We performed a comparison between Qualys VMDR and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."My favorite feature is Storyline."
"The user interface is well-designed and easy to navigate."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"PingSafe's graph explorer is a valuable tool that lets us visualize all connected services."
"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."
"Cloud Native Security offers attack path analysis."
"The ease of use of the platform is very nice."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"Intuitive and easy to use."
"The initial setup is straightforward."
"The most valuable feature is automation."
"The solution shows us classic categories, including high, medium, and low risks. It also shows critical items, and that gives us the advantage of prioritizing things."
"The reporting is fine."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities."
"Threat Stack has connectivity."
"An important feature of this solution is monitoring. Specifically, container monitoring."
"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"It is scalable. It deploys easily with curl and yum."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"PingSafe can be improved by developing a comprehensive set of features that allow for automated workflows."
"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."
"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"They could generally give us better comprehensive rules."
"The could improve their mean time to detect."
"When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report."
"I would like PingSafe to add real-time detection of vulnerabilities and cloud misconfigurations."
"The reporting needs improvement. It should generate much more stuff like field reports."
"Some of the older features could be polished instead of focusing on releasing new features."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"The only improvement I can think of is on the implementation side. At times it is a bit slow."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
"It is more expensive vs. other products on the market."
"I would like to see this solution more developed and competitive in the Cloud space."
"Endpoint stability and fault resolution could be improved."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"The compliance and governance need improvement."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"Some features do not work as expected."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Qualys VMDR is ranked 11th in Container Security with 77 reviews while Threat Stack Cloud Security Platform is ranked 30th in Container Security. Qualys VMDR is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, AWS GuardDuty, Palo Alto Networks URL Filtering with PAN-DB, Check Point CloudGuard CNAPP and BMC Helix Cloud Security. See our Qualys VMDR vs. Threat Stack Cloud Security Platform report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.