Do vulnerability, configuration &
compliance assessments more efficiently

Perform scans accurately, with a low, predictable TCO. Free yourself from installing software, syncing databases,
or wading through lists of issues
you’ve already dealt with.

Free Trial
Qualys Consultant laptop

Offer new services - without
having to be on-site

Remotely monitor clients’ networks, web apps and system configurations for vulnerabilities and compliance with required policies. Collaborate with colleagues without juggling databases.

Free Trial

Promote client loyalty and
recurring engagements

Discover forgotten or rogue apps and test apps anywhere – in development, QA or production.

Free Trial

Stand out from your competition
& enhance your reputation

Use the industry's leading cloud-based security and compliance solutions. Add your own branding and analysis to reports that you can customize to your clients' specific needs.

Free Trial

Qualys Consultant for Security Consultants & Compliance Auditors

It's great to be able to go to one place and manage all of our network vulnerability scans and web application assessments. [Qualys] improves our ability to manage customer assessments.

-Fortrex Technologies, Inc.

Read the Success Story

Qualys Consultant gives you the industry’s leading cloud-based security and compliance solutions to use in your own vulnerability, configuration and compliance assessments. With Qualys Consultant, you can scan, analyze, track, and report on issues throughout your clients’ networks, devices and web apps – all from a single web console.

Used by consultancies and auditing firms around the world, Qualys Consultant frees you from having to set up servers, install software, manage storage or even be physically on-site. With "Six-Sigma" accuracy in vulnerability detection, integrated trend analysis, and customizable co-branded reporting, Qualys Consultant delivers the information you need to efficiently provide outstanding service to your clients.

What You Get

Use the power of the Cloud to make your assessments fast, accurate & hassle-free – without going on-site.

Use the Industry's Leading Cloud Solution for Security and Compliance Assessment

The Qualys Cloud Platform delivers comprehensive IT security and compliance solutions for thousands of companies – of all sizes – around the world.

Immediate deployment – no servers to set up, no software to install, no databases to maintain for low, predictable TCO.

Multiple solutions, one console – zero maintenance.

Automated, remote monitoring – of devices & web apps in Internet perimeters, corporate networks & Amazon EC2.

Use anywhere – simply login from your browser on any device; no need to be on-site.

Reveal How Hackers View Your Clients’ Internet Perimeters

See your clients’ perimeters the same way hackers do: from the Internet. Qualys’ cloud-based scanning gives you the most accurate picture of your clients’ Internet-facing servers, websites and web apps. Qualys is pre-authorized for scanning within Amazon EC2, so you can easily track all of your clients’ systems in one place. Know quickly whether any of their assets are out-of-date, misconfigured or vulnerable to emerging threats – before they get attacked.

Scan Clients’ Networks Remotely from Your Web Browser

Qualys frees you from having to set up and maintain software on your clients’ networks. Simply open a browser on any device, log into Qualys and you’re immediately ready to start scanning, review results, and generate reports – from anywhere, at any time.

Scan Devices & Web Apps Inside Your Clients’ Internal Networks

With Qualys, you can accurately and efficiently scan your clients’ corporate servers, computers and web apps – even inside complex, distributed networks. Automated authentication lets Qualys securely log into each system to collect critical security and compliance information. Internal scanning is seamlessly performed by virtual scanner appliances (available in a variety of virtual machine formats) that are remotely managed by Qualys.

You can use a virtual scanner from your laptop when you’re on-site or deploy it on a client’s computer to scan without you having to be present. It securely monitors assets within clients’ networks without requiring inbound firewall ports to be opened or special VPN connections to be set up. Furthermore, with Qualys, internal and external systems are all managed from the same console, eliminating the need for multiple tools.

Learn more about Qualys Virtual Scanner Appliances

Discover rogue devices, identify & track vulnerabilities, prioritize & verify remediation.

Discover Rogue or Forgotten Devices

The cornerstone of reliable security starts with knowing what your clients really have in their networks. Qualys Vulnerability Management helps you find unauthorized or undocumented devices lurking in your clients’ perimeter or corporate networks.

Identify the Latest Security Patches and Where to Get Them

Qualys goes beyond just listing which devices are at risk of being attacked – it also tells you which specific patches are needed to fix each problem and gives you a link for downloading them.

Get Highly-Accurate Scan Results without Being Flooded by Extraneous Data

The Qualys Cloud Platform performs more than a billion scans per year. It consistently exceeds Six Sigma accuracy for vulnerability scans, the most difficult type of scan. This high level of quality gives you the information you need, without wasting your time on extraneous false positives or false negatives.

Prioritize Remediation Efforts

Qualys helps you understand which vulnerabilities deserve immediate attention. Vulnerabilities can be organized by severity, presence of active exploits, patch, age, and other attributes so that you can give clients valuable insights into how to best increase their security.

Examine Security Trends Across Systems and Time

Understand the overall security of your clients’ networks as well as specific details of any particular device or web application. Qualys lets you analyze results from multiple assets and how they trend over time to give you a complete view of your clients’ security postures.

Uncover hidden web apps, identify & track vulnerabilities, learn how to fix problems.

Uncover Undocumented or Forgotten Apps

Qualys Web Application Scanning helps you find web applications that have been published in your clients’ networks without authorization or have simply been forgotten. With this information, you can assist clients in preventing orphaned apps from becoming potentially-severe security risks.

Test Web Apps for OWASP Top 10 Risks

Accurately and efficiently test web apps anywhere – in development, QA or production with Qualys Web Application Scanning. Eliminate attackers’ favorite vulnerabilities (such as XSS and CSRF) to keep your clients’ systems and data safe. Qualys is a Premier Corporate Member of OWASP.

Incorporate Penetration Testing Data

With Qualys, you can store web app testing data in one place, whether it’s from manual penetration testing tools such as Burp Suite or Qualys automated scans. Avoid reinventing your manual tests and get a complete view of vulnerabilities across your clients’ applications.

Find Malware and Vulnerabilities Hiding in Clients’ Websites

Protect visitors to your clients’ websites against online attacks. Qualys can automatically scan their websites to make sure nobody has uploaded malware into blogs, feedback pages, advertisements or third-party content that appears on their sites.

Audit system configurations, track PCI compliance & submit certification online.

Audit Computer Configurations’ Adherence to Compliance Policies

With Qualys Policy Compliance, you can go beyond network testing to deeply inspect a wide range of settings and security controls required for mandates such as FISMA, HIPAA, SOX, GLBA, Basel II and others. You can use industry benchmarks such as the USGCB required by many US federal agencies or define your own controls to test for. Qualys is a CIS Security Benchmarks Consulting/Auditing Member.

Verify Usage of Password Controls

Track whether computers throughout your clients’ networks are properly implementing password controls required for complying with internal security rules as well as industry or regulatory mandates.

Accelerate and Automate PCI Compliance

With Qualys PCI Compliance, you can check whether your clients’ systems are PCI compliant at any time, enabling them to address issues early and submit quarterly PCI audit results once you know they’ve passed. Qualys is a PCI Approved Scanning Vendor (ASV).

Document clients’ security posture with customizable, co-branded reports.

Co-brand Reports that You Give to Your Clients

With Qualys Consultant, you can add your brand to reusable report templates and automate the creation of engagement reports. Customized layouts, free-form content and complete control over included results let you tailor reports to each client’s needs.

Visualize and Explain Clients’ Security Posture with Flexible Reports

Qualys goes beyond simply itemizing the vulnerabilities it finds. It gathers tdata from each device and web app, then lets you organize that information in the most appropriate way. You can quickly show how groups of assets fare against security goals in executive scorecards and generate detailed reports identifying how vulnerabilities change over time.

Add Your Own Executive Summary to Reports

Qualys lets you enter your own executive summary and recommendations into reports you generate for clients. Your insights become part of the report rather than a separate document that could get separated or misplaced.

Select Pay-per-Scan or annual per-user subscription plans to best fit your business model.

Starter Kit for Multiple Users

starting at $1,995

Users radar
Pay-per-Scan – Shared Across Users in Your Firm, No Long-Term Commitment

Qualys offers you a choice of packages to fit a variety of business models. Firms with multiple users can set up accounts that enable consultants to collaborate on particular clients. Pay-per-scan plans enable you to drive new services and add new clients without the hassles or costs of installing software or setting up new databases.

Sign up for a free trial and be scanning perimeter devices and web apps in minutes. Buy the Qualys Consultant Starter Kit (starting at USD $1995 in North America) and get 250 device scans for Vulnerability Management and Policy Compliance plus a one-year subscription for a Virtual Scanner Appliance for scanning inside clients’ networks. Additional scans for devices as well as web applications can be purchased as needed.

Instructor-Led Training & Certification Courses included

Unlimited Scanning

for Individual Practitioners

User radar
Unlimited Scanning – Annual, Per-User Subscriptions

Individual practitioners who have recurring engagements that require high volumes of scanning can perform an unlimited number of scans with our annual, per-consultant (nontransferable) subscription plans. You can also buy Virtual Scanner Appliance subscriptions to scan clients’ internal networks – without you having to be on-site. Contact us for pricing for your specific needs.

Instructor-Led Training & Certification Courses included

Questions. Ask Us

Free Trial
Unified Platform Diagram
Web Apps
IT Compliance
Actionable Security Intelligence
  • Vulnerabilities
  • Malware
  • Compliance
The Qualys
Cloud PlatformLearn more

Why Qualys?

Over 8,000 Organizations Rely on Qualys, including 50+ of the Fortune Global 100

Customer Logos
I couldn't compete with the larger IT consulting firms without Qualys.

- Joel Lanz

SC Magazine Award Logo

Qualys has received multiple awards and top ratings from leading industry analysts and technical publications.

  • Best Security Company 2014 & 2011 SC Magazine
  • Security Vendor of the Year 2012 SC Magazine EU
  • Best Vulnerability Management Solution 6 of the last 7 years
  • Best SME Solution 2011 & 2012 SC Magazine
  • All awards

Qualys Consultant

Get Started. There’s nothing to install or download!

QG Consultant in iPad
Qualys Solutions
Qualys Community
Free Trial & Tools
Free Trial

Nothing to install!

1 (800) 745 4355