We performed a comparison between CoreOS Clair and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security."PingSafe has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The UI is very good."
"All the features we use are equal and get the job done."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"We use the infrastructure as code scanning, which is good."
"Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities."
"CoreOS Clair's best feature is detection accuracy."
"It's stable and quite reliable."
"There are fewer false positives when using this solution."
"It's really beneficial for scanning and interacting with the agent."
"The reporting functionality is great."
"Monitors workstations and servers for vulnerabilities and creates reports."
"Tech support is helpful."
"The integrations for this solution are very good. I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"One of the issues with the product stems from the fact that it clubs different resources under one ticket."
"Crafting customized policies can be tricky."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"The reporting works well, but sometimes the severity classifications are inaccurate. Sometimes, it flags an issue as high-impact, but it should be a lower severity."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"Scanning capabilities should be added for the dark web."
"An area for improvement is that CoreOS Clair doesn't provide information about the location of vulnerabilities it detects."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"I do not like that all of the data is stored on the cloud."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"We face issues while scanning multiple assets."
"The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Integration could be better. When you think about scanning, it's not used just with this product alone but with other Qualys products. If you think about the bundle, the product itself is good. But integration with other products and packages has space for improvement. They should also offer a better price for bundles."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
CoreOS Clair is ranked 26th in Container Security with 1 review while Qualys VMDR is ranked 11th in Container Security with 77 reviews. CoreOS Clair is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of CoreOS Clair writes "Excellent detection accuracy". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". CoreOS Clair is most compared with JFrog Xray, Red Hat Advanced Cluster Security for Kubernetes, Snyk and Prisma Cloud by Palo Alto Networks, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.