We performed a comparison between Check Point CloudGuard CNAPP and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."The most valuable features are the ability to create pipeline rules, the enhanced NetOps security, and the deep visibility across our entire infrastructure."
"It provides critical insights that enable the IT team to plan and launch smart investigations when there are security breaches."
"It has great scalability."
"People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."
"We have more visibility than ever before, appreciating the valuable and proactive insight that we receive from the platform."
"Its monitoring and alerts are triggered by a failure or non-compliance with policies. It helps us to be able to act effectively and quickly."
"Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
"We like the GSL Builder feature. When you're running a security operations center, you spend a lot of time monitoring endpoint activity to ensure there is no malicious traffic or anonymous access in the environment. The GSL Builder is helpful for deep investigations of a particular reason for an incident. You can use it to get more information."
"The most valuable feature is that this solution is very lightweight."
"Performs automated, regular scans in the network."
"I am impressed with the VMDR feature."
"It's really beneficial for scanning and interacting with the agent."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"Technical support is great and we've never really had a problem."
"This solution gives us insight into our environment and improves our security. It helps us to maintain a good patching system whereby we know that XYZ is vulnerable within the system."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"Compliance checks on cloud resources against various industry standards and compliance framework templates need to be improved."
"They take time to respond or coordinate a meeting since they maintain a schedule that does not fit Latin America very well."
"The price of this solution should be reduced so that it is more affordable to scale."
"Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes."
"The software configurations theory is complicated, and without proper planning and a well-skilled technical team, it cannot perform its tasks properly."
"The support must be more effective."
"The entire system is complicated, and the setup process may not cater to the company's demands."
"Making basic rules is easy, but it's complex if you want to do something a little more nuanced. I've been unable to make some rules that I wanted. I couldn't evaluate some values or parameters of the components I look for. I haven't always been able to assess them."
"Qualys should improve their customer experience. They need to improve the tech support experience and the turnaround time."
"Integration could be better. When you think about scanning, it's not used just with this product alone but with other Qualys products. If you think about the bundle, the product itself is good. But integration with other products and packages has space for improvement. They should also offer a better price for bundles."
"It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution."
"Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching. They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework."
"The reporting and the GUI need improvements."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Qualys currently does not have any features for scanning SCADA, IoT, and Industrial Control Systems."
"Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time."
Check Point CloudGuard CNAPP is ranked 5th in Vulnerability Management with 60 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Qualys VMDR is rated 8.2. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Microsoft Defender for Cloud and Prisma Access by Palo Alto Networks, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
