Overview
Product Information on Qualys VMDR
Updated 13th October 2025
What is Qualys VMDR?
Qualys VMDR Pricing
Overall experience with Qualys VMDR
Manager
250M - 500M USD, IT ServicesFAVORABLE
“Qualys is powerful vulnerability tool for any application and network system.”
Qualys is a Powerful vulnerability tool to monitoring any kind of web application and it provides the detailed report bases on PCI severity. I like the explanation against each vulnerability and how to address it.
Senior Technical Lead
500M - 1B USD, IT ServicesCRITICAL
“Qualys - A product that could have been great.”
Qualys VMDR is strong when it comes to detection and assessment, but my experience has highlighted several limitations that impact efficiency and customer experience.
What works well
- Comprehensive vulnerability scanning: It does a good job of exposing vulnerabilities across environments and provides a solid foundation for your security posture.
- Cloud-based platform: no need for on-premise appliances which simplifies deployment and maintenance
- Integration with patch management: the ability to link vulnerabilities with patching is useful and automated jobs can be configured to support assets
Challenges and pain points
- Limited 3rd party application patching coverage. It says it works, but it doesn't. MS patches, however, work fine.
- Reporting burden: reports are not intuitive and require manual formatting. Preparing a report for a customer can take hours. The reports are very Windows 2000 style.
- Accuracy concerns: vulnerability counts are inflated. A single outdated app can generate hundreds of entries even when superseded updates are ignored.
- Performance issues: The platform is... SLOW!. After 5pm UK time it grinds to a halt and checks take between 4-8 hours.
- Licensing complexity: Patching licenses are separate to VMDR which adds admin overhead and can lead to activation issues if not calculated correctly.
Support is terrible. P1 first response can take weeks.
About Company
Company Description
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices.
Company Details
Company type
Public
Year Founded
1999
Head office location
Foster City, United States
Number of employees
1001 - 5000
Website
Do You Manage Peer Insights at Qualys?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Top Qualys VMDR Alternatives
Peer Discussions
Qualys VMDR Reviews and Ratings
Filter Reviews
Sort By:
Most helpful
Last 12 Months
Star Rating
Reviewer Type
Reviewer's Company Size
Reviewer's Industry
Reviewer's Region
Reviewer's Job Function
- Manager50M-1B USDIT ServicesReview Source
Qualys is powerful vulnerability tool for any application and network system.
Qualys is a Powerful vulnerability tool to monitoring any kind of web application and it provides the detailed report bases on PCI severity. I like the explanation against each vulnerability and how to address it. - Senior Technical Lead50M-1B USDIT ServicesReview Source
Qualys - A product that could have been great.
Qualys VMDR is strong when it comes to detection and assessment, but my experience has highlighted several limitations that impact efficiency and customer experience. What works well - Comprehensive vulnerability scanning: It does a good job of exposing vulnerabilities across environments and provides a solid foundation for your security posture. - Cloud-based platform: no need for on-premise appliances which simplifies deployment and maintenance - Integration with patch management: the ability to link vulnerabilities with patching is useful and automated jobs can be configured to support assets Challenges and pain points - Limited 3rd party application patching coverage. It says it works, but it doesn't. MS patches, however, work fine. - Reporting burden: reports are not intuitive and require manual formatting. Preparing a report for a customer can take hours. The reports are very Windows 2000 style. - Accuracy concerns: vulnerability counts are inflated. A single outdated app can generate hundreds of entries even when superseded updates are ignored. - Performance issues: The platform is... SLOW!. After 5pm UK time it grinds to a halt and checks take between 4-8 hours. - Licensing complexity: Patching licenses are separate to VMDR which adds admin overhead and can lead to activation issues if not calculated correctly. Support is terrible. P1 first response can take weeks. - IT ASSOCIATE50M-1B USDBankingReview Source
Vulnerability Management: Proactive Defense via Identification and Prioritization
Vulnerability Management is a user friendly platform. it is a preventative control to identify vulnerabilities in critical servers - Chief Information Security Officer<50M USDIT ServicesReview Source
Product Fully Meets Testing Needs With Responsive Sales And Technical Support
Good response from the sales and technical team to help us trial, review and decide to purchase. - MANAGER50M-1B USDEnergy and UtilitiesReview Source
Detecting vulnerabilities is easy thanks to the system's detailed reports.
It is an excellent product for the VMS area where it allows us to apply patches in the company.
...
Showing Result 1-5 of 548
Recommended Gartner Insights
This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
