TrustRadius

FossID Workbench vs. Qualys TruRisk Platform

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
FossID Workbench
Score 0.0 out of 10
Enterprise companies (1,001+ employees)
FossID supports software auditing and compliance. FossID’s Software Composition Analysis (SCA) tool, Workbench, and professional services are designed to ensure comprehensive open source compliance and security in software development. Software Composition Analysis (SCA) FossID Workbench enables precise identification of open source components and vulnerabilities. It integrates into software development cycles, providing license recognition, proactive…N/A
Qualys TruRisk Platform
Score 6.0 out of 10
N/A
Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.N/A
Pricing
FossID WorkbenchQualys TruRisk Platform
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FossID WorkbenchQualys TruRisk Platform
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsFossID pricing considers several factors such as number of contributors, type of deployment, add-ons, and success accelerator services.
More Pricing Information
Features
FossID WorkbenchQualys TruRisk Platform
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
FossID Workbench
-
Ratings
Qualys TruRisk Platform
8.7
Ratings
9% above category average
Network Analytics00 Ratings8.90 Ratings
Threat Recognition00 Ratings8.30 Ratings
Vulnerability Classification00 Ratings8.80 Ratings
Automated Alerts and Reporting00 Ratings9.00 Ratings
Threat Analysis00 Ratings8.20 Ratings
Threat Intelligence Reporting00 Ratings8.90 Ratings
Automated Threat Identification00 Ratings8.70 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
FossID Workbench
-
Ratings
Qualys TruRisk Platform
8.5
Ratings
5% above category average
IT Asset Realization00 Ratings8.80 Ratings
Authentication00 Ratings7.90 Ratings
Configuration Monitoring00 Ratings8.50 Ratings
Web Scanning00 Ratings8.80 Ratings
Vulnerability Intelligence00 Ratings8.60 Ratings
User Ratings
FossID WorkbenchQualys TruRisk Platform
Likelihood to Recommend
-
(0 ratings)
8.6
(0 ratings)
Usability
-
(0 ratings)
2.0
(0 ratings)
Support Rating
-
(0 ratings)
5.0
(0 ratings)
User Testimonials
FossID WorkbenchQualys TruRisk Platform
Likelihood to Recommend
No answers on this topic
It is well suited for environments that are looking for a solution that is top notch for vulnerability scanning, and is the most accurate at doing so. It would also fit environments that have a lot of endpoints to scan or like to have scanning done on an automatic basis. It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
Verified User
Anonymous
Read full review
Pros
No answers on this topic
  • Attestation is so easy with Qualys. I find this one feature makes the investment worth the cost
  • Ease of use. Within an hour of first installing, a person can be running compliance tests without a hitch.
  • Great training materials and support. I have never had to take more than twenty minutes to solve a problem either through support or the forums.
Larry Sullivan | TrustRadius Reviewer
Larry Sullivan
Director Technical & Consulting Services
Read full review
Cons
No answers on this topic
  • Notices some findings which were not clear why they appear(suspected false positive).
  • Working with Qualys support(for example due to the previous point) wasn't the best experience. the response was very slow.
  • Qualys limit the daily API requests. In case you need more, it will cost.
Verified User
Anonymous
Read full review
Usability
No answers on this topic
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.
Verified User
Anonymous
Read full review
Support Rating
No answers on this topic
They had a support page within the WAS to report any concerns or seek help. But the UI of that is not smooth. Regardless support staff were pretty responsive and helpful. They scheduled calls to understand and address our problems. Email support is good as well.
Verified User
Anonymous
Read full review
Alternatives Considered
No answers on this topic
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our organization, both products are great and meet our expectations, but due to pricing, we favor Nessus slightly more.
Verified User
Anonymous
Read full review
Return on Investment
No answers on this topic
  • The most important thing that happens with this program is to automate one hundred percent the security of my system since this program is in charge of supervising each of the applications and websites in detail.
  • One of the purposes for which we trust Qualys Cloud Platform is to keep our system clean and secure; the ability of this software to manage our vulnerability makes us more cautious about working with it.
Henry Coronel | TrustRadius Reviewer
Henry Coronel
Systems Product Engineer
Read full review
ScreenShots

FossID Workbench Screenshots

Screenshot of a scan of repositories that detects all Free and Open Source Software (FOSS) from complete components, packages, and libraries to small snippets of open source.Screenshot of a Software Bill of Materials (SBOMs). FossID Workbench can automatically export and import Software Package Data Exchange (SPDX) reports containing license text, copyright statements, vulnerabilities and even snippet level information.Screenshot of a presentation of license-related risks in software that helps to remain compliant. Workbench detects over 2000 different licenses encountered overed years of open source auditing from strong/weak copyleft to the most obscure source-available and non-commercial licenses. Workbench helps users to understand all license related risks that could affect your products and services.Screenshot of Workbench’s comprehensive policy management that can prevent usage of strong/weak copyleft or source-available software licenses in products and services.Screenshot of VulnSnippet Finder: Snippet detection for vulnerable open source snippets. FossID’s Knowledge Base snippet detection capabilities include special detection of vulnerable open source snippets. While most security scanners assume open source vulnerabilities based on component and version, VulnSnippet Finder bases its search on the exact lines of code/snippets that make software vulnerable.