Users have noted that Qualys VMDR offers strong automated vulnerability scanning capabilities, comprehensive reporting features, and integration capabilities with other security tools, although there are concerns about the outdated user interface and system performance. On the other hand, Prisma Cloud is praised for its competitive pricing, ease of deployment, and comprehensive security capabilities.
The summary above is based on 142 interviews we conducted recently with Qualys VMDR and Prisma Cloud by Palo Alto Networks users. To access the review's full transcripts, download our report.
"It is advantageous in terms of time-saving and cost reduction."
"We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there."
"Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities."
"The mean time to detect has been reduced."
"The UI is responsive and user-friendly."
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"Cloud Native Security offers attack path analysis."
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"Prisma Cloud's most important feature is its auto-remediation."
"It has a feature for customized security policy. I implement it in banking, health insurance, and other sectors, and every organization has its own customized policies and procedures. In Prisma Cloud, you can customize policies, and based on that, you can do monitoring."
"One of the main reasons we like Prisma Cloud so much is that they also provide an API. You can't expect to give someone an account on Prisma Cloud, or on any tool for that matter, and say, "Go find your things and fix them." It doesn't work like that... We pull down the information from the API that Prisma Cloud provides, which is multi-cloud, multi-account—hundreds and hundreds of different types of alerts graded by severity—and then we can clearly identify that these alerts belong to these people, and they're the people who must remediate them."
"The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud."
"This solution helped us by allowing us to schedule and fix things. This is not an easy thing if you're managing 1,000 plus resources."
"The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."
"The most valuable feature is the option to add custom queries using the RQL language that they supply so that we can customize the compliance frameworks to what we need to look for."
"What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features."
"The initial setup is straightforward."
"The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."
"It's very configurable to adjust impact to systems."
"I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth."
"There are fewer false positives when using this solution."
"The solution is easy to use."
"The prioritization feature is great. I think it has all of the advanced features that we need."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"Maybe container runtime security could be improved."
"There is room for improvement in the current active licensing model for PingSafe."
"Bugs need to be disclosed quickly."
"There is a bit of a learning curve for new users."
"I'd like to see better onboarding documentation."
"They can work on policies based on different compliance standards."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"The main area for improvement I want to see is for the platform to become less resource-intensive. Right now, it can slow down processes on the machine, and it would be a massive improvement if it were more lightweight than it currently is."
"It would be ideal if they could somehow reduce the deployment time."
"One definite area for improvement is the auto-remediation or the CWP area. The second one is the RQL language. It is still not very flexible and does not cover a lot of use cases. The RQL language could be dramatically improved to add more options."
"The visibility on the SIEM needs to be streamlined so we can get the data without any issues."
"The user interface should be improved and made easier."
"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."
"Prisma is good about compliance, and their support is excellent, but they struggle with automation and integration. They need to stay on top of the newest types of connectors. How can you connect other applications and other tools in order for this to work cohesively? That's a challenge."
"The licensing is a bit confusing."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"Qualys could be improved in its overall performance compared to other vulnerability management or scanning tools."
"Improve the user interface."
"The reporting and the GUI need improvements."
"Qualys VM's machine learning and artificial intelligence features could be improved."
"If anything, I would like to see the user interface modernized a bit more."
"Qualys VM could improve by having more skilled support personnel."
"They should make it accessible for more operating systems."
"When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
More Singularity Cloud Security by SentinelOne Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and AWS WAF, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and CrowdStrike Falcon Cloud Security. See our Prisma Cloud by Palo Alto Networks vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.