We compared Qualys VMDR and Tenable Vulnerability Management based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Users generally find the setup process for Qualys VMDR to be easy and fast, taking only a few minutes. However, there are some integration issues with other systems. In contrast, setting up Tenable Vulnerability Management can be time-consuming, ranging from a couple of hours to a few weeks. Some users find it difficult to configure IP ranges and firewall settings.
Qualys VMDR offers a prioritization mechanism, continuous monitoring, a customizable dashboard, and a comprehensive overview of vulnerabilities. On the other hand, Tenable Vulnerability Management provides complete visibility, scalability, and a user-friendly dashboard for vulnerability analysis.
Both Qualys VMDR and Tenable Vulnerability Management have areas that require improvement. Qualys VMDR could benefit from enhancements in user experience, UI design, SLA tracking, batch prioritization, integration, reporting, and dashboards. On the other hand, Tenable Vulnerability Management needs improvements in visibility, support, dashboards, integration, reporting, pricing, user interface, and automation.
The cost of setting up Qualys VMDR can be high for smaller customers, as it varies depending on the specific features needed. Some reviewers mentioned that additional fees are required for features like patch management and EDR policy compliance. In contrast, Tenable Vulnerability Management has a pricing model that varies among users, which some users did not find ideal. While basic vulnerability scanning and management have no hidden costs, the overall cost can be relatively expensive compared to other solutions.
Qualys VMDR is praised for its ability to effectively reduce risks and mitigate cybersecurity threats, resulting in a good return on investment. On the other hand, Tenable Vulnerability Management is acknowledged for providing long-term value and identifying vulnerabilities, although not everyone experiences a significant return on investment.
The feedback for Qualys VMDR's customer service varies, with some customers appreciating the support provided, while others highlight the need for quicker response times and more knowledgeable staff. Similarly, Tenable Vulnerability Management's customer service has received mixed reviews, with certain users expressing dissatisfaction regarding issue resolution and turnaround time, while others commend the team's round-the-clock availability and promptness.
Comparison Results
In comparing Qualys VMDR to Tenable Vulnerability Management, both solutions have easy initial setups and offer comprehensive vulnerability management. Qualys VMDR provides a prioritization mechanism, continuous monitoring, and great technical support. It also has a customizable dashboard. However, it lacks user-friendliness, integration with other systems, and needs improvement in reporting and dashboards. On the other hand, Tenable Vulnerability Management offers complete visibility, is considered reliable and cost-effective, and has a user-friendly dashboard. It also provides efficient risk assessments. However, it lacks coverage of the entire vulnerability management process and needs improvements in support, pricing, and user interface customization.
"Vulnerability management is the most valuable one and it’s a must in every organization."
"This is one of the best products I have worked with so far. I like the power of Qualys, and it's a better solution because you can scan a compact file, a BIT file, or batch files. The product already knows what's happening inside, and you don't need to expand the package. Tenable will do the same thing, but you need to have a package issuance claim. With Qualys, we can immediately understand the file, even a compact file. If there's some kind of discovery or incident, you will know what happened in the environment."
"It's really beneficial for scanning and interacting with the agent."
"The most valuable feature is the certificate management."
"Qualys VM had a recent upgrade and the newer version is supporting the cloud."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities."
"The most valuable feature of the solution is the external channel."
"The solution is very simple to use."
"The interface is fine."
"You can customize each point in new scans."
"It's a recommended tool for penetration testers because it's effective for that purpose."
"It is easy to manage. Most of the information the tool provided helped to further investigate the vulnerability and its impact."
"The initial setup is very straightforward."
"One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently."
"The product is easy to use."
"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution."
"Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time."
"Improve the user interface."
"Endpoint stability and fault resolution could be improved."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."
"The shortcoming of the solution that needs improvement is related to its capability to do vulnerability assessments on applications."
"The solution seems to focus too much on enterprises, and they really need a product that works for SMBs."
"The interface could be improved; right now it's running on two interfaces simultaneously."
"The product could be easier to set up on the cloud."
"The tool's reports are bad. They're not very customizable or flexible. During audits, we often have to exclude things that aren't relevant to our organization, but we can't do that easily with the reports. They come in HTML or PDF format, and we can't compare current results with previous ones in Excel because we never receive reports in Excel."
"The solution must be promoted more in the market."
"The solution’s pricing could be improved."
More Tenable Vulnerability Management Pricing and Cost Advice →
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Tenable Vulnerability Management is ranked 2nd in Risk-Based Vulnerability Management with 39 reviews. Qualys VMDR is rated 8.2, while Tenable Vulnerability Management is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Tenable Vulnerability Management writes "Discovers vulnerabilities and integrates well with other solutions". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tanium, whereas Tenable Vulnerability Management is most compared with Tenable Security Center, Tenable Nessus, Amazon Inspector, Microsoft Defender Vulnerability Management and Rapid7 InsightVM. See our Qualys VMDR vs. Tenable Vulnerability Management report.
See our list of best Risk-Based Vulnerability Management vendors.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.