Qualys TruRisk Platform vs. Rencore Code (SPCAF)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Qualys TruRisk Platform
Score 6.0 out of 10
N/A
Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.N/A
Rencore Code (SPCAF)
Score 8.8 out of 10
Enterprise companies (1,001+ employees)
Many organizations that use Office 365 are exposed to security risks that they are unaware of. As they extend SharePoint to meet their business needs, they build applications using technologies that range from end-user Microsoft Flow to developer-focused SharePoint Framework. Unfortunately, all of these custom applications are capable of circumventing the security measures organizations have in place exposing the organization and its data to security…N/A
Pricing
Qualys TruRisk PlatformRencore Code (SPCAF)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Qualys TruRisk PlatformRencore Code (SPCAF)
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
Qualys TruRisk PlatformRencore Code (SPCAF)
Considered Both Products
Qualys TruRisk Platform
Chose Qualys TruRisk Platform
As described before Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners, fulfilling what's is expected from us, attending all our expectations …
Chose Qualys TruRisk Platform
When making the decision to use Qualys Cloud Platform we considered ManageEngine Patch Manager Plus and Kaseya VSA. We moved forward with Qualys Cloud Platform as it had multiple other options and features along with the costing provided as compared to others. Qualys Cloud …
Chose Qualys TruRisk Platform
I have not used other products like qualys cloud platform so I can't comment on how it compares, but I can say that we are happy with this solution that we currently have in place.
Chose Qualys TruRisk Platform
Qualys is quite user friendly and gives more easy information related to asset and risk an asset possess. Plus high quality of support as well as ease of use. Qualys is single suite for multiple task for your organization like VMDR rather than using multiple tools for different …
Chose Qualys TruRisk Platform
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our …
Chose Qualys TruRisk Platform
As compared with Tenable, Qualys has multiple benefits and features which help ease the management of compliance. Tenable has only vulnerability management, but the Qualys tools landscape comprises a bouquet of tools spanning endpoint security, network security, compliances, …
Chose Qualys TruRisk Platform
Qualys Cloud Platform is the best tool available in the market considering the following factors - (1) simplify security operations and lower the cost of compliance (2) Visibility of cloud security configuration issues (3)User friendly interface with flexible options …
Chose Qualys TruRisk Platform
Qualys is more user friendly than tenable in view of creating and managing assets, option profiles as well as remediation provision and reporting service. As far as cost of these tools concern, qualys is less costlier than tenable vm tool. Qualys UI is better than tenable. You …
Chose Qualys TruRisk Platform
The VMware Carbon Black suite of products is highly superior than Qualys. This is what our organization has switched to and we couldn't be happier. It feels much more modern and easier to use/naviagte than Qualys. They also offer great threat detection on the end-user's …
Chose Qualys TruRisk Platform
We actually moved out of Qualys Web Application Scanning to a different product as we found better options that helped us address the specific concerns we had. The concerns were around scan duration, coverage, and the ability of the scanner to learn an application's nature and …
Chose Qualys TruRisk Platform
Azure Security Center
Chose Qualys TruRisk Platform
Identity Automation RapidIdentity
Chose Qualys TruRisk Platform
Deploying Qualys is really easy, in less than a day you can have everything ready for scanning. Also, Qualys has tons of reports and has tons of extension apps (such as the Asset Management App, which I love).
Chose Qualys TruRisk Platform
We really have not used or evaluated other commercial platforms other the Qualys. This was the only comprehensive platform that was in use in the organization for many years. Prior to a greater adoption by IT personnel in the use of Qualys, IT staff would routinely help to …
Chose Qualys TruRisk Platform
Qualysguard gave us the tools we needed that were benificial to our job without us having to do too much manual interaction such as with NMap, Metasploit , etc. It was a very efficient platform that I would go to again.
Chose Qualys TruRisk Platform
My previous organization was in the healthcare industry and we actually had Qualysguard, eEye, and Nessus because our customers required specific scan reports from those solutions. However, from a usability perspective, Qualysguard was the best solution.
Chose Qualys TruRisk Platform
While all of the alternative solutions mentioned here are great products, the features and usability that Qualys Private Cloud brought to the table worked out to be the best fit for my organization.
Rencore Code (SPCAF)
Chose Rencore Code (SPCAF)
There are no other products like this directly, although one could use combinations of settings with SonarQube, etc. to achieve similar results. There will still be a gap that will require manual effort.
Chose Rencore Code (SPCAF)
I'm not aware of products that do the same as the Rencore offering. I think they'd be hard to beat.
Chose Rencore Code (SPCAF)
I have found no other product that is able to do a similar analysis.
Chose Rencore Code (SPCAF)
For code analysis and code transformation there are no alternatives. Other cloud governance vendors mainly focus on security and permissions, whereas Rencore main focus is customizations.
Chose Rencore Code (SPCAF)
I don't know of any products that compete in the space and if there were any, they would not stand a chance against Rencore.
Behind any good product is a team of highly skilled individuals, who all have the same goal, who are passionate what they do and lastly, are in it for …
Features
Qualys TruRisk PlatformRencore Code (SPCAF)
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Qualys TruRisk Platform
8.7
Ratings
9% above category average
Rencore Code (SPCAF)
-
Ratings
Network Analytics8.90 Ratings00 Ratings
Threat Recognition8.30 Ratings00 Ratings
Vulnerability Classification8.80 Ratings00 Ratings
Automated Alerts and Reporting9.00 Ratings00 Ratings
Threat Analysis8.20 Ratings00 Ratings
Threat Intelligence Reporting8.90 Ratings00 Ratings
Automated Threat Identification8.70 Ratings00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Qualys TruRisk Platform
8.5
Ratings
5% above category average
Rencore Code (SPCAF)
-
Ratings
IT Asset Realization8.80 Ratings00 Ratings
Authentication7.90 Ratings00 Ratings
Configuration Monitoring8.50 Ratings00 Ratings
Web Scanning8.80 Ratings00 Ratings
Vulnerability Intelligence8.60 Ratings00 Ratings
Best Alternatives
Qualys TruRisk PlatformRencore Code (SPCAF)
Small Businesses
Action1
Action1
Score 9.5 out of 10
GitLab
GitLab
Score 8.7 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Veracode
Veracode
Score 8.7 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
Veracode
Veracode
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Qualys TruRisk PlatformRencore Code (SPCAF)
Likelihood to Recommend
8.6
(0 ratings)
8.8
(0 ratings)
Usability
2.0
(0 ratings)
-
(0 ratings)
Support Rating
5.0
(0 ratings)
9.1
(0 ratings)
User Testimonials
Qualys TruRisk PlatformRencore Code (SPCAF)
Likelihood to Recommend
It is well suited for environments that are looking for a solution that is top notch for vulnerability scanning, and is the most accurate at doing so. It would also fit environments that have a lot of endpoints to scan or like to have scanning done on an automatic basis. It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
Read full review
For Microsoft shops that are doing custom development on the Microsoft cloud platform in Office 365 and Azure, the Rencore toolset is an absolute must, especially if you are involved in converting farm solutions to cloud, or just moving into cloud development for the first time.
Read full review
Pros
  • Attestation is so easy with Qualys. I find this one feature makes the investment worth the cost
  • Ease of use. Within an hour of first installing, a person can be running compliance tests without a hitch.
  • Great training materials and support. I have never had to take more than twenty minutes to solve a problem either through support or the forums.
Read full review
  • Support - It is very quick relative to other vendors in this space and also very thorough.
  • Product Features - It appears to be the only product in the market that has ALL the pieces for a baseline SPFx project versus no tools or manual activities.
Read full review
Cons
  • Notices some findings which were not clear why they appear(suspected false positive).
  • Working with Qualys support(for example due to the previous point) wasn't the best experience. the response was very slow.
  • Qualys limit the daily API requests. In case you need more, it will cost.
Read full review
  • Rencore's product line is of course still a bit of a niche: SharePoint code quality is not something every organization on the planet is concerned with - although Rencore does much more than that.
  • We feel Rencore's marketing efforts are mainly targeted at technologists. There's a lot of other potential, especially for their platform governance product.
Read full review
Usability
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.
Read full review
No answers on this topic
Support Rating
They had a support page within the WAS to report any concerns or seek help. But the UI of that is not smooth. Regardless support staff were pretty responsive and helpful. They scheduled calls to understand and address our problems. Email support is good as well.
Read full review
Happy with the fast and meaningful responses.
Read full review
Alternatives Considered
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our organization, both products are great and meet our expectations, but due to pricing, we favor Nessus slightly more.
Read full review
I don't know of any products that compete in the space and if there were any, they would not stand a chance against Rencore. Behind any good product is a team of highly skilled individuals, who all have the same goal, who are passionate what they do and lastly, are in it for the betterment of where they started; As Developers themselves. You can't buy that
Read full review
Return on Investment
  • The most important thing that happens with this program is to automate one hundred percent the security of my system since this program is in charge of supervising each of the applications and websites in detail.
  • One of the purposes for which we trust Qualys Cloud Platform is to keep our system clean and secure; the ability of this software to manage our vulnerability makes us more cautious about working with it.
Read full review
  • Valuable insights into large existing SharePoint customizations that would otherwise would have taken weeks to analyze and assess on quality.
  • Without Rencore's tooling, it would be impossible to track changes to client-side code. For example, we can tell exactly who changed which JavaScript in which webpart in the environment.
  • Transformation tools helped developers migrate their existing code bases to the cloud, while already providing an automatically translated code base to start from.
Read full review
ScreenShots

Rencore Code (SPCAF) Screenshots

Screenshot of Using third party libraries allows you to build your SharePoint and Office 365 applications faster and focus on functionality specific for your organization. But regularly, security vulnerabilities are discovered in these external dependencies. If left unpatched, they become a security risk for your organization and its data. Rencore automatically warns you when any of the third-party libraries used in your applications has known vulnerabilities that could be exploited to hack your environment.Screenshot of Third-party libraries are regularly updated to improve performance and stability. Many organizations however don’t know when a new version of the library they use in their SharePoint and Office 365 applications is released and they keep using the old versions which exposes them not only to bugs but also to security risks. Rencore automatically warns you when a new version of a library that you use is available allowing you to verify the contents and the impact of the upgrade.Screenshot of Without proper tooling, it’s impossible to successfully enforce an application governance plan in SharePoint and Office 365. The number of ways in which users could possibly extend SharePoint combined with the thousands of pages and hundreds of settings that can be configured, make it impossible to continuously monitor for alignment with the organizational policies. 

Rencore helps you understand the configuration of your tenant as well as discover the different SharePoint and Office 365 applications used in your organization. With Rencore you will easily understand how these applications are built, which dependencies they have and which possible risks they expose your organization to.Screenshot of Your organization tailors SharePoint and Office 365 to its specific needs to get more value of its investment in the platform. But each organization has different needs and is subject to different laws and regulations. 

Rencore allows you to configure what policies you want to enforce in your tenant. Each violation gets reported so that you can take corrective action and successfully enforce your organization’s application governance plan.Screenshot of As you start discovering issues in your SharePoint and Office 365 environment, you will be taking corrective actions to mitigate the risks. Rencore helps you track these issues and the related tasks so that you can easily follow up on the status of each issue and control that your organization is improving over time.Screenshot of It’s not enough to have your SharePoint and Office 365 applications verified for compliancy with your organization’s policies before using them in production. As your applications evolve, they will require changes and each change exposes you to a number of risks. Rencore helps you track how your applications change over time, even if these applications don’t follow centralized deployment and are managed by power-users. Each change is assessed for potential risks that it could expose your organization to.