Qualys TruRisk Platform vs. Tenable Vulnerability Management

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Qualys TruRisk Platform
Score 6.0 out of 10
N/A
Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.N/A
Tenable Vulnerability Management
Score 9.5 out of 10
N/A
Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.N/A
Pricing
Qualys TruRisk PlatformTenable Vulnerability Management
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Qualys TruRisk PlatformTenable Vulnerability Management
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Qualys TruRisk PlatformTenable Vulnerability Management
Considered Both Products
Qualys TruRisk Platform
Chose Qualys TruRisk Platform
As described before Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners, fulfilling what's is expected from us, attending all our expectations …
Chose Qualys TruRisk Platform
When making the decision to use Qualys Cloud Platform we considered ManageEngine Patch Manager Plus and Kaseya VSA. We moved forward with Qualys Cloud Platform as it had multiple other options and features along with the costing provided as compared to others. Qualys Cloud …
Chose Qualys TruRisk Platform
I have not used other products like qualys cloud platform so I can't comment on how it compares, but I can say that we are happy with this solution that we currently have in place.
Chose Qualys TruRisk Platform
Qualys is quite user friendly and gives more easy information related to asset and risk an asset possess. Plus high quality of support as well as ease of use. Qualys is single suite for multiple task for your organization like VMDR rather than using multiple tools for different …
Chose Qualys TruRisk Platform
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our …
Chose Qualys TruRisk Platform
As compared with Tenable, Qualys has multiple benefits and features which help ease the management of compliance. Tenable has only vulnerability management, but the Qualys tools landscape comprises a bouquet of tools spanning endpoint security, network security, compliances, …
Chose Qualys TruRisk Platform
Qualys Cloud Platform is the best tool available in the market considering the following factors - (1) simplify security operations and lower the cost of compliance (2) Visibility of cloud security configuration issues (3)User friendly interface with flexible options …
Chose Qualys TruRisk Platform
Qualys is more user friendly than tenable in view of creating and managing assets, option profiles as well as remediation provision and reporting service. As far as cost of these tools concern, qualys is less costlier than tenable vm tool. Qualys UI is better than tenable. You …
Chose Qualys TruRisk Platform
The VMware Carbon Black suite of products is highly superior than Qualys. This is what our organization has switched to and we couldn't be happier. It feels much more modern and easier to use/naviagte than Qualys. They also offer great threat detection on the end-user's …
Chose Qualys TruRisk Platform
We actually moved out of Qualys Web Application Scanning to a different product as we found better options that helped us address the specific concerns we had. The concerns were around scan duration, coverage, and the ability of the scanner to learn an application's nature and …
Chose Qualys TruRisk Platform
Azure Security Center
Chose Qualys TruRisk Platform
Identity Automation RapidIdentity
Chose Qualys TruRisk Platform
Deploying Qualys is really easy, in less than a day you can have everything ready for scanning. Also, Qualys has tons of reports and has tons of extension apps (such as the Asset Management App, which I love).
Chose Qualys TruRisk Platform
We really have not used or evaluated other commercial platforms other the Qualys. This was the only comprehensive platform that was in use in the organization for many years. Prior to a greater adoption by IT personnel in the use of Qualys, IT staff would routinely help to …
Chose Qualys TruRisk Platform
Qualysguard gave us the tools we needed that were benificial to our job without us having to do too much manual interaction such as with NMap, Metasploit , etc. It was a very efficient platform that I would go to again.
Chose Qualys TruRisk Platform
My previous organization was in the healthcare industry and we actually had Qualysguard, eEye, and Nessus because our customers required specific scan reports from those solutions. However, from a usability perspective, Qualysguard was the best solution.
Chose Qualys TruRisk Platform
While all of the alternative solutions mentioned here are great products, the features and usability that Qualys Private Cloud brought to the table worked out to be the best fit for my organization.
Tenable Vulnerability Management
Chose Tenable Vulnerability Management
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
Chose Tenable Vulnerability Management
Tenable.io was a clear winner in regards to features and capability when compared to OpenVAS, Qualys, and Nexpose. OpenVAS is a fork of an older version of Nessus Scanner(from Tenable) and has been updated over the years to a great free alternative. It takes a lot more manual …
Chose Tenable Vulnerability Management
Skipping since I don't have too much familiarity with similar products.
Chose Tenable Vulnerability Management
Tenable.io has a comparable set of features, with excellent support and a competitive price. After less than desirable experiences with another company, we moved to Tenable and haven't looked back since.
Chose Tenable Vulnerability Management
Rapid7 is actually very comparable to Tenable.io in terms of automated scans, automated reporting, internal and external scanners, and remediation of external scans. But for less than the cost of a Rapid7 solution that comes with internal scans only, I received more hosts …
Features
Qualys TruRisk PlatformTenable Vulnerability Management
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Qualys TruRisk Platform
8.7
Ratings
9% above category average
Tenable Vulnerability Management
8.4
Ratings
6% above category average
Network Analytics8.90 Ratings10.00 Ratings
Threat Recognition8.30 Ratings10.00 Ratings
Vulnerability Classification8.80 Ratings10.00 Ratings
Automated Alerts and Reporting9.00 Ratings4.00 Ratings
Threat Analysis8.20 Ratings10.00 Ratings
Threat Intelligence Reporting8.90 Ratings5.00 Ratings
Automated Threat Identification8.70 Ratings10.00 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Qualys TruRisk Platform
8.5
Ratings
5% above category average
Tenable Vulnerability Management
8.8
Ratings
8% above category average
IT Asset Realization8.80 Ratings8.00 Ratings
Authentication7.90 Ratings10.00 Ratings
Configuration Monitoring8.50 Ratings8.00 Ratings
Web Scanning8.80 Ratings8.00 Ratings
Vulnerability Intelligence8.60 Ratings10.00 Ratings
Best Alternatives
Qualys TruRisk PlatformTenable Vulnerability Management
Small Businesses
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Medium-sized Companies
Action1
Action1
Score 9.5 out of 10
Action1
Action1
Score 9.5 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.0 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Qualys TruRisk PlatformTenable Vulnerability Management
Likelihood to Recommend
8.6
(0 ratings)
10.0
(0 ratings)
Likelihood to Renew
-
(0 ratings)
9.0
(0 ratings)
Usability
2.0
(0 ratings)
8.0
(0 ratings)
Support Rating
5.0
(0 ratings)
8.8
(0 ratings)
User Testimonials
Qualys TruRisk PlatformTenable Vulnerability Management
Likelihood to Recommend
It is well suited for environments that are looking for a solution that is top notch for vulnerability scanning, and is the most accurate at doing so. It would also fit environments that have a lot of endpoints to scan or like to have scanning done on an automatic basis. It is less appropriate in environments that want to use a platform right away, without getting training in how to use it, or reading documentation on the product.
Read full review
Tenable.io is a cost effective Internal and External scanner. The Internal scanner came with a .ova, so it was very simple and quick to deploy it into our ESXi environment. It has a cloud-based dashboard for management and the internal scanner is configured to auto-update from Tenable.io. The license came with 4 External PCI scans (with remediation) a year.
Read full review
Pros
  • Attestation is so easy with Qualys. I find this one feature makes the investment worth the cost
  • Ease of use. Within an hour of first installing, a person can be running compliance tests without a hitch.
  • Great training materials and support. I have never had to take more than twenty minutes to solve a problem either through support or the forums.
Read full review
  • Wide range of capabilities that can be customized to fit each user's environment and needs
  • Provides high-quality data and insights into detected vulnerabilities
  • Great customer support
Read full review
Cons
  • Notices some findings which were not clear why they appear(suspected false positive).
  • Working with Qualys support(for example due to the previous point) wasn't the best experience. the response was very slow.
  • Qualys limit the daily API requests. In case you need more, it will cost.
Read full review
  • Configuration is not always intuitive, but the comprehensive training and documentation comes to the rescue.
  • The mix of classic and beta UIs currently is confusing and we find the classic UI is actually better.
Read full review
Likelihood to Renew
No answers on this topic
We like to renew tenable each year we have had it so far.
Read full review
Usability
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.
Read full review
Overall it is good, it took a little while to understand it and figure things out but once you have a good grasp on it then, it is very good.
Read full review
Support Rating
They had a support page within the WAS to report any concerns or seek help. But the UI of that is not smooth. Regardless support staff were pretty responsive and helpful. They scheduled calls to understand and address our problems. Email support is good as well.
Read full review
Support is usually really great at walking you through any steps you need to take when you get stuck on something. There are a few false positives and errors that have come up over the years that required their help to get through. Unfortunately, the steps required to diagnose some problems are more tedious than I think should be necessary. (IE: SQL instances can throw errors that clog up your logs because one plugin affects it in a certain way. The process to diagnose this is to watch timestamps of plugins in a log while monitoring the SQL logs at the same time and using your best guess as to what is causing it.)
Read full review
Alternatives Considered
We find that Nessus is a great product, on par if not slightly better compared to Qualys in terms of their pricing model. However, Qualys Cloud Platform has better quality reporting, and offers great tips and suggestions on quickly closing a gap and eliminating the risk. In our organization, both products are great and meet our expectations, but due to pricing, we favor Nessus slightly more.
Read full review
I think Tenable and Qualys have a lot of similarities, I continue to go back to Tenable because of my familiarity and comfort level with it. I've also used a company called SecurityMetrics which has vulnerability scanning included but it is not as comprehensive as Tenable.
Read full review
Return on Investment
  • The most important thing that happens with this program is to automate one hundred percent the security of my system since this program is in charge of supervising each of the applications and websites in detail.
  • One of the purposes for which we trust Qualys Cloud Platform is to keep our system clean and secure; the ability of this software to manage our vulnerability makes us more cautious about working with it.
Read full review
  • We're able to mitigate over 90% of our vulnerability risk without too much effort. It helps find where automated patching fails and we can plan a fix from the findings.
  • A side effect of our scanning reveals new devices on our network that aren't cleared to be.
Read full review
ScreenShots