Some sort of education or knowledge base about the product would be beneficial for beginners. They could offer more training sessions for beginners who are new to the solution, as learning would be great for them.
The policy creation aspect needs improvement. Our team has limited knowledge about creating policies, and I need to focus on this area more. I should study more about creating and handling policies efficiently.
Policy implementation is sometimes a little bit different than, for example, the CIS standards. If you are using a CIS type of standard, controls will be differently implemented, and that implementation is not straightforward. There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides.
It would be good if the solution’s technical support could be faster. I would like to improve the solution's detection feature whereby any vulnerability can be detected and immediately put in the sandbox.
The reporting needs improvement. While the tool is really good at doing the assessment, it's not as good at reporting various compliance states. Maybe management reporting could be improved as well. They really need to improve the versioning of the policies. You can create basically your own policy based on the industry practice. However, if that industry practice changes, for example, maybe there's a new version from Microsoft, you basically need to start from scratch. That kind of migration from the old best practice to the new best practice and retaining all those customizations that have been done for the old one that has not been actually done. That's something to improve. However, we typically do it as we work with it. We do it programmatically. We do it through the API.
IT Governance involves aligning IT strategy with business goals, managing risks, and ensuring compliance to achieve organizational objectives. It provides a framework for effective decision-making and accountability.
Effective IT Governance ensures that IT resources are utilized in a way that supports core business functions. It enhances accountability and performance, helping organizations to meet regulatory requirements and reduce risks associated with IT. Insights from industry...
Some sort of education or knowledge base about the product would be beneficial for beginners. They could offer more training sessions for beginners who are new to the solution, as learning would be great for them.
The policy creation aspect needs improvement. Our team has limited knowledge about creating policies, and I need to focus on this area more. I should study more about creating and handling policies efficiently.
Policy implementation is sometimes a little bit different than, for example, the CIS standards. If you are using a CIS type of standard, controls will be differently implemented, and that implementation is not straightforward. There is no clear mapping for the CIS controls in terms of how they should be implemented into Qualys, so the implementation stage might be a little bit challenging for the customer. That means that the customer will end up opening support cases, which will overload their support team to explain those. If they are somehow published somewhere, it would save time and effort for both sides.
It would be good if the solution’s technical support could be faster. I would like to improve the solution's detection feature whereby any vulnerability can be detected and immediately put in the sandbox.
The reporting needs improvement. While the tool is really good at doing the assessment, it's not as good at reporting various compliance states. Maybe management reporting could be improved as well. They really need to improve the versioning of the policies. You can create basically your own policy based on the industry practice. However, if that industry practice changes, for example, maybe there's a new version from Microsoft, you basically need to start from scratch. That kind of migration from the old best practice to the new best practice and retaining all those customizations that have been done for the old one that has not been actually done. That's something to improve. However, we typically do it as we work with it. We do it programmatically. We do it through the API.