Users have noted that Qualys VMDR offers strong automated vulnerability scanning capabilities, comprehensive reporting features, and integration capabilities with other security tools, although there are concerns about the outdated user interface and system performance. On the other hand, Prisma Cloud is praised for its competitive pricing, ease of deployment, and comprehensive security capabilities.
The summary above is based on 142 interviews we conducted recently with Qualys VMDR and Prisma Cloud by Palo Alto Networks users. To access the review's full transcripts, download our report.
"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"PingSafe's most valuable feature is its unified console."
"I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"The management console is the most valuable feature."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"We noted immediate benefits from using the solution."
"The runtime mechanism on the solution is very useful. It's got very good network mapping between containers. If you have more than one container, you can create a content data link between them."
"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."
"Comprehensive and valuable for providing security. It is scalable, its stability is impressive, and setting it up is straightforward."
"Prisma scans things and shows all the vulnerabilities and packages that are vulnerable, and which layers, by default, have vulnerabilities. So developers can easily go into the package or a particular layer and make changes to their code. It's very transparent."
"CSPM is very useful because it gives us good policies and violation alerts."
"The most valuable feature is the closed VPN connection, which provides better performance than traditional VPN boxes. For example, let's say a user in New York State normally connects in the East, but if they travel to the UK, they can connect to the same portal, which automatically redirects to any VPN gateway. We can control traffic based on Active Directory groups instead of the user's IP. That means a user in New York can access his application based on his user ID and AD group access when he travels to the UK or anywhere else."
"I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent."
"Technical support is quite helpful."
"Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an intrusion."
"Technical support is fantastic."
"The reporting is fine."
"It's really beneficial for scanning and interacting with the agent."
"Tech support is helpful."
"The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks."
"The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities."
"The most valuable feature is the certificate management."
"They need more experienced support personnel."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"There is room for improvement in the current active licensing model for PingSafe."
"The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."
"The categorization of the results from the vulnerability assessment could be improved."
"They could generally give us better comprehensive rules."
"I would like PingSafe to add real-time detection of vulnerabilities and cloud misconfigurations."
"They can work on policies based on different compliance standards."
"The alignment of Twistlock Defender agents with image repositories needs improvement. These deployed agents have no way of differentiating between on-premise and cloud-based image repositories. If I deploy a Defender agent to secure an on-premise Kubernetes cluster, that agent also tries to scan my ECR image repositories on AWS. So, we have limited options for aligning those Defenders with the repositories that we want them to scan. It is scanning everything rather than giving us the ability to be real granular in choosing which agents can scan which repositories."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"The user interface should be improved and made easier."
"We would like it to have more features from the risk and compliance perspectives."
"Palo Alto should work on ease-of-use and the user-friendliness to be more competitive with some competing products."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
"There needs to be a mechanism that allows me to manually configure compliance more easily."
"The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."
"Qualys Container Security can improve the interface. It could be easier to navigate and be enriched."
"Qualys could improve the inbuilt dashboards."
"There's a need to upgrade or fix the potential vulnerability rate. Around 20,000 potential vulnerabilities were showing in Qualys VMDR, but none of the other tools showed them. When we checked, it wasn't the case. Support explained that even small issues were being counted as vulnerabilities, causing issues in our audit. So, the security features could be improved to identify vulnerabilities accurately."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
"It is more expensive vs. other products on the market."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and F5 Advanced WAF, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and CrowdStrike Falcon Cloud Security. See our Prisma Cloud by Palo Alto Networks vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.