Qualys Vulnerability Management: Product overview

Expert Ed Tittel examines Qualys Vulnerability Management, a product for organizations of all sizes that is designed to help admins identify, monitor and mitigate vulnerabilities.

Qualys was one of the vendors to offer vulnerability management as a software as a service product, and it continues the product line today with Qualys Vulnerability Management (also known as Qualys VM). The broader Qualys platform includes a bevy of security offerings, such as continuous network monitoring, policy compliance, web application scanning and web application firewalls, all of which may be managed as a whole and work together. Qualys Vulnerability Management is part of that portfolio and can work in conjunction with other Qualys products.

Features

Qualys Vulnerability Management is available in three forms -- Enterprise, Express for midsize organizations and Express Lite for small organizations.

The vulnerability management and scanning product is deployed entirely as software as a service (SaaS) or by service providers in a preconfigured private cloud appliance. It scans the network perimeter, virtual machines and cloud services based on preconfigured or custom policies to identify and prioritize vulnerabilities. And it acquires any necessary patches for applications running on hosts. Customers who want to scan the corporate network need to acquire an appliance; virtual appliances are available for VMware, Hyper-V and Amazon Elastic Compute Cloud.

Qualys provides administrators with several of the tools they need to identify, monitor and mitigate vulnerabilities. And with all of their products integrated in the cloud, additional security controls are available that may be lacking in competitors' products. For example, the optional continuous monitoring functionality watches the perimeter and alerts staff to any changes that may require action. Host assets discovered during a Qualys Vulnerability Management scan may be audited in the Policy Compliance service.

All editions of Qualys Vulnerability Management support discovery and prioritization, vulnerability identification and fixes, distributed scanning, full-featured reporting, the ability to share reports directly from the system and advanced API integration (although this is somewhat limited in Express Lite).

Prioritization for the vulnerability management product is based on severity levels of minimal, medium, serious, critical and urgent, rather than low, medium and high, which is the norm with many scanners. The Enterprise and Express editions add remediation workflow and zero-day threat analysis and alerting.

Reporting

Qualys reports are top of the line. They are highly configurable as far as sorting, filtering and grouping are concerned, as well as customizable. Basic report output includes network assets (IPs or asset groups), discovered vulnerabilities, network security status, summaries in graph and chart format and trend analysis.

A unique feature of Qualys cloud products is their ability to create an interactive network map that shows perimeter and internal devices. After creating a network map profile, an administrator can generate a map that displays domains, hosts, connected endpoints, routers and other networking devices, and it can also indicate the number of devices that are scannable, live, rogue and so on. Clicking a host in the map displays details about that host, such as the operating system, date of last scan, discovery method and ports in use. The product also includes malware detection that relies on a continually updated database of vulnerability signatures known as Qualys KnowledgeBase.

Pricing, licensing and support

Qualys Vulnerability Management is sold as an annual subscription in its three tiers: Enterprise, Express and Express Lite. Pricing for the SaaS product varies based on the number of IP addresses, scanners and agents. Prospective customers should contact Qualys for a price quote.

Qualys has established a reputation for the availability and high quality of its customer and technical support. All Qualys Vulnerability Management editions include free phone and email support 24/7, as well as free in person and online training. Advanced support is available for a fee.

Customers may use the Qualys website to start a free trial or to access a plethora of resources, such as product documentation, analyst reports, a troubleshooting guide, product demo videos, white papers, FAQ, a user community and much more.

As part of the subscription, scanners deployed behind customers' firewalls are managed remotely by Qualys.

Next Steps

In part one of this series, learn the basics of vulnerability management tools

In part two, read about enterprise use cases for vulnerability management

In part three, discover the purchasing criteria for vulnerability management tools

In part four, compare the leading vulnerability management products on the market

Dig Deeper on Risk management