to something else. 

I like that vRx is cloud-based. It protects the health of applications against zero-day threats. We tried patchless protection, but I don't think we've ever tested it. I don't know if it's ever been triggered, but I believe we'll see a value from it the day it's triggered.

I don't like logging in. The portal could be a better process. You could use some third-party push notification rather than sending an email, waiting for the link to generate, and clicking on it. That would be good. It's somewhat frustrating when I need to log in.

I have used vRx for one year.

Vicarius vRx is pretty stable.

Vicarius vRx's scalability is fine.

We used Acronis and Qualys before switching to Vicarius vRx. Vicarius' dashboard is much better and it's easier to use.

Deploying Vicarius vRx is easy and takes about 10 minutes. One person is enough to deploy it.

Vicarius vRx is slightly expensive. It could be a little lighter on the wallet.

I rate Vicarius vRx 10 out of 10. I recommend vRx because there's a lot of automation you could do. There are many opportunities from a special automation perspective to define and execute your playbooks. If you have third-party tools and controls, you should ensure that you have them ready in advance to push out the application. 

As a managed service provider, we offer a compliance package that includes Vicarius vRx. This comprehensive solution addresses PCI and HIPAA requirements, fulfills cybersecurity insurance needs, and tackles node vulnerabilities through scanning and patching. By bundling Vicarius vRx with other tools, we answer the compliance questions.

Vicarius vRx stood out because it combines vulnerability discovery, prioritization, and remediation into one platform. Unlike other scan-only options, vRx automates much of the work, which is crucial for our small two-person company that wouldn't have the resources to manually address everything a traditional scan uncovers.

While Vicarius vRx hasn't directly prevented security incidents for our well-maintained environment, it allows us to confidently answer "yes" to client security questionnaires regarding vulnerability monitoring and remediation, a valuable asset for companies needing to comply with regulations like PCI and HIPAA.

Vicarius vRx significantly improved our mean time to remediate vulnerabilities. Automation handles most tasks, freeing me up to focus on the bigger picture. While some manual review remains necessary, vRx allows me to patch applications like Adobe across all clients and organizations at once, instead of individually selecting computers or companies.

Vicarius vRx's value lies in preventative security. Like a securely locked house, it might seem uneventful because there are no break-in attempts, but that doesn't negate its effectiveness. Just as leaving your door open invites trouble, unaddressed vulnerabilities do the same. While there's no guarantee a cyberattack wouldn't happen anyway, just like with strong passwords and two-factor authentication, vRx minimizes the risk to ensure our clients' environments are as secure as possible without hindering their work.

While our clients might not be aware of it, Vicarius vRx's patchless protection offers a significant advantage. Even without a patch from a software vendor like Adobe, vRx can still safeguard our clients. This sets it apart from competitors who rely solely on scanning and manual fixes or use multiple tools. Patchless protection is a powerful selling point, allowing us to ensure our clients' security even when traditional solutions fall short.

Vicarius vRx complements my existing patching tools by potentially saving me an additional five percent of the time on patching tasks. While other tools have already reduced my workload, vRx can address any remaining gaps, making a significant difference in the long run.

While other vulnerability scanners overwhelm us with a huge list of problems after a scan, Vicarius vRx goes beyond that. It automates patching where possible, but even more impressively, it can lock down unpatched software like a zero-day vulnerability in Adobe until a fix is available. This extra layer of protection is what truly sets vRx apart.

While I appreciate the automation of vulnerability management, Vicarius vRx's current manual patchless application is a point for improvement. Ideally, the software would autonomously implement patchless solutions while monitoring its resource usage to prevent negatively impacting the user's computer.

I have been using Vicarius vRx for two months.

Vicarius vRx has been stable overall. While I initially encountered an issue where version five wouldn't deploy, deploying version four successfully auto-upgraded to version five, making the initial problem a minor inconvenience. I expect this to be resolved by now, as it was a few months ago.

Scaling is easy because I have a price point per agent making it simple to scale up or down.

Vicarius vRx's main competitor is Tenable Nessus, which traditionally focused solely on vulnerability scanning and required separate tools for remediation. While Nessus might have added remediation features since I used it five years ago, its strength lies in broader platform scanning both network devices and endpoints. In contrast, vRx currently relies on installing agents on endpoints for vulnerability detection.

Vicarius vRx seems like a strong option, but Tenable's experience in the vulnerability management space suggests they might be the leader. However, Tenable's remediation capabilities are unclear to me.

I used an RMM tool to push out vRx to all my endpoints.

While I spent time on introductions and video tutorials, learning Vicarius vRx itself only took a day or two with some help from their team. I completed the deployment process in one day.

After an initial call with Vicarius' technical team to learn the ropes and integrate vRx with my RMM tool, I was able to deploy it for my first client collaboratively. Now, onboarding new clients is a breeze - it only takes about 15-20 minutes to get them set up with vRx.

Vicarius vRx's per-asset pricing makes it easy for me to market to clients as it scales with their needs. Tenable, on the other hand, uses a subscription model that can be cost-effective for larger MSPs with many clients, but for smaller providers with a limited client base, the upfront cost of a Nessus subscription might be prohibitive.

I would rate Vicarius vRx nine out of ten.

Our maintenance routine focuses on reviewing unpatched issues, identifying critical problems or fixes, and then manually applying those patches. We already have automated solutions in place to handle certain tasks.

I would ask a colleague who's considering vRx but already has a patch management solution, what their remediation process is. And if they have a manual process that requires several tools, I would tell them that this could replace three or four tools into one.

New users deploying software should ensure they have an RMM tool for a streamlined process. If not, they need a method for quick and easy mass deployment to all their endpoints. This emphasizes speed and ease of distribution as the key concern.

We primarily use Vicarius vRx for vulnerability detection and patch management. Its support services, interface, and scripting capabilities are all quite good. The network functionality and audit compliance features are valuable assets that our end customers frequently request.

Vicarius vRx is an excellent platform for consolidating vulnerability discovery, prioritization, and remediation. The vRx agent, deployed on endpoints, detects vulnerabilities at both the OS and application level. It prioritizes these vulnerabilities based on various criteria, including Vicarius's xTag system, which considers application usage and network activity. This automated prioritization, ranging from critical to low, eliminates the need for manual intervention. After installation, the agent automatically scans for vulnerabilities every 15 minutes and plans for remediation.

We automated the installation of critical OS patches and browser updates, as well as updates for essential applications used in every environment, such as Microsoft Word, Excel, and important server-level applications.

The time saved by using the automation depends on the environment and the number of endpoints we have.

The vSociety forum fosters collaboration among Vicarius members, customers, partners, and industry analysts to address vulnerabilities and emerging security needs. For example, when a recent CrowdStrike Falcon update presented an issue, the vSociety community swiftly decided on a mitigation strategy, and carriers remediated the problem within hours, benefiting all end customers.

The benefits of Vicarius were immediately apparent, with no downtime ensuring continuous performance. Patches could be deployed to computers as soon as agents were installed on the endpoints.

As a security engineer, I believe all endpoints and applications should be patched regularly, ideally weekly or monthly. Unpatched systems are inherently vulnerable to security threats. Automated tools like Vicarius can help streamline the patching process and ensure comprehensive security coverage.

Vicarius's patchless protection is a valuable feature that uses a dedicated engine to protect applications from vulnerabilities, especially when patches are unavailable. Many applications have exposed APIs, which malicious actors can exploit to bypass security measures. Vicarius's patchless protection monitors application activity for exploitation attempts and blocks them in protector monitor mode, effectively mitigating the risk of exposed APIs and other vulnerabilities.

A scripting engine allows the creation of custom scripts to mitigate threats, which is especially useful for those with in-house applications. Since these applications aren't publicly available, a repository is needed for patching, and the scripting engine facilitates this. Additionally, the engine can be used to deploy or uninstall third-party applications on endpoints.

Vicarius vRx reduces the mean time to remediate by automatically remediating vulnerabilities in critical applications such as Microsoft Edge and Office within 24 hours of detection.

Vicarius vRx significantly reduced our patching time by 50 percent by automating what was previously a manual process.

Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status. This simplifies updates for IT managers and executives.

Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process.

I have been using Vicarius vRx for almost three years.

While we have not experienced any stability problems, a recent issue with login tokens caused a two-hour system outage.

Vicarius vRx is scalable and it continues to improve in their roadmap.

We have contacted the support several times, and they have always resolved our issues within one or two phone calls. 

Positive

While I've used Qualys and ManageEngine, Vicarius vRx offers patchless protection, a key performance indicator of data security that the other two solutions lack.

Deployment is straightforward using Vicarius's one-line PowerShell script installer, which automatically installs the vRx software on edge and endpoint devices. Vicarius also supports deployment through other tools like Microsoft Intune MDM.

The deployment, on average, takes two days to complete. 

Vicarius vRx offers a competitive price point for the features it provides.

I would rate Vicarius vRx eight out of ten.

Vicarius vRx is a more robust remediation solution compared to other tools, offering excellent support, features, and performance. We have experienced no downtime with this solution.

Periodic maintenance for vRx is required on the cloud service and for agent updates.

Vicarius vRx is a user-friendly patch management solution that allows for centralized vulnerability management. Through a single portal, users can identify and automatically remediate vulnerabilities.

We use Vicarius vRx as a vulnerability detection or overall vulnerability management system. Their agents discover and report vulnerabilities on Windows endpoints, and their solution assists in patching endpoints.

Our previous solution was doing well with vulnerability detection and reporting. However, we wanted to try an agent-based patching system. That particular product would have doubled the cost. My supervisor discovered Vicarius, and he wanted to try a POC. So, the primary reason was that we wanted to include the ability to patch endpoints based on vulnerability discovery.

Vicarius is valuable because it combines vulnerability discovery, prioritization, and remediation into a single platform. Traditionally, these functions are separated and often managed by different teams, such as security teams handling discovery and infrastructure teams responsible for patching. This division requires significant coordination and communication regarding vulnerabilities, necessary patches, and prioritization. Vicarius streamlines this process by directly linking identified vulnerabilities to required patches, enhancing efficiency.

We have automated some of the patching using vRx's ability to perform that function. My infrastructure team handles the patching side, and we have shared access to the platform. I know that at least ten different tasks are automated, but I'm unsure if they've progressed even more. The gathering of patches that have been released, staged, and ready to go has been automated. So, all patches are already available, and we have some pre-done schedules that will automatically launch and start patching at predetermined times without further intervention.

The automation process has saved at least 30 percent of our manual tasks.

It takes two to three months to get a good overall vulnerability picture. The deployment takes a little while and some time to get used to the reporting. However, we saw decent data within two months and started asking questions about reporting and numbers. After three months, the overall dataset was good. Even now, we're still working on reporting, asking questions of Vicarius and trying to tweak some of the different reporting features.

Vicarius has helped us reduce our mean time to remediate vulnerabilities. Because we can examine endpoints, the best use case I can think of as an example for shortening remediation time is when we start spot-checking and looking at the dashboard for endpoints that, for some reason, have a high count of vulnerabilities or a much higher count of more severe vulnerabilities, we can immediately go into patching from that console and start pushing things out. So it helps us to immediately take care of delinquent workstations, for example, those that have not been connected or a person just keeps leaving their workstation off during prescribed patching periods. Overall, I would say remediation time is 25 to 30 percent shorter. The biggest impact is on case-by-case patching. We follow a regular patching cadence. We're a Microsoft shop, so the largest number of patches we have to apply, like most others, is on Patch Tuesdays when Microsoft releases stuff. Since that's on a regular cadence, I wouldn't say that Vicarius has greatly affected that. But there's a great improvement when we perform cleanup work and try to catch all the outliers and delinquent machines.

Agent-based scanning is the most valuable feature. Previously reliant on network scanning, we faced limitations when devices were offline or remote, such as laptops. This inconsistency in scan results is resolved through agent-based scanning, which provides more consistent data collection as long as the device has internet access. Additionally, integrated patching is highly desirable. While we have other software deployment and patching systems, their reliance on network connections creates similar inconsistencies in reaching all endpoints at scheduled times. Agent-based patching significantly improves this process.

Vicarius is an agent-based platform focusing on Windows, Linux, and Mac endpoints. While we know they're developing traditional network scanning capabilities and plan to demonstrate them soon, this feature is currently missing. Unlike previous vulnerability management systems that relied on network scanning appliances to discover and assess endpoints, Vicarius' agent-based approach is less effective for devices like switches, routers, and printers where agent installation is impractical. Although they suggest using Nmap as a workaround, we find it insufficient. We eagerly await the implementation of network scanning to manage vulnerabilities across our entire infrastructure comprehensively.

I have been using Vicarius vRx for almost seven months.

We began using vRx around mid-January as a proof of concept and have since progressed to full production implementation. I'm uncertain if we are officially considered a 100 percent customer, as my supervisor and his manager have been negotiating the contract with Vicarius. There's some ambiguity about whether all our data remains on US soil or if it's stored in other countries, so the contract finalization is still pending. Nevertheless, we are currently utilizing vRx in our production processes.

We have not experienced any issues with the agents on the endpoints. The portal has been very reliable. It has not gone down, and we have not known of any instance where we couldn't get in to see and view our data. So, we have not experienced any noteworthy issues at all at this point.

Our shop currently supports approximately 800 endpoints, and the system handles this load without issue. Given the system's cloud-based architecture and demonstrated ability to scale quickly, I anticipate that increasing resources on the cloud side would easily accommodate a more extensive deployment if necessary.

At this time, I rely more on opening tickets, and they do have online chat support. Their answers have been good, and the responses have been very quick. I find the support staff helpful, especially when I ask for a call so we can work together on the system. The response has always been excellent and efficient.

Positive

We previously used QualysGuard Express. We switched to Vicarius because we saw the opportunity to go with a product that had a similar pricing range, but at the same time, it included the patching ability.

Deployment was very easy. We did not encounter any issues with installing agents on endpoints.

For us, deployment was a collaborative effort, particularly in vulnerability identification, research, and patching. While we've divided these tasks into two teams, it's feasible that a single individual could handle vulnerability analysis, research, and reporting. However, given our additional responsibilities, a two-person team currently offers greater efficiency. Ultimately, the feasibility of a one-person approach post-deployment depends on the organization's size and complexity.

We initially started with a small test group of about twenty workstations to gather preliminary information. This was essentially a proof of concept or evaluation phase. Once the decision was made to proceed, we successfully deployed agents to all endpoints within a month. In total, the evaluation and full deployment process took one to two months.

We implemented Vicarius with the guidance of vRx, but it was not complex.

Vicarius' pricing was reasonable compared to the other systems we evaluated.

Before selecting Vicarius, we evaluated two other solutions, including Rapid7.

I would rate Vicarius vRx eight out of ten. We need Vicarius to implement the network scanning site.

Vicarius is still a relatively new system, so its content will likely improve. While I find user communities less helpful than technical support knowledge bases when working with any product or system, Vicarius has been okay. However, I rely more on their technical support for my needed information.

We have not yet implemented the patchless protection feature, as other systems also offer it. We are exercising caution and selectively choosing which vulnerabilities warrant this resource-intensive solution. Our decision will depend on the severity of the vulnerability and the priority of addressing it without a traditional patch. Until then, we have not actively engaged with patchless protection.

I can't say that Vicarius saved us a lot of time on patching. Our previous patch deployment system was also very good at getting patches ready and having everything set to go. The biggest difference between the two is that one is agent-based, and the other is not. So, we're not as dependent on a patching window anymore.

I've never used integrated patching since, in our eyes, it was not affordable. I don't know how good the other patching solutions are. I do like Vicarius' reporting better. The dashboard right out of the package is a little more understandable. Strangely, that dashboard information is not always very helpful in every vulnerability system I've worked with. Vicarius has been a bit more clear, and maybe it's just because I like to see certain kinds of numbers. Vicarius offers additional reporting solutions to enhance what it provides through its portal. They provide a Linux-based reporting server that we can put on prem that ingests all the vulnerability information from our portal and helps provide additional reporting. From that, I can export Excel sheets, which makes certain tasks easier, such as analyzing numbers and getting detailed information.

The system itself has not required much maintenance. It automatically updates agents, so there's not much to do to maintain it. It's more about managing the reporting and patching processes.

Given the pricing, the cost of acquiring both vulnerability management and patching capabilities would be comparable to purchasing vulnerability management alone for many equivalent systems. However, the added benefit of simultaneous patching is significant. While it doesn't need to be a primary patching tool, having a secondary option is valuable. To accurately compare options, I would inquire about the nature of the customer's current software deployment and patching system: is it agent-based or network-based? Similarly, if the system is not agent-based, it is still effective. Adding agent-based patching would enhance their ability to address outdated systems promptly. Considering Vicarius's pricing, it's a worthwhile investment regardless of existing patch management solutions. The integration with vulnerability discovery is highly beneficial, supplementing any existing patching capabilities.

We mainly use Vicarius vRx for Windows patching.

We were using another product previously for third-party patching, but it did not have any reporting functionality. It did not have any dashboards to see which devices had been successfully patched and whether there was anything outstanding. It did not give us any security insights into CVEs. That is why we ended up looking at Vicarius vRx so that we could have a single pane of glass to see what patches needed to go out and what sort of vulnerabilities we had on our Windows machines.

Vicarius vRx has been really good at protecting our Windows machines and patching them, keeping them compliant. It has definitely helped us. 

Vicarius vRx also helps us stay compliant with our security certifications. We do ISO 27001 and Cyber Essentials in the UK. This product definitely helps us maintain those security certifications. Without a product like Vicarius vRx, we would not remain compliant with those.

We have attempted automation, and it seems to be working well. We have automated the patching for Windows devices for the operating systems and any sort of third-party vulnerabilities. It was very easy to set up and seems to be working well. It has saved about 40% of the time.

Vicarius vRx has a feature called Patchless Protection. We have used it a few times. It is good to have an option where if a patch is not available, it can still help remediate the security vulnerability. It is not something we had in our previous product, so it is good to see.

We could see its benefits immediately. We could see the changes it was making compared to the product we used before. We were using the product called VFA before, so as soon as we switched over to using this, we could see the difference.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. That is very important. That impressed us when we were evaluating the product. We were impressed by how it was geared towards that. The other products we looked at had patching tagged on another product, whereas this solely looked after the patching and vulnerabilities, which is good. We did not see any other products with such capability.

It would be good if there were more login options. At the moment, it sends you an email to verify your email address, and then you can log in. It would be beneficial to have other options for signing in, like MFA or maybe security keys, especially since it is a security product.

We have used Vicarius vRx for around a month.

There have been no issues; it has been absolutely fine.

It is very straightforward to scale up with more machines, so there are no problems there.

I have not contacted their support. We only received help from someone at Vicarious during the initial implementation.

Positive

We were using a product called VSA before. We switched because it did not have good reporting on vulnerabilities. When you set up the patching, it would try to update the apps, but you would not be able to tell in a single pane of glass what was successful and what was outstanding. It did not look into security vulnerabilities.

The customer support and account management were also not very good. That played a big part in it as well.

It was not as easy as it could have been, but it was fairly straightforward.

The initial deployment took about a week. We received help from someone at Vicarious during a call, but most of the deployment was done in-house.

It does not require any maintenance on our end.

Only one person was required for the deployment.

By using Vicarius vRx, the meantime to remediate vulnerabilities has gone down by about 60% to 70% as compared to VSA. 

In terms of reducing the time spent on patching, it is a little bit difficult at the beginning because you are initially setting the product up. It has probably saved about 50% of the time.

I think the pricing is very good. The pricing was very reasonable and fair compared to other products.

I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT.

We did have a look at a few other products. One of the things I liked about Vicarius vRx is that it had quite a wide support for updating different products. Quite a few products we looked at for patching did not update many third-party applications. They were more geared towards patching Windows, which we did not need, whereas vRx seemed to be able to pretty much handle any application we had in our fleet. That was what drew us into Vicarius vRx.

We looked at NinjaOne mainly. Earlier on, we did look at a few other products, but they got dismissed due to not having much support for third-party patching.

Vicarius vRx is definitely more robust than others as a remediation solution.

I would advise testing it out because it is dedicated to patching rather than being an add-on product to an existing tool, which is what happens with most of the competition. For instance, when we were using VSA, we had to pay for VSA, and then we had to pay for an add-on to do third-party patching. We did not need or use a lot of the functionality of VSA that we were paying for, whereas Vicarius vRx is more of a focused product to do patching, so you are getting the full use of the product.

To new users, I would advise ensuring that your deployment methods are working and then testing with a small user group to make sure there is a smooth transition.

Overall, I would rate Vicarius vRx an eight out of ten.

The primary use case is mainly for updating servers and client PCs. These are the main devices we update or patch with the software. 

The reason we went forward with this software is due to the fact that we needed a solution to patch servers, and it wasn't being done on a regular schedule.

We were using Microsoft Endpoint Manager to configure the update range for our devices across the organization. However, it wasn't getting all of the patches to the software we deployed regularly. We implemented this to supplement the updates alongside patch management. We didn't have a robust patch management solution which made the process of updating and installing cumbersome. Vicarius expedited the process for us.

We did not have any visibility before over the vulnerabilities that were within our network, other than what independent research provided. We'd have to read news and blogs. Now we have a simplified dashboard that highlights those vulnerabilities, including zero-days and the risk level of each vulnerability.

The dashboard has been really great. We can now see trends. We can see the vulnerabilities that are being detected and mitigated. 

It's helped us with challenges in an educational organization. It's made a big impact. It's improved the level of flexibility we have to deploy patches. We do get a lot more granularity and can see what kind of patches we want to deploy, the timeframe, and the groupings and various options we have for deployment. If we had devices that only need a certain patch due to specific software and other schools don't, we can isolate out groups and deploy patches to specific groups.

The solution consolidates vulnerability discovery, prioritization, and remediation all in one single platform. It eliminates the need for other services and simplifies management while expediting and streamlining vulnerabilities and patch management.

We've been able to reduce mean time to remediate vulnerabilities. We're on a good schedule for implementing updates and patches based on the level of severity. However, we can deploy patches on the fly if the need is severe and critical. This is the first time we've implemented patch management in this organization, so I can't speak to how much time has been saved. That said, prior to implementation, all patches were remotely handled by Windows updates. The reduction in mean time has positively affected operations as it's made it easier on our side. IT no longer has to manually research and do analysis. That part is almost non-existent. In the past, there was a lot of research into updates and trends. Vicarius does all the hard work for us. We get real-time, accurate information on the latest cybersecurity trends in order to respond accordingly. They have a robust library of scripts that we can deploy as opposed to not just knowing there is a vulnerability but having to create a script.

We've been able to reduce the amount of time spent on patching. We used to do it manually. If it wasn't possible to do it through a Windows update or if the Intune process did not get the patch applied, we would have to try and get all devices across all organizations to the latest versions and make sure the software was also patched. It's saved us an incredible amount of time. We no longer have to touch those systems. We can just rely on the automated system and the schedules we've set. It's a huge time saver. It's saved us hundreds of hours. 

Patchless Protection helps protect us from vulnerabilities that may not yet have patches from the manufacturer. I've used it for a piece of software that we don't have a patch for. It monitors that software, analyzes it, and makes sure nothing nefarious is going on when it's vulnerable. 

The scripting engine enables us to create custom scripts. I haven't written any scripts; however, I have used it to push out an upgrade, for example. They have a ton of scripts provided by the community. Since I started with the solution, the growth of the library has been extensive. I've been excited with what I've seen and I know I'll be able to use it in the future.

They have a great forum. I haven't used it and haven't felt like I needed to, although I have used their FAQ and documentation, and that's been really helpful. 

It's great for keeping our environment protected. It does an extremely good job of patching everything we need it to.

While it's not under their control, I would like to see more ways to get some apps with vulnerabilities patched. They do a good job of giving us a good inventory of what we really need to keep an eye on. However, if they can work with the vendors a bit more to find some solutions to open vulnerabilities, it would be ideal.

I've given Vicarius some feedback in regards to granular naming or groupings of devices. We have so many sites that I've asked if it's possible to make changes. For the most part, they've been helpful in addressing this. They've been really trying to take any feedback to their engineers and they do try to implement our requests. 

We deploy our applications via Microsoft Endpoint Manager to our devices. However, when Vicarius rolls out a patch, and we roll it out via Microsoft, the version changes on that application. Endpoint Manager will determine if the app is no longer installed and try to update the app. It needs to not trigger Microsoft so that Microsoft no longer thinks the app is installed. However, the workaround is that we can install it from their platform console instead of Microsoft, and that seems to fix the issue. 

They do have a search function for device names. They already have a list of all our devices, however, if I'm looking for something, sometimes the name does not come up at the top of the list. I have to search. And when you have thousands of devices, that process can become quite tedious. I've given this feedback and they've mentioned that's an issue they want to fix.

I've used the solution for about a year.

Technical support and VicariousRx (vRx) has been great. They are professional and responsive. We've met with them frequently - once or twice a month - to go through questions we have or them getting feedback after an implementation. Even their chat system has been helpful. I've used it to ask questions, and I've gotten a response within a few minutes. The communication is great.

Positive

Compared to other solutions, it's more robust as a remediation solution. Not only dos it handle patch management, but we can deploy applications from Vicarius instead of Microsoft or any other MDM. We can leverage their inventory management as well. 

Their scripts have helped us. We needed to upgrade Windows 10 to Windows 11, and they had a great script that was community-driven. We were able to leverage that to upgrade a lot of our computers remotely. We could send the script and have it run in the background and it's saved us a lot of time. 

I ran into one issue when I was deploying their software to our servers. However, it turned out to be a configuration change that had to be done on our end. That's the only issue. We've had no issues deploying. 

It did take a while to deploy more due to my schedule. That said, it shouldn't take too long. If they had a more automated setup system, it would be ideal. Some I have to deploy manually.

We're a customer and end-user. 

As a unified vulnerability remediation platform, I'd suggest that clients who already have a patch management tool consider Vicarius. There are many great products on the market. However, from personal experience, if someone is looking for something better, I'd recommend Vicarius. Their team is very helpful. We've dealt with vendors where product managers don't have control. Vicarius has a team that is extremely helpful, accommodating, responsive, and knowledgeable. They made the whole setup process easy, and if we need help, they are ready to assist. When you can't find someone who is able to give you the support you need, it's frustrating. Vicarius is 100% ready to provide solutions when they see a problem, and they are great at letting us know about the roadmap of features. They're on top of making our systems better. 

We noted the benefits of Vicarius pretty immediately - within a month or so. That's when I first started deploying it to a large amount of devices. I was able to see the progress of the updates I was pushing and the remediations. The benefits were pretty apparent right away.

I'd rate the solution nine out of ten. They are a young company, and I see a lot of good things on the horizon. Their team is growing, and they will be implementing a lot of stuff. They are going to have a well-polished product very soon. 

We wanted Vicarius vRx to have an automated way of keeping our systems up to date and to do tests and deploy new software updates, especially related to third-party software. Non-Microsoft-type updates because we had an issue installing updates that were not patched by our normal patch cycle. So, we wanted a solution that could address that issue. 

We found that for servers, it was a little difficult to use, not because of the solution's shortcomings, but because of Microsoft's shortcomings, so when Microsoft deploys patches that have issues, We end up in a situation where we auto patch, and then we have to back out these patches because Microsoft patches have bugs in them. So, we have decided to use the solution only to patch our end-user systems, laptops, and desktops.

It is critical for us that vRx consolidates vulnerability discovery, prioritization, and remediation all in one platform because we don't have a large staff complement. We have a couple of people, so we love that this tool can automate everything.

Vicarius vRx helps protect our environment, which has greatly improved our operations. One of our challenges was the high number of software vulnerabilities we couldn't keep on top of. With vRx, we don't need to do vulnerability scans because we can see our vulnerability status at any time, which has been helpful.

Vicarius vRx helped us reduce the time needed to remediate vulnerabilities from our endpoints. In the past, we patched endpoints sometimes once every three months. Now, we can patch in real time, especially because we have deployed it to the end user systems. We used to patch once every three months, and now, with vRx, when a patch is available, we patch within the week.

Vicarius vRx's ability to patch third-party software is particularly valuable for us. Frequent updates for applications like Adobe and others highlight the limitations of Microsoft's patching solutions for non-Microsoft software.

I would like to see a way to build a virtual environment where we can test patches in real-time before we deploy. In other words, if vRx had a cloud environment that mimicked a section of our environment, we could test there, ensure everything is fine, and then push the button to deploy automatically. I know that's a big ask, but that would be great.

I have been using Vicarius vRx for almost one year.

We have not experienced any stability issues. Vicarius vRx is lightweight and doesn't require a lot of resources.

We have a footprint of about 600 systems. We haven't seen any issues with that scale, and we believe we can scale much above that.

We have used the Microsoft equivalent of vRx. However, it doesn't patch third-party apps unless we pull the download into Microsoft and then deploy it.

There was a slight learning curve, but it wasn't steep. I would say it is a relatively simple deployment.

Three of us were involved in the deployment, and one person was in charge.

Vicarius vRx is reasonably priced.

We have considered a SolarWinds solution and a ManageEngine solution. However, Vicarius vRx was superior in ease of use and support.

I would rate Vicarius vRx nine out of ten.

It took us a while to see the benefit of vRx because we didn't have the manpower to deploy it. We should have gone back to Vicarius and asked for help with the deployment because they indicated they were willing to do that, but instead, we put it in the hands of someone who ended up leaving the organization. So, it was unsupervised for a while. Vicarius vRx reached out to us to see how we were doing, and that is when we expressed our issue. We have set up weekly meetings with them until we have vRx properly deployed and doing what we want.

The scripting engine is not a functionality we are currently using. Still, we are planning to use it in the next weeks because we realized that it could help us solve an issue that we have with different systems requiring different policies.

Some systems require maintenance, such as manual deployment, but after the deployment, we can easily update the agents by automating them.

Vicarius vRx can easily replace most of the other patch management tools. It is more cost-effective and does things other patch management tools don't. For third-party applications, it can automatically keep those applications up to date by pulling and deploying the updates.

I suggest being ready to deploy agents to the machines quickly. The quicker you can use the solution's capabilities, the better. So, I would say learn about the solution beforehand and then get ready to quickly deploy the agents so that you can start applying your policies.