We compared Qualys VMDR and Tenable Vulnerability Management based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Users generally find the setup process for Qualys VMDR to be easy and fast, taking only a few minutes. However, there are some integration issues with other systems. In contrast, setting up Tenable Vulnerability Management can be time-consuming, ranging from a couple of hours to a few weeks. Some users find it difficult to configure IP ranges and firewall settings.
Qualys VMDR offers a prioritization mechanism, continuous monitoring, a customizable dashboard, and a comprehensive overview of vulnerabilities. On the other hand, Tenable Vulnerability Management provides complete visibility, scalability, and a user-friendly dashboard for vulnerability analysis.
Both Qualys VMDR and Tenable Vulnerability Management have areas that require improvement. Qualys VMDR could benefit from enhancements in user experience, UI design, SLA tracking, batch prioritization, integration, reporting, and dashboards. On the other hand, Tenable Vulnerability Management needs improvements in visibility, support, dashboards, integration, reporting, pricing, user interface, and automation.
The cost of setting up Qualys VMDR can be high for smaller customers, as it varies depending on the specific features needed. Some reviewers mentioned that additional fees are required for features like patch management and EDR policy compliance. In contrast, Tenable Vulnerability Management has a pricing model that varies among users, which some users did not find ideal. While basic vulnerability scanning and management have no hidden costs, the overall cost can be relatively expensive compared to other solutions.
Qualys VMDR is praised for its ability to effectively reduce risks and mitigate cybersecurity threats, resulting in a good return on investment. On the other hand, Tenable Vulnerability Management is acknowledged for providing long-term value and identifying vulnerabilities, although not everyone experiences a significant return on investment.
The feedback for Qualys VMDR's customer service varies, with some customers appreciating the support provided, while others highlight the need for quicker response times and more knowledgeable staff. Similarly, Tenable Vulnerability Management's customer service has received mixed reviews, with certain users expressing dissatisfaction regarding issue resolution and turnaround time, while others commend the team's round-the-clock availability and promptness.
Comparison Results
In comparing Qualys VMDR to Tenable Vulnerability Management, both solutions have easy initial setups and offer comprehensive vulnerability management. Qualys VMDR provides a prioritization mechanism, continuous monitoring, and great technical support. It also has a customizable dashboard. However, it lacks user-friendliness, integration with other systems, and needs improvement in reporting and dashboards. On the other hand, Tenable Vulnerability Management offers complete visibility, is considered reliable and cost-effective, and has a user-friendly dashboard. It also provides efficient risk assessments. However, it lacks coverage of the entire vulnerability management process and needs improvements in support, pricing, and user interface customization.
"It's really beneficial for scanning and interacting with the agent."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
"The process of defining and discovering scans is organized efficiently."
"The prioritization feature is great. I think it has all of the advanced features that we need."
"The most valuable feature is the certificate management."
"There are fewer false positives when using this solution."
"The reporting is fine."
"It's a recommended tool for penetration testers because it's effective for that purpose."
"It is easy to manage. Most of the information the tool provided helped to further investigate the vulnerability and its impact."
"The best feature of the solution is the amount of visibility it provides of the vulnerabilities."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"The initial setup is pretty straightforward."
"The dashboard is pretty intuitive, and it lets you do a drill-down analysis of each vulnerability. That is something that brings a lot of value to the organization."
"The product is easy to use."
"A new user can easily understand the workflow, even if they are creating users for other divisions and the user is a beginner."
"Qualys could improve the inbuilt dashboards."
"Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching. They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"There's a need to upgrade or fix the potential vulnerability rate. Around 20,000 potential vulnerabilities were showing in Qualys VMDR, but none of the other tools showed them. When we checked, it wasn't the case. Support explained that even small issues were being counted as vulnerabilities, causing issues in our audit. So, the security features could be improved to identify vulnerabilities accurately."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"Endpoint stability and fault resolution could be improved."
"The one drawback that we have found is the reports."
"The only drawback of the solution is that it is expensive."
"It's not a user-friendly tool since it has a complicated interface."
"Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration."
"I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."
"Tenable could improve visibility into assets, including automated asset tagging. You should be able to automatically tag assets based on location, function, ownership, etc. That would help us because we spend a lot of time identifying and tagging assets by hand."
"The UI has room for improvement."
"They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition."
More Tenable Vulnerability Management Pricing and Cost Advice →
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Tenable Vulnerability Management is ranked 2nd in Risk-Based Vulnerability Management with 39 reviews. Qualys VMDR is rated 8.2, while Tenable Vulnerability Management is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Tenable Vulnerability Management writes "Discovers vulnerabilities and integrates well with other solutions". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tanium, whereas Tenable Vulnerability Management is most compared with Tenable Security Center, Tenable Nessus, Amazon Inspector, Microsoft Defender Vulnerability Management and Rapid7 InsightVM. See our Qualys VMDR vs. Tenable Vulnerability Management report.
See our list of best Risk-Based Vulnerability Management vendors.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
