QualysGuard Vulnerability Management v7.6
February 01, 2013
Is per IP and available on request
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Ease of use and a great ticketing system
- Weaknesses: Did not find anything significant to report
- Verdict: Well worth the cost. Recommended
QualysGuard Vulnerability Management (VM) provides automated auditing and vulnerability management for small to large enterprises. It is a private cloud-based software-as-a-service.
The easily accessible, web-based design makes it possible to operate the system via a browser from anywhere there is internet access. This functionality includes the operation of the Qualys virtual and hardware appliances used for addressing private network addresses. It includes network discovery, asset mapping, prioritisation, vulnerability assessment, centralised reporting and remediation tracking. Qualys employs a trouble-ticketing feature to help in tracking and remediating vulnerabilities and other problems across the network. The remediation solution includes comprehensive reports on vulnerabilities, including severity levels, time-to-fix estimates, impact on business and trend analysis on security issues.
A robust set of reports provides status insight for business managers, as well as technical managers and staff. Vulnerability reporting includes the use of common references, such as the Common Vulnerabilities and Exposures (CVE) database, to help provide a common language for auditors and other reporting requirements. The intuitive graphical dashboards and menus made deployment and use of the product easy.
Qualys provided access into the QualysGuard VM as well as a hardware appliance for this evaluation. The documentation included a scanner appliance user guide and a three-step quick-start document. The user guide provided decent screenshots of various menus and workflow diagrams.
As a first-time user of the product, we were pleasantly surprised in how easy it was to get the system up and running. While the user manual was close by, we did not need to open it during the setup. Configuration of the QualysGuard VM was equally easy. It literally took less than 20 minutes to set up scans (on-demand and scheduled), various reports, modification of policies (to fit our needs) and classifying asset information. The bright graphic screens helped with navigating around the various sections. A great help feature made it easy to learn how to use functions that were new. The system did a good job of recognising the vulnerabilities that were on/in various systems and applications, including Windows Servers and desktops, as well as various other systems. The most impressive feature was the ticketing system. Not only was it easy to configure, inside the ticket there were step-by-step instructions on how to resolve the issue for various system platforms.
Qualys offers 24/7 phone and email support, including product updates, all at no cost. The company's website provides FAQ and community knowledge-sharing. The company also offers free instructor-led classroom or virtual training that includes hands-on lab exercises. There is also a worthwhile video series focused on the solution.
Pricing for this product is per IP and we find it to be good value for any organisation looking for a vulnerability management system.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report