Vicarius vRx Reviews

We use Vicarius vRx as a vulnerability detection or overall vulnerability management system. Their agents discover and report vulnerabilities on Windows endpoints, and their solution assists in patching endpoints.

Our previous solution was doing well with vulnerability detection and reporting. However, we wanted to try an agent-based patching system. That particular product would have doubled the cost. My supervisor discovered Vicarius, and he wanted to try a POC. So, the primary reason was that we wanted to include the ability to patch endpoints based on vulnerability discovery.

Vicarius is valuable because it combines vulnerability discovery, prioritization, and remediation into a single platform. Traditionally, these functions are separated and often managed by different teams, such as security teams handling discovery and infrastructure teams responsible for patching. This division requires significant coordination and communication regarding vulnerabilities, necessary patches, and prioritization. Vicarius streamlines this process by directly linking identified vulnerabilities to required patches, enhancing efficiency.

We have automated some of the patching using vRx's ability to perform that function. My infrastructure team handles the patching side, and we have shared access to the platform. I know that at least ten different tasks are automated, but I'm unsure if they've progressed even more. The gathering of patches that have been released, staged, and ready to go has been automated. So, all patches are already available, and we have some pre-done schedules that will automatically launch and start patching at predetermined times without further intervention.

The automation process has saved at least 30 percent of our manual tasks.

It takes two to three months to get a good overall vulnerability picture. The deployment takes a little while and some time to get used to the reporting. However, we saw decent data within two months and started asking questions about reporting and numbers. After three months, the overall dataset was good. Even now, we're still working on reporting, asking questions of Vicarius and trying to tweak some of the different reporting features.

Vicarius has helped us reduce our mean time to remediate vulnerabilities. Because we can examine endpoints, the best use case I can think of as an example for shortening remediation time is when we start spot-checking and looking at the dashboard for endpoints that, for some reason, have a high count of vulnerabilities or a much higher count of more severe vulnerabilities, we can immediately go into patching from that console and start pushing things out. So it helps us to immediately take care of delinquent workstations, for example, those that have not been connected or a person just keeps leaving their workstation off during prescribed patching periods. Overall, I would say remediation time is 25 to 30 percent shorter. The biggest impact is on case-by-case patching. We follow a regular patching cadence. We're a Microsoft shop, so the largest number of patches we have to apply, like most others, is on Patch Tuesdays when Microsoft releases stuff. Since that's on a regular cadence, I wouldn't say that Vicarius has greatly affected that. But there's a great improvement when we perform cleanup work and try to catch all the outliers and delinquent machines.

Agent-based scanning is the most valuable feature. Previously reliant on network scanning, we faced limitations when devices were offline or remote, such as laptops. This inconsistency in scan results is resolved through agent-based scanning, which provides more consistent data collection as long as the device has internet access. Additionally, integrated patching is highly desirable. While we have other software deployment and patching systems, their reliance on network connections creates similar inconsistencies in reaching all endpoints at scheduled times. Agent-based patching significantly improves this process.

Vicarius is an agent-based platform focusing on Windows, Linux, and Mac endpoints. While we know they're developing traditional network scanning capabilities and plan to demonstrate them soon, this feature is currently missing. Unlike previous vulnerability management systems that relied on network scanning appliances to discover and assess endpoints, Vicarius' agent-based approach is less effective for devices like switches, routers, and printers where agent installation is impractical. Although they suggest using Nmap as a workaround, we find it insufficient. We eagerly await the implementation of network scanning to manage vulnerabilities across our entire infrastructure comprehensively.

I have been using Vicarius vRx for almost seven months.

We began using vRx around mid-January as a proof of concept and have since progressed to full production implementation. I'm uncertain if we are officially considered a 100 percent customer, as my supervisor and his manager have been negotiating the contract with Vicarius. There's some ambiguity about whether all our data remains on US soil or if it's stored in other countries, so the contract finalization is still pending. Nevertheless, we are currently utilizing vRx in our production processes.

We have not experienced any issues with the agents on the endpoints. The portal has been very reliable. It has not gone down, and we have not known of any instance where we couldn't get in to see and view our data. So, we have not experienced any noteworthy issues at all at this point.

Our shop currently supports approximately 800 endpoints, and the system handles this load without issue. Given the system's cloud-based architecture and demonstrated ability to scale quickly, I anticipate that increasing resources on the cloud side would easily accommodate a more extensive deployment if necessary.

At this time, I rely more on opening tickets, and they do have online chat support. Their answers have been good, and the responses have been very quick. I find the support staff helpful, especially when I ask for a call so we can work together on the system. The response has always been excellent and efficient.

Positive

We previously used QualysGuard Express. We switched to Vicarius because we saw the opportunity to go with a product that had a similar pricing range, but at the same time, it included the patching ability.

Deployment was very easy. We did not encounter any issues with installing agents on endpoints.

For us, deployment was a collaborative effort, particularly in vulnerability identification, research, and patching. While we've divided these tasks into two teams, it's feasible that a single individual could handle vulnerability analysis, research, and reporting. However, given our additional responsibilities, a two-person team currently offers greater efficiency. Ultimately, the feasibility of a one-person approach post-deployment depends on the organization's size and complexity.

We initially started with a small test group of about twenty workstations to gather preliminary information. This was essentially a proof of concept or evaluation phase. Once the decision was made to proceed, we successfully deployed agents to all endpoints within a month. In total, the evaluation and full deployment process took one to two months.

We implemented Vicarius with the guidance of vRx, but it was not complex.

Vicarius' pricing was reasonable compared to the other systems we evaluated.

Before selecting Vicarius, we evaluated two other solutions, including Rapid7.

I would rate Vicarius vRx eight out of ten. We need Vicarius to implement the network scanning site.

Vicarius is still a relatively new system, so its content will likely improve. While I find user communities less helpful than technical support knowledge bases when working with any product or system, Vicarius has been okay. However, I rely more on their technical support for my needed information.

We have not yet implemented the patchless protection feature, as other systems also offer it. We are exercising caution and selectively choosing which vulnerabilities warrant this resource-intensive solution. Our decision will depend on the severity of the vulnerability and the priority of addressing it without a traditional patch. Until then, we have not actively engaged with patchless protection.

I can't say that Vicarius saved us a lot of time on patching. Our previous patch deployment system was also very good at getting patches ready and having everything set to go. The biggest difference between the two is that one is agent-based, and the other is not. So, we're not as dependent on a patching window anymore.

I've never used integrated patching since, in our eyes, it was not affordable. I don't know how good the other patching solutions are. I do like Vicarius' reporting better. The dashboard right out of the package is a little more understandable. Strangely, that dashboard information is not always very helpful in every vulnerability system I've worked with. Vicarius has been a bit more clear, and maybe it's just because I like to see certain kinds of numbers. Vicarius offers additional reporting solutions to enhance what it provides through its portal. They provide a Linux-based reporting server that we can put on prem that ingests all the vulnerability information from our portal and helps provide additional reporting. From that, I can export Excel sheets, which makes certain tasks easier, such as analyzing numbers and getting detailed information.

The system itself has not required much maintenance. It automatically updates agents, so there's not much to do to maintain it. It's more about managing the reporting and patching processes.

Given the pricing, the cost of acquiring both vulnerability management and patching capabilities would be comparable to purchasing vulnerability management alone for many equivalent systems. However, the added benefit of simultaneous patching is significant. While it doesn't need to be a primary patching tool, having a secondary option is valuable. To accurately compare options, I would inquire about the nature of the customer's current software deployment and patching system: is it agent-based or network-based? Similarly, if the system is not agent-based, it is still effective. Adding agent-based patching would enhance their ability to address outdated systems promptly. Considering Vicarius's pricing, it's a worthwhile investment regardless of existing patch management solutions. The integration with vulnerability discovery is highly beneficial, supplementing any existing patching capabilities.

We use vRx for third-party patching, OS patching, and vulnerability scanning.

We realized the benefits pretty quickly. One of our clients, who is in the financial sector, required a vulnerability solution. It has reduced our mean vulnerability resolution time. I wouldn't say it's reduced our vulnerability patching time, but it has enabled us to catch some things that were missed by our primary patching tool. 

We like Vicarius' vulnerability scanning and patching. The solution is also useful as a backup for our RMM. It helps to catch some things that may have been missed, but vulnerability scanning typically benefits our clients the most.

We were looking for a tool that combines vulnerability discovery and remediation. We've used vRx's patchless protection feature a few times. It doesn't come up that often, but we have had success with it when we've tried to use it. 

Some of vRx's reporting is difficult to configure. It requires multiple steps, especially if you're configuring more than one report at the same time. 

I have used Vicarius vRx for around six months.

I've never had issues with vRx's stability in the six months that I've used it. 

We only have about four clients. 

I haven't contacted Vicarius support, but some other team members have. It was related to account creation. Some users were locked out. They were responsive and helpful. 

We also use CyberCNS. Vicarius has a more user-friendly interface. It's a more premium tool, but it's also more expensive. On the other hand, CyberCNS has a more feature-rich AP compared to other solutions on the market. Vicarius vRx is more robust. 

Deploying vRx is straightforward. One instance takes about one or two hours to deploy. Onboarding takes a few hours. We had help from Vicarius during deployment. They spent 30 minutes to an hour showing us things. We were able to pick it up from there and deploy it on our own. It doesn't require any maintenance. 

I'm not involved in purchasing, but vRx isn't cheap. It's one of the more expensive tools. 

I rate Vicarius vRx nine out of 10. Even if you already have a patching product, your primary patch management tool will always miss some things. It's always good to have a second tool for validation, especially for clients that deal with heavy regulation, such as financial services or government contracting. You need to be confident they are fully patched and have reports to provide to the auditors. 

We use it to patch and update Microsoft Windows and third-party applications.

We had some legacy patching solutions that were slow and took hours to patch Windows servers. We were looking to improve the speed. That solution also did not patch third-party applications.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. It is extremely helpful. It would be a lot harder to get vulnerabilities remediated if we had to source everything ourselves. We provide access to our developers, and they can easily deploy Java and Tomcat patches without having to go to each vendor to download everything. We are very secure, especially in our external facing applications. We are a lot more secure than we were a year ago.

I have used the Vicarius vRx user community. I have not provided any of my own solutions or anything like that, but I find it helpful. If there is a new vulnerability, but I do not know how to fix it, there is usually some documentation in there, so it is very helpful.

We do monthly updates from Windows, and we have to take down our applications during the day. That is a nuisance for the business. Previously, it was hours of downtime, whereas now, it is less than an hour in a lot of cases, so we have improved there. We were out of date on a lot of third-party applications before, whereas now, we are remediating hundreds of thousands of vulnerabilities each month, so we are improving our security posture with this tool. It has been a great experience so far.

Vicarius vRx has reduced the amount of time we spend on patching. Typically, with our previous solution of ManageEngine, it took about three hours to patch Windows Server, and now, that is less than an hour. It means less downtime for the business each month when we do patches. We are able to get our users back into applications like SAP more quickly. We are able to start addressing other issues, so it has made everybody more efficient. There is about 60% time saving.

We can easily deploy patches for third-party applications. It automatically downloads the patches for you. You do not have to download them, upload them to the solution, and configure your own scripts or anything like that. It is all automatic.

The vulnerability dashboards are extremely helpful. It can help us target the highest-priority vulnerabilities. That is awesome and very helpful.

I have a server engineer who uses this very heavily. She is used to her legacy solution. She recommended some improvements to the interface. They were just minor things related to scheduling and adding some more options to schedule patches that are deployed. Their support was very open to the suggestions. They implemented her recommendation. Their support has been great to work with.

There is not much to improve. There can be more scripting capability and more filtering capability. We should be able to filter more granular details in the operating system such as whether it is a service, application, executable, or something like that. For the most part, we are satisfied with what we are able to filter. These are minor suggestions. Overall, we are pretty satisfied with the platform.

We have been using it for almost a year.

The only issue we have experienced so far is with patches from Microsoft being delayed. If they come out on Tuesday, Vicarius might not be able to deploy the patches until Wednesday. That is all we have experienced so far. Overall, it has been pretty reliable. I would rate it an eight out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

We have about 200 endpoints and six administrators. We have servers and desktops, but primarily, we have servers.

We are all over the globe. We are primarily in the US.

I am satisfied with their support. They are very helpful.

I would rate their support a nine out of ten. I do not have any complaints. I  consider Nutanix support to be a ten.

Positive

We were using ManageEngine. It was slow, and it only patched certain things. We were only taking advantage of Windows patch functionality. There was an interface that was hosted in the cloud, so we were able to get rid of a server from our internal network, and then we were able to speed up patching a great deal—from less than three hours to one hour. It is integrated with Microsoft Azure, and it patches everything efficiently without having to create a bunch of manual updates. We went from a legacy slow solution to a cloud-based solution that prioritizes security and is very quick.

If you want something that is able to focus on security and do it quickly with minimal infrastructure, Vicarius vRx is a great tool.

It is deployed on the cloud. Its deployment was very straightforward. We had to just whitelist a few URLs in the new firewall, deploy an agent on our servers, and do SSO integration. You can have all this deployed in the day. It is very easy.

For the most part, it takes a day. The agent deployment is complex. You have to take that slow. Getting an agent into the solution takes probably less than an hour, so it is very easy.

It is pretty straightforward to learn. If you want to deploy a Windows patch, it usually takes less than 15 minutes to train somebody to do that. It is very easy.

In terms of maintenance, you can have the agent set up. Once you set up automatic updates for the agent, it is streamlined. You are basically telling it what to patch. That is it.

We had just two people involved in its deployment. It was me architecting it and then my server engineer deploying it. It did not take long at all.

I do not know if we can quantify that, but I know that we are saving hours of patching time, making our administrators more efficient, and getting our users back into the systems more quickly. I am sure we are seeing a significant return on investment.

It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced.

To a colleague who is considering Vicarius vRx but says they already have a patch management tool within another platform, I would say that I have used lots of patch management solutions such as Intune and Tenable, which used to be from SolarWinds. Vicarius vRx is by far the easiest to maintain. It does have a security focus. If you want to make sure that your Windows servers are patched with the latest version, or you want to make sure that your third-party updates are completely up to date on a monthly basis, it is possible. You are able to track that easily with the dashboards that are easy to read. Go with a solution with which you do not have to maintain any internal infrastructure. It is just set-it-and-forget-it. I would definitely recommend Vicarius vRx over a lot of other solutions if you are just looking for a patching solution.

I always do a thorough PoC. I cannot account for everybody's use case, but strictly speaking, if you are just looking for vulnerability management and quick and easy updates, definitely consider Vicarius vRx.

We have not used the Patchless Protection functionality. We understand that this capability is there, but we have not used it yet. We have not had a use case for it. We have got a pretty good patching program, so fortunately, we have been able to patch everything. We have not had the need for it.

I would rate Vicarius vRx a nine out of ten.

Two years ago, I conducted a vendor selection process to find a solution for patching our approximately one hundred Windows terminals. We ultimately implemented Vicarius vRx to automate the patching process, primarily for Windows updates. This solution also allows us to run other automation scripts across the terminals, such as implementing certificates.

It is nice that Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. However, it is not critical because we are using CSPM for managing the vulnerabilities across our organization.

Our organization has automated certain manual tasks within the vulnerability management and remediation lifecycle using Vicarius vRx. This includes actions such as disabling the transporter service on Windows servers and implementing certificates. This automation has proven valuable by streamlining these processes and increasing efficiency.

The automations run simultaneously, so across one hundred or more servers.

We implemented a process where we patch our system on a schedule and Vicarius vRx has improved our organization's security.

From an operational perspective, the support team is rolling out this system because it is more efficient than manually patching servers. This automated approach, provided by Vicarius vRx, benefits operations teams that are already at full capacity by simplifying their workload and improving efficiency.

I used the Vicarius vRx custom script to disable the print spooler, adapting an existing script to meet our specific needs. While I could have created my own script in Python and deployed it across the organization, that approach wasn't ideal. 

I've seen operational improvements, specifically within the support team. They were overloaded with tasks, so automating even one has significantly benefit us. This allows us to execute larger projects and assume more responsibility, ultimately reducing the support team's workload and concerns.

The most efficient feature of Vicarius vRx is the ability to group assets, such as by time zone, allowing for targeted patching and streamlined management. This, along with tag-based filtering and organization-wide script execution, simplifies vulnerability identification and application patching. The system's intuitive design and ease of use are its greatest strengths.

I would appreciate additional filter options, such as the ability to filter by AWS tags. Furthermore, enhancing Vicarius vRx with improved third-party integrations, like notifications for external systems, and increased cloud integration for richer instance information, would be valuable improvements.

I would like Vicarius vRx to provide more detailed logs.

I have been working with Vicarius vRx for almost two years.

We had an outage due to a change Vicarius performed in their system. We reported it and found a solution involving some intervention from our side.

Vicarius vRx is scalable because once a new instance is added, it is allocated to its own group automatically. This is convenient, especially when adding instances from different time zones.

Customer service was excellent. During the POC and the implementation, they were very available and made their best efforts to help us.

Positive

While the implementation was initially easy, we encountered some minor issues that were quickly fixed, and we haven't experienced any further problems.

The deployment process involved integrating Vicarius's binary into our automation system. This allowed us to easily extract the installation link from their UI and implement it into our code with minor modifications.

The proof of concept took a couple of days, and implementing the full solution took one to two weeks. The rollout was more complex, primarily due to our commitment to avoiding customer disruption. This required deployment during non-working hours. Although the process did not necessitate server restarts or interfere with customer operations, the complete rollout spanned one to two months for a gradual and seamless transition.

Our deployment was done in-house with one or two people from the Vicarius team and a technical person and support person from my team.

From a pricing perspective, Vicarius was cheaper compared to other competitors.

I evaluated AWS Systems Manager, a native but complex solution with limited visibility. Automox was also considered, but it proved overly complex and offered more capabilities than required. Ultimately, we chose Vicarius vRx due to its simpler implementation and more focused feature set.

I would rate Vicarius vRx seven out of ten.

I assumed that focusing less on something would improve my performance compared to competitors, so I sought an ad hoc solution. Working with the Vicarius team, we resolved all initial bugs and achieved a robust system.

The strongest advantage of Vicarius vRx is its intuitive interface, which requires minimal explanation or support, even for first-time users. This ease of use minimized the need for training sessions. From a technical and implementation standpoint, the system remains largely unchanged and robust, making it a reliable DevOps solution.

We have around 120 instances. And just over 20 users.

I would recommend Vicarius. The simplicity of the system and its support are advantages. If someone has a different need that requires functionalities that Vicarius does not offer, they might need another system.

We primarily use Vicarius vRx for vulnerability detection and patch management. Its support services, interface, and scripting capabilities are all quite good. The network functionality and audit compliance features are valuable assets that our end customers frequently request.

Vicarius vRx is an excellent platform for consolidating vulnerability discovery, prioritization, and remediation. The vRx agent, deployed on endpoints, detects vulnerabilities at both the OS and application level. It prioritizes these vulnerabilities based on various criteria, including Vicarius's xTag system, which considers application usage and network activity. This automated prioritization, ranging from critical to low, eliminates the need for manual intervention. After installation, the agent automatically scans for vulnerabilities every 15 minutes and plans for remediation.

We automated the installation of critical OS patches and browser updates, as well as updates for essential applications used in every environment, such as Microsoft Word, Excel, and important server-level applications.

The time saved by using the automation depends on the environment and the number of endpoints we have.

The vSociety forum fosters collaboration among Vicarius members, customers, partners, and industry analysts to address vulnerabilities and emerging security needs. For example, when a recent CrowdStrike Falcon update presented an issue, the vSociety community swiftly decided on a mitigation strategy, and carriers remediated the problem within hours, benefiting all end customers.

The benefits of Vicarius were immediately apparent, with no downtime ensuring continuous performance. Patches could be deployed to computers as soon as agents were installed on the endpoints.

As a security engineer, I believe all endpoints and applications should be patched regularly, ideally weekly or monthly. Unpatched systems are inherently vulnerable to security threats. Automated tools like Vicarius can help streamline the patching process and ensure comprehensive security coverage.

Vicarius's patchless protection is a valuable feature that uses a dedicated engine to protect applications from vulnerabilities, especially when patches are unavailable. Many applications have exposed APIs, which malicious actors can exploit to bypass security measures. Vicarius's patchless protection monitors application activity for exploitation attempts and blocks them in protector monitor mode, effectively mitigating the risk of exposed APIs and other vulnerabilities.

A scripting engine allows the creation of custom scripts to mitigate threats, which is especially useful for those with in-house applications. Since these applications aren't publicly available, a repository is needed for patching, and the scripting engine facilitates this. Additionally, the engine can be used to deploy or uninstall third-party applications on endpoints.

Vicarius vRx reduces the mean time to remediate by automatically remediating vulnerabilities in critical applications such as Microsoft Edge and Office within 24 hours of detection.

Vicarius vRx significantly reduced our patching time by 50 percent by automating what was previously a manual process.

Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status. This simplifies updates for IT managers and executives.

Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process.

I have been using Vicarius vRx for almost three years.

While we have not experienced any stability problems, a recent issue with login tokens caused a two-hour system outage.

Vicarius vRx is scalable and it continues to improve in their roadmap.

We have contacted the support several times, and they have always resolved our issues within one or two phone calls. 

Positive

While I've used Qualys and ManageEngine, Vicarius vRx offers patchless protection, a key performance indicator of data security that the other two solutions lack.

Deployment is straightforward using Vicarius's one-line PowerShell script installer, which automatically installs the vRx software on edge and endpoint devices. Vicarius also supports deployment through other tools like Microsoft Intune MDM.

The deployment, on average, takes two days to complete. 

Vicarius vRx offers a competitive price point for the features it provides.

I would rate Vicarius vRx eight out of ten.

Vicarius vRx is a more robust remediation solution compared to other tools, offering excellent support, features, and performance. We have experienced no downtime with this solution.

Periodic maintenance for vRx is required on the cloud service and for agent updates.

Vicarius vRx is a user-friendly patch management solution that allows for centralized vulnerability management. Through a single portal, users can identify and automatically remediate vulnerabilities.

We mainly use Vicarius vRx for Windows patching.

We were using another product previously for third-party patching, but it did not have any reporting functionality. It did not have any dashboards to see which devices had been successfully patched and whether there was anything outstanding. It did not give us any security insights into CVEs. That is why we ended up looking at Vicarius vRx so that we could have a single pane of glass to see what patches needed to go out and what sort of vulnerabilities we had on our Windows machines.

Vicarius vRx has been really good at protecting our Windows machines and patching them, keeping them compliant. It has definitely helped us. 

Vicarius vRx also helps us stay compliant with our security certifications. We do ISO 27001 and Cyber Essentials in the UK. This product definitely helps us maintain those security certifications. Without a product like Vicarius vRx, we would not remain compliant with those.

We have attempted automation, and it seems to be working well. We have automated the patching for Windows devices for the operating systems and any sort of third-party vulnerabilities. It was very easy to set up and seems to be working well. It has saved about 40% of the time.

Vicarius vRx has a feature called Patchless Protection. We have used it a few times. It is good to have an option where if a patch is not available, it can still help remediate the security vulnerability. It is not something we had in our previous product, so it is good to see.

We could see its benefits immediately. We could see the changes it was making compared to the product we used before. We were using the product called VFA before, so as soon as we switched over to using this, we could see the difference.

Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform. That is very important. That impressed us when we were evaluating the product. We were impressed by how it was geared towards that. The other products we looked at had patching tagged on another product, whereas this solely looked after the patching and vulnerabilities, which is good. We did not see any other products with such capability.

It would be good if there were more login options. At the moment, it sends you an email to verify your email address, and then you can log in. It would be beneficial to have other options for signing in, like MFA or maybe security keys, especially since it is a security product.

We have used Vicarius vRx for around a month.

There have been no issues; it has been absolutely fine.

It is very straightforward to scale up with more machines, so there are no problems there.

I have not contacted their support. We only received help from someone at Vicarious during the initial implementation.

Positive

We were using a product called VSA before. We switched because it did not have good reporting on vulnerabilities. When you set up the patching, it would try to update the apps, but you would not be able to tell in a single pane of glass what was successful and what was outstanding. It did not look into security vulnerabilities.

The customer support and account management were also not very good. That played a big part in it as well.

It was not as easy as it could have been, but it was fairly straightforward.

The initial deployment took about a week. We received help from someone at Vicarious during a call, but most of the deployment was done in-house.

It does not require any maintenance on our end.

Only one person was required for the deployment.

By using Vicarius vRx, the meantime to remediate vulnerabilities has gone down by about 60% to 70% as compared to VSA. 

In terms of reducing the time spent on patching, it is a little bit difficult at the beginning because you are initially setting the product up. It has probably saved about 50% of the time.

I think the pricing is very good. The pricing was very reasonable and fair compared to other products.

I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT.

We did have a look at a few other products. One of the things I liked about Vicarius vRx is that it had quite a wide support for updating different products. Quite a few products we looked at for patching did not update many third-party applications. They were more geared towards patching Windows, which we did not need, whereas vRx seemed to be able to pretty much handle any application we had in our fleet. That was what drew us into Vicarius vRx.

We looked at NinjaOne mainly. Earlier on, we did look at a few other products, but they got dismissed due to not having much support for third-party patching.

Vicarius vRx is definitely more robust than others as a remediation solution.

I would advise testing it out because it is dedicated to patching rather than being an add-on product to an existing tool, which is what happens with most of the competition. For instance, when we were using VSA, we had to pay for VSA, and then we had to pay for an add-on to do third-party patching. We did not need or use a lot of the functionality of VSA that we were paying for, whereas Vicarius vRx is more of a focused product to do patching, so you are getting the full use of the product.

To new users, I would advise ensuring that your deployment methods are working and then testing with a small user group to make sure there is a smooth transition.

Overall, I would rate Vicarius vRx an eight out of ten.

We use Vicarius vRx to manage vulnerabilities and patch more than 300 assets in total. 

We use Vicarius vRx daily. It is great. Without it, we could never manage these many assets at once.

We have automated vulnerability management, patching updates, software updates, systems reboots, or other smaller tasks like network scans. With its automation, we save two to four hours daily.

The scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities.

We were able to realize its benefits immediately. The first benefit that I noticed was how easy it was to deploy. Right after deployment, it made an inventory of my assets, applications, and OS, and it was very easy to look at my attack surface from another perspective. After that, there was also all the patching and management.

Vicarius vRx is protecting my environment. In the report, I can see the vulnerability score and vulnerability number. Since using Vicarius vRx, there has been a reduction in issues.

I use Patchless Protection on almost every client because some applications cannot be patched automatically or are homemade. With Patchless Protection, it is easy for me to keep clients protected.

Its scripting engine enables us to create custom scripts to mitigate configuration-based vulnerabilities, but we use another product for this. The script that I am using is very powerful. We use it for Nmap scanning and mitigation.

Vicarius vRx has reduced the mean time to remediate vulnerabilities. I do not have to look at other websites for new patches. I have everything in one dashboard. It is very easy. It saves two to four hours daily in vulnerability checks and remediation.

We hardly spend any time on patching. With automation and scripting, I never have to think about it.

The ability to consolidate vulnerability discovery, prioritization, and remediation in one platform is crucial. 

I find the user community very useful. We can find a lot of tips and tricks on how to manage vulnerabilities and how to patch vulnerabilities that are not patchable.

Based on the request from our clients, it would be great to have an MDM solution. If they can manage vulnerabilities on mobile devices too, that would be great. Having scripting capabilities on mobile devices would be very useful. That was the request we had from lots of clients.

I have been using Vicarius vRx for more or less one year.

I have never experienced any lagging or crashing. There was a minor issue related to the automatic rebooting of the system, but it was resolved quickly with the help of technical support.

Vicarius vRx scales very well. It is very easy to deploy, and you can manage multiple customers from the same dashboard, making it very scalable.

They are great. I have contacted technical support during the testing stages in the EU environment, and they have always been available and kind. I would rate their support a ten out of ten.

Positive

We did use other solutions, but I personally did not use any.

It is deployed on the cloud. Now that they have a data center in Europe, it is easier for our clients because of the GDPR compliance. The console is just on the cloud.

Its initial setup was easy. We made a script with our RMM solution. Within seconds, we deployed more than 200 agents.

It takes about 20 minutes to fully deploy vRx for one client.

It does not require any maintenance from our end. You have to set up automation scripts, but once you have done that carefully and properly, you do not have to look at it much. I check it maybe once a month to see if everything is running correctly and whether the remediation is being applied. Anything can go wrong, but I have not seen any problem, so no maintenance is required.

It is more of a one-person job. While you can define multiple groups and assign different clients to different managers, we handle it with one person.

The pricing is great because we are a reseller of the product. It is really up to us and Vicarius, and they are very easy to work with.

I have seen a lot of other platforms for vulnerability management, but they do not do prioritization as Vicarius vRx does. It is very easy to know which application and which process you have to manage or patch first. With other solutions, you cannot do that or you cannot do that so easily.

I would advise trying the platform as it is very efficient in vulnerability management and prioritization.

I would rate Vicarius vRx a ten out of ten.

I use vRx for update management, specifically for updating and patching everything including CVEs or any updates related to security breaches. Updates are configured to install automatically on a chosen day, which is repeated every week. We use Vicarius vRx when there is a security breach. We use it every week.

It updates the firmware and the applications. In the beginning, we had some troubles with the application, but we notified them, and they fixed it very quickly. They sent an update and everything was fixed. 

It helped my organization by providing guidelines or a baseline for all the stations and operating systems. When there is a security update or issue, I am aware of it and can distribute it across the organization without having to manually check that each station has the update installed. Vicarius has leveled up my security awareness.

The most valuable feature is the system's ability to provide information about open CVEs and how it compares the local version with available updates. 

I rely on vRx primarily for patch management and vulnerability resolution. Another key ability is that it identifies vulnerabilities that are not even flagged by the operating system itself, such as with Windows, and provides necessary updates. If you update the Windows OS, it says that it's up to date but after we check vRx, it says that there are more vulnerabilities.

Its ability to consolidate vulnerability discovery, prioritization, and remediation in a single platform is good. Compared to other solutions, Vicarius is the most effective.

We automated the process of checking OS platforms, updates, and application updates. We repeatedly check it every day and if we have updates that we need to install, we configured it so that it will install automatically on the day we choose. This automation has saved us 30% of our time.

I used the scripting engine once. It worked fine, but I don't need to run specific code, batch, or scripts for my devices. If I need something, I need it for one or two devices, so I send it manually.

Vicarius vRx has reduced our mean time to remediate vulnerabilities by 20%. 

It has reduced the amount of time we spend on patching by 50%. It's much quicker to patch and move forward to another task. I can move forward to another task.

Areas that need improvement include the CPU usage and the delay between sending updates and receiving feedback on their status. I hope that more immediate feedback on update installation success or failure is implemented.

I have been using Vicarius vRx for one and a half years.

I rate stability at eight out of ten. There are some issues like high CPU usage during updates, but these were fixed.

I rate scalability at eight.

I would rate technical support an eight. I find their support services to be relatively effective.

Positive

The deployment process is easy. It mainly involves running a command, and it took about three days to fully deploy across our organization.

It does not require maintenance. It updates automatically.

I rate the overall solution an eight out of ten because while it's good, there is room for improvement.