We performed a comparison between Orca Security and Qualys VMDR based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"It is advantageous in terms of time-saving and cost reduction."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"Orca's SideScanning is the biggest feature. It's the 'wow' factor... With Orca's SideScanning, they just need permissions for your account and that makes it so simple."
"The initial setup is very easy."
"Another valuable feature with Orca, something that's not talked about enough, is its ability to rank your gaps and your tasks... You can get visibility with agents and there are a lot of ways to do that. But the ranking and the context across the entire environment, that is what is unique about Orca."
"It's for protection. It's an agentless tool. We don't need to install anything at a customer's premises. We can just scan the entire assets in the cloud."
"Orca's platform provides an agentless data collection facility that collects information directly from the cloud using APIs, with zero impact on performance."
"Orca provides X-ray vision into everything within the cloud properties, whereas normally, this would require multiple tools."
"The vulnerability management does not require network scanning or agent technology, so I don't need to modify any of my products in order to do vulnerability assessments."
"The reporting and automated remediation capabilities are valuable to me. They're real game-changers."
"They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability."
"I find the most valuable features are the continuous monitoring. Even on premises, there is constant monitoring."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"Technical support is fantastic."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities."
"The reporting functionality is great."
"Qualys VM's most valuable feature is automatic detection."
"They can work on policies based on different compliance standards."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"PingSafe can improve by eliminating 100 percent of the false positives."
"We'd like to have better notifications. We'd like them to happen faster."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"Maybe container runtime security could be improved."
"Another improvement would be that, in addition to focusing on endpoint compliance, they would focus on general compliance."
"We are PCI DSS compliant, so we need to scan our environment externally with tools vetted by the PCI DSS organization. Orca doesn't scan the environment externally. It only scans what's currently in the cloud."
"The interface can be a bit cranky and sometimes takes a lot of time to load."
"I would like to see an option to do security checks on a code level. This is possible because they have access to all of the code running in the cloud provider, and combining their site-scanning solution with that would be a nice add-on."
"As with all software, the user interface can always be made simpler to use. It would be helpful for people with very little knowledge, like somebody sitting behind the SOC, to allow them to be able to drill down into things a little bit easier than it is currently."
"It's not all clouds that they are currently onboarded with. For instance, they are not yet with public cloud and many other private clouds."
"They can expand a little bit in anti-malware detection. While we have pretty good confidence that it's going to detect some of the static malware, some of the detections are heuristics. There could be a growth in the library from where they're pulling their information, but we don't get a lot of those alerts based on the design of our products. In general, that might be an area that needs to be filled since they offer it as a service within it."
"The presentation of the data in the dashboard is a little bit chaotic."
"One of the biggest issues from the clients' perspective is that all Qualys computing is on the cloud."
"The customer support is very bad."
"Certain integration factors between different options could be improved."
"If anything, I would like to see the user interface modernized a bit more."
"Qualys could improve the inbuilt dashboards."
"It is more expensive vs. other products on the market."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Orca Security is ranked 12th in Container Security with 15 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Orca Security is rated 9.4, while Qualys VMDR is rated 8.2. The top reviewer of Orca Security writes "Allows agentless data collection directly from the cloud". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Orca Security is most compared with Wiz, Prisma Cloud by Palo Alto Networks, Microsoft Defender for Cloud, CrowdStrike Falcon Cloud Security and XM Cyber, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management. See our Orca Security vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.