Qualys VM
Qualys VM
Qualys VM identifies and prioritizes security weaknesses across diverse IT assets. It integrates with cloud environments and provides automated detection and reporting capabilities.
Qualys VM identifies and prioritizes security weaknesses across diverse IT assets. It integrates with cloud environments and provides automated detection and reporting capabilities.
Cost considerations
Functionality
Compatibility
User experience
Customer support
Why these ratings?
Cyberse perspective
Solution details
Product features
Deployment
Target industry
Subcategory
Pricing
Scanning coverage
Integrations
Market segment
Key features
Services support
We use the following criteria to evaluate this product:
Cost considerations
Qualys VMDR starts around $199 per asset annually—several times the entry price competitors publish—and web-app or cloud scanning sits in separate paid modules, driving spend up as coverage grows. Scaling to thousands of assets creates a sizeable license bill that some firms view as hard to offset with risk-reduction gains. The cost can still make sense, but only when teams replace multiple point tools and fully use the broader Qualys suite.
Cost considerations
Qualys VMDR starts around $199 per asset annually—several times the entry price competitors publish—and web-app or cloud scanning sits in separate paid modules, driving spend up as coverage grows. Scaling to thousands of assets creates a sizeable license bill that some firms view as hard to offset with risk-reduction gains. The cost can still make sense, but only when teams replace multiple point tools and fully use the broader Qualys suite.
Functionality
Qualys VM continuously discovers assets through scanners and cloud agents across data centers, public clouds and containers. TruRisk scoring focuses attention on the riskiest issues, and ServiceNow workflows automatically open and close tickets after patch validation
Functionality
Qualys VM continuously discovers assets through scanners and cloud agents across data centers, public clouds and containers. TruRisk scoring focuses attention on the riskiest issues, and ServiceNow workflows automatically open and close tickets after patch validation
Compatibility
Qualys provides agents for all major operating systems and API-level connectors for AWS, Azure, GCP and OCI so hybrid assets stay in scope. A built-in ServiceNow CMDB sync and a certified Splunk connector feed asset and vulnerability data into ITSM and SIEM workflows automatically. SAML 2.0 single-sign-on lets security teams tie the product into corporate identity systems with no extra gateways.
Compatibility
Qualys provides agents for all major operating systems and API-level connectors for AWS, Azure, GCP and OCI so hybrid assets stay in scope. A built-in ServiceNow CMDB sync and a certified Splunk connector feed asset and vulnerability data into ITSM and SIEM workflows automatically. SAML 2.0 single-sign-on lets security teams tie the product into corporate identity systems with no extra gateways.
User experience
Qualys VM offers a logical web dashboard that most users learn quickly. Peer reviews score ease-of-use around 4/5 and praise clear visuals and rapid searches. Some note the look feels dated, placing the experience above average but not leading the field
User experience
Qualys VM offers a logical web dashboard that most users learn quickly. Peer reviews score ease-of-use around 4/5 and praise clear visuals and rapid searches. Some note the look feels dated, placing the experience above average but not leading the field
Customer support
Qualys keeps a live 24×7 phone, chat and ticket desk so customers can reach real engineers at any time. Qualys researchers push multiple signature updates a day, and new detections appear in the product within about 4–8 hours, comfortably beating weekly expectations but not always under 24 hours of every CVE. Rich public docs and an active knowledge base speed troubleshooting, so overall support is strong but falls just short of the highest tier.
Customer support
Qualys keeps a live 24×7 phone, chat and ticket desk so customers can reach real engineers at any time. Qualys researchers push multiple signature updates a day, and new detections appear in the product within about 4–8 hours, comfortably beating weekly expectations but not always under 24 hours of every CVE. Rich public docs and an active knowledge base speed troubleshooting, so overall support is strong but falls just short of the highest tier.