Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.
N/A
Tenable Vulnerability Management
Score 9.5 out of 10
N/A
Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.
N/A
Pricing
Qualys TruRisk Platform
Tenable Vulnerability Management
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Qualys TruRisk Platform
Tenable Vulnerability Management
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Qualys TruRisk Platform
Tenable Vulnerability Management
Considered Both Products
Qualys TruRisk Platform
Verified User
Anonymous
Chose Qualys TruRisk Platform
As described before Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners, fulfilling what's is expected from us, attending all our expectations …
When making the decision to use Qualys Cloud Platform we considered ManageEngine Patch Manager Plus and Kaseya VSA. We moved forward with Qualys Cloud Platform as it had multiple other options and features along with the costing provided as compared to others. Qualys Cloud …
I have not used other products like qualys cloud platform so I can't comment on how it compares, but I can say that we are happy with this solution that we currently have in place.
Qualys is quite user friendly and gives more easy information related to asset and risk an asset possess. Plus high quality of support as well as ease of use. Qualys is single suite for multiple task for your organization like VMDR rather than using multiple tools for different …
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our …
As compared with Tenable, Qualys has multiple benefits and features which help ease the management of compliance. Tenable has only vulnerability management, but the Qualys tools landscape comprises a bouquet of tools spanning endpoint security, network security, compliances, …
Qualys Cloud Platform is the best tool available in the market considering the following factors - (1) simplify security operations and lower the cost of compliance (2) Visibility of cloud security configuration issues (3)User friendly interface with flexible options …
Qualys is more user friendly than tenable in view of creating and managing assets, option profiles as well as remediation provision and reporting service. As far as cost of these tools concern, qualys is less costlier than tenable vm tool. Qualys UI is better than tenable. You …
The VMware Carbon Black suite of products is highly superior than Qualys. This is what our organization has switched to and we couldn't be happier. It feels much more modern and easier to use/naviagte than Qualys. They also offer great threat detection on the end-user's …
We actually moved out of Qualys Web Application Scanning to a different product as we found better options that helped us address the specific concerns we had. The concerns were around scan duration, coverage, and the ability of the scanner to learn an application's nature and …
Deploying Qualys is really easy, in less than a day you can have everything ready for scanning. Also, Qualys has tons of reports and has tons of extension apps (such as the Asset Management App, which I love).
We really have not used or evaluated other commercial platforms other the Qualys. This was the only comprehensive platform that was in use in the organization for many years. Prior to a greater adoption by IT personnel in the use of Qualys, IT staff would routinely help to …
Qualysguard gave us the tools we needed that were benificial to our job without us having to do too much manual interaction such as with NMap, Metasploit , etc. It was a very efficient platform that I would go to again.
My previous organization was in the healthcare industry and we actually had Qualysguard, eEye, and Nessus because our customers required specific scan reports from those solutions. However, from a usability perspective, Qualysguard was the best solution.
While all of the alternative solutions mentioned here are great products, the features and usability that Qualys Private Cloud brought to the table worked out to be the best fit for my organization.
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
Tenable.io was a clear winner in regards to features and capability when compared to OpenVAS, Qualys, and Nexpose. OpenVAS is a fork of an older version of Nessus Scanner(from Tenable) and has been updated over the years to a great free alternative. It takes a lot more manual …
Tenable.io has a comparable set of features, with excellent support and a competitive price. After less than desirable experiences with another company, we moved to Tenable and haven't looked back since.
Rapid7 is actually very comparable to Tenable.io in terms of automated scans, automated reporting, internal and external scanners, and remediation of external scans. But for less than the cost of a Rapid7 solution that comes with internal scans only, I received more hosts …
It is well suited for environments that are looking for a solution that is top notch for vulnerability scanning, and is the most accurate at doing so. It would also fit environments that have a lot of endpoints to scan or like to have scanning done on an automatic basis. It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.
They had a support page within the WAS to report any concerns or seek help. But the UI of that is not smooth. Regardless support staff were pretty responsive and helpful. They scheduled calls to understand and address our problems. Email support is good as well.
Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our organization, both products are great and meet our expectations, but due to pricing, we favor Nessus slightly more.
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
The most important thing that happens with this program is to automate one hundred percent the security of my system since this program is in charge of supervising each of the applications and websites in detail.
One of the purposes for which we trust Qualys Cloud Platform is to keep our system clean and secure; the ability of this software to manage our vulnerability makes us more cautious about working with it.
We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
A side effect of our scanning reveals new devices on our network that aren't cleared to be.