Qualys Consulting Edition is used for engagement-based services such as, but not limited to, vulnerability identification, security program assessments, and penetration testing.
Qualys Consulting Edition can be used by IT and Security auditors, individual consultants, consulting firms, and MSPs that provide 3rd party assessments.
No. Per the Qualys Service Agreement, Qualys Consulting Edition subscriptions cannot be used for scanning the network or any associated network of the company that purchased the subscription.
Yes. Qualys Consulting Edition is designed to handle both ad-hoc, point-in-time assessments as well as ongoing, continuous engagements with your clients.
No. Qualys Consulting Edition user access is specific to the subscribing organization. Clients of the consulting subscriber may not provide direct or indirect access to the consultant’s Qualys Cloud Platform instance or have any type of user account. The Qualys API should not be used to create a custom portal for clients to have access to features.
Consultant customers are direct customers of Qualys, who is an approved ASV vendor, but the clients of the Qualys Consulting Edition customer are not; therefore, consultants are not permitted to submit external scans for Qualys PCI ASV validation on behalf of their clients.
No. Qualys does not provide professional services, managed services, or consulting.