Cybersecurity Engineer at a manufacturing company with 51-200 employees
Real User
Top 10
2024-10-18T18:30:00Z
Oct 18, 2024
They are constantly working on making it better. There is no 100% reliable or working application or software. There are caveats with the network passive sensor when it does not merge or something does not feel right, but whenever I have to report on those things, someone from their support team jumps on and tries to help us, which is why I like it. They should keep it up. They can maybe do check-ins with the customers once a month. All the vendors are doing it nowadays. Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement. They know about the latest trends, and they have meetings about them. They can relay to us some newer information that we do not know, but they saw in our environment. That would be a nice thing.
System Architect at a leisure / travel company with 10,001+ employees
Real User
Top 10
2024-10-17T14:56:00Z
Oct 17, 2024
I would like a more clear distinction in terms of something I call a patch contract. A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it. Everything else seems to be fairly straightforward. Additionally, I know there is a cost associated with this, but it would be nice if instead of us having to roll and host our own custom files on AWS or something like that, Qualys could provide some space, even if just a gigabyte or 500 megabytes.
Foundation Services Director at a leisure / travel company with 10,001+ employees
Real User
Top 20
2024-10-14T20:00:00Z
Oct 14, 2024
There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.
System Admin at a insurance company with 501-1,000 employees
Real User
Top 20
2024-10-14T12:54:00Z
Oct 14, 2024
The Qualys agent sometimes encounters authorization issues, leading to inaccurate vulnerability reports. Additionally, server updates cause duplicate assets to appear, hindering accurate asset identification.
SOC - Cyber Security Engineer at a computer software company with 201-500 employees
Real User
Top 20
2024-09-25T16:11:00Z
Sep 25, 2024
Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn.
The Qualys Scanning tool is one of the best tools for scanning purposes, virus detection, and vulnerability detection, whereas Qualys Patch Management is helpful only in a few cases, not in all cases. There are multiple tools for patching, such as SCCM, Intune, or Ivanti. One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective. They should support more applications. For example, you cannot push a patch on Oracle. There is not much automation. For example, with SCCM, you can push anything, but that is not the case with Qualys. We have faced a few corruptions while patching. Even though a patch is feasible through Qualys Patch Management, when we try to push it to our servers, we face some errors or interruptions. When we push the patch, something gets blocked and the patch fails. Even if the patch is within the directory of Qualys, we cannot push it. There are some errors. The Qualys support team can be more communicative. Just sharing a knowledge-based article does not help all the clients or all people. A knowledge-based article might be useful for a technical person, but it does not help someone who is not very technical. They should have a call-based approach. Even companies like Microsoft provide an option for a call for a support case, which allows you to discuss the issue and troubleshoot it quickly. Qualys should improve their support.
A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates. Ideally, the system would handle updates for network interface cards, video cards, and other components, eliminating the need to rely on manufacturer-specific tools like Dell Update or HP Update. Integrating these patching options would significantly improve the overall functionality. Qualys Patch Management primarily updates operating systems, third-party software including Adobe products and many more, leaving video card drivers and firmware updates to other tools. This focus on core software is understandable, as driver and firmware updates can be more complex. The price has room for improvement.
Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.
The speed of patch deployment could also be faster in some cases. Additionally, support for macOS and Linux has improved.
It would be beneficial to have more efficiently scheduled task deployments that are tailored to specific asset types or deployment needs.
They are constantly working on making it better. There is no 100% reliable or working application or software. There are caveats with the network passive sensor when it does not merge or something does not feel right, but whenever I have to report on those things, someone from their support team jumps on and tries to help us, which is why I like it. They should keep it up. They can maybe do check-ins with the customers once a month. All the vendors are doing it nowadays. Qualys can do regular check-ins to go over not only all the vulnerabilities but also the overall process to see if there is anything where we might need improvement. They know about the latest trends, and they have meetings about them. They can relay to us some newer information that we do not know, but they saw in our environment. That would be a nice thing.
I would like a more clear distinction in terms of something I call a patch contract. A patch contract is a bundle of patches that we are going to roll out. I would like to reference those patches from separate jobs. They explained at a conference that it cannot be done, but that is my main complaint. I wish that the whole schema was a little bit clearer because there is a little bit of cloudiness around it. Everything else seems to be fairly straightforward. Additionally, I know there is a cost associated with this, but it would be nice if instead of us having to roll and host our own custom files on AWS or something like that, Qualys could provide some space, even if just a gigabyte or 500 megabytes.
There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5.
The Qualys agent sometimes encounters authorization issues, leading to inaccurate vulnerability reports. Additionally, server updates cause duplicate assets to appear, hindering accurate asset identification.
Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn.
The Qualys Scanning tool is one of the best tools for scanning purposes, virus detection, and vulnerability detection, whereas Qualys Patch Management is helpful only in a few cases, not in all cases. There are multiple tools for patching, such as SCCM, Intune, or Ivanti. One of the challenges that we have faced with the Patch Management tool is that you cannot patch all the things. There are some limitations, whereas, in SCCM, we can create a package and just deploy that through it. Anything is deployable through SCCM, whereas Patch Management is very selective. They should support more applications. For example, you cannot push a patch on Oracle. There is not much automation. For example, with SCCM, you can push anything, but that is not the case with Qualys. We have faced a few corruptions while patching. Even though a patch is feasible through Qualys Patch Management, when we try to push it to our servers, we face some errors or interruptions. When we push the patch, something gets blocked and the patch fails. Even if the patch is within the directory of Qualys, we cannot push it. There are some errors. The Qualys support team can be more communicative. Just sharing a knowledge-based article does not help all the clients or all people. A knowledge-based article might be useful for a technical person, but it does not help someone who is not very technical. They should have a call-based approach. Even companies like Microsoft provide an option for a call for a support case, which allows you to discuss the issue and troubleshoot it quickly. Qualys should improve their support.
A common area for improvement in Patch Management, both within our environment and others I've encountered, is the lack of built-in driver updates. Ideally, the system would handle updates for network interface cards, video cards, and other components, eliminating the need to rely on manufacturer-specific tools like Dell Update or HP Update. Integrating these patching options would significantly improve the overall functionality. Qualys Patch Management primarily updates operating systems, third-party software including Adobe products and many more, leaving video card drivers and firmware updates to other tools. This focus on core software is understandable, as driver and firmware updates can be more complex. The price has room for improvement.