Check Point CloudGuard CNAPP vs Qualys VMDR comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Check Point CloudGuard CNAPP and Qualys VMDR based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: February 2024).
763,955 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The visibility in our cloud environment is the most valuable feature.""The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring.""Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console.""Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks).""The tool is also very intuitive; its dashboards are very complete and provide a lot of valuable information for decision-making to improve security.""I love the work involved in maintaining and scaling security services and configurations across multiple public clouds using this solution, versus using native native cloud security controls. It is so much better. The different cloud platforms all have their own way that they handle a lot of the stuff that Dome9 handles. Even within their platform, they are in a lot of disparate places, e.g., in AWS, there are five different tools. You have to jump between them to get the same information that you can just pull in automatically on Dome9, which is just one platform. We are using multiple platforms, so that makes it even more complicated and time consuming if you had to just rely on them to get all of your information. Whereas, it's all just summarized and put together on the Dome9 end.""Auto remediation is a very effective feature that helps ensure less manual intervention.""The administration portal panel is very intuitive."

More Check Point CloudGuard CNAPP Pros →

"It is a simple solution that makes scanning easy. You just give it a scheduled task, and it will do everything for you.""This is one of the best products I have worked with so far. I like the power of Qualys, and it's a better solution because you can scan a compact file, a BIT file, or batch files. The product already knows what's happening inside, and you don't need to expand the package. Tenable will do the same thing, but you need to have a package issuance claim. With Qualys, we can immediately understand the file, even a compact file. If there's some kind of discovery or incident, you will know what happened in the environment.""It's stable and quite reliable.""Vulnerability management is the most valuable one and it’s a must in every organization.""I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth.""Qualys VM had a recent upgrade and the newer version is supporting the cloud.""The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities.""Technical support is fantastic."

More Qualys VMDR Pros →

Cons
"The support must be more effective.""It does not support on-premise deployments such as VMware Tanzu, and this has been a major drawback when it comes to integrations with some applications.""Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes.""It should have some options to activate API calls to the platform in the cloud, another improvement would be that when the rules are colonized and they want to be published.""No improvements are needed.""Their service needs improvement.""I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations.""Almost all features are good, however, they still require improvements to the code security portion on which integration with the major source code repository is required."

More Check Point CloudGuard CNAPP Cons →

"If anything, I would like to see the user interface modernized a bit more.""I would like to see this solution more developed and competitive in the Cloud space.""Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching. They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework.""The disadvantage of working with Qualys is that the graphical interface is quite outdated.""They have integrated with other third parties, but it is still not viable.""Improve the API speed.""Qualys does have an on-prem solution, but it is very expensive.""The reporting and the GUI need improvements."

More Qualys VMDR Cons →

Pricing and Cost Advice
  • "​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
  • "I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
  • "It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
  • "The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
  • "I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
  • "Right now, we have licenses on 500 machines, and they are not cheap."
  • "The pricing is tremendous and super cheap. It is shockingly cheap for what you get out of it. I am happy with that. I hope that doesn't get reported back and they increase the prices. I love the pricing and the licensing makes sense. It is just assets: The more stuff that you have, the more you pay."
  • "Licensing and costs are straightforward, as they have a baseline of 100 workloads within one license and no additional charges."
  • More Check Point CloudGuard CNAPP Pricing and Cost Advice →

  • "Usually every implementation is different and the quote is in function of number of assets."
  • "When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
  • "It is more expensive than other products on the market."
  • "They have recently changed the pricing model, which is now better than it was before."
  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "The license is on a yearly basis."
  • More Qualys VMDR Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The visibility in our cloud environment is the most valuable feature.
    Top Answer:We have concerns regarding the pricing and would appreciate seeing some improvements.
    Top Answer:Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the… more »
    Top Answer:The process of defining and discovering scans is organized efficiently.
    Top Answer:The product is more expensive than that of any other vendor.
    Ranking
    5th
    Views
    1,419
    Comparisons
    857
    Reviews
    43
    Average Words per Review
    649
    Rating
    8.6
    Views
    6,663
    Comparisons
    5,110
    Reviews
    26
    Average Words per Review
    423
    Rating
    8.0
    Comparisons
    Also Known As
    Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    Overview

    Check Point CloudGuard CNAPP is a robust cloud security solution, offering comprehensive protection for cloud workloads and applications against cyberattacks. This platform encompasses cloud security posture management, threat prevention, and efficient incident response, providing organizations with a unified defense against threats. Key features include continuous visibility and remediation of misconfigurations, threat prevention through various techniques like intrusion prevention and malware detection, and rapid, cost-effective incident response. With CloudGuard CNAPP, you can safeguard cloud-native applications, cloud infrastructure, and sensitive data, enhancing your overall cloud security posture. This solution is a powerful asset for organizations seeking to fortify their cloud environments against a range of cyber threats.

    With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure its true risk, and track risk reduction over time.

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB) and patch management solutions to quickly discover, prioritize, and automatically remediate vulnerabilities at scale to reduce risk. Additionally, it integrates with ITSM solutions such as ServiceNow to automate and operationalize vulnerability management end-to-end.

    Get an all-Inclusive risk-based vulnerability management solution that prioritizes vulnerabilities, misconfigurations and assets based on risk, reduces risk by remediating vulnerabilities at scale, and helps organizations measure security program effectiveness by tracking risk reduction over time.

    Sample Customers
    Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Top Industries
    REVIEWERS
    Security Firm23%
    Financial Services Firm20%
    Computer Software Company10%
    Cloud Provider8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company14%
    Security Firm8%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm18%
    Comms Service Provider16%
    Manufacturing Company16%
    Transportation Company11%
    VISITORS READING REVIEWS
    Educational Organization32%
    Computer Software Company12%
    Financial Services Firm11%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business46%
    Midsize Enterprise13%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise10%
    Large Enterprise63%
    REVIEWERS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise68%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise41%
    Large Enterprise44%
    Buyer's Guide
    Vulnerability Management
    February 2024
    Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management. Updated: February 2024.
    763,955 professionals have used our research since 2012.

    Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 48 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 29 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Qualys VMDR is rated 8.2. The top reviewer of Check Point CloudGuard CNAPP writes "The ability to prioritize alerts enables me to focus on critical issues instead of common misconfigurations". On the other hand, the top reviewer of Qualys VMDR writes "Accurate and effective with good reporting". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Microsoft Defender for Cloud, Wiz and Prisma Access by Palo Alto Networks, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.