We performed a comparison between Qualys VMDR and Aqua Security Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Qualys VMDR receives compliments for its user-friendly interface, effective prioritization system, and extensive vulnerability management. Aqua Security Platform is highly appreciated for its container scanning features and ability to patch on-demand. Reviewers would like Qualys VMDR to be more customizable and improve its integration. Aqua Security Platform requires improvements in report automation, log forwarding, and resource consumption.
Service and Support: Qualys VMDR offers convenient global support in multiple languages. Nevertheless, a few users were dissatisfied with delayed responses and requested more knowledgeable support staff. Aqua Security Platform's customer service is generally prompt and supportive, but a few individuals had to resolve their problems themselves.
Ease of Deployment: The setup process for Qualys VMDR was described as uncomplicated. Agents can be deployed and configured in around 10 minutes. Some users found the initial setup for Aqua Security Platform to be straightforward while others encountered difficulties, particularly related to Microsoft and AI. The setup process could be more challenging in complex environments.
Pricing: Some users say Qualys VMDR is reasonably priced, while others consider it costly. Aqua Security Platform users say the solution is competitively priced compared to other solutions and sits within the middle range.
ROI: Qualys VMDR effectively identifies vulnerabilities and mitigates risks, leading to a favorable return on investment. Our users have provided no feedback on Aqua Security Platform's ROI so far.
Comparison Results: Qualys VMDR is preferred by our users over Aqua Security Platform. Users liked the straightforward setup, intuitive interface, and comprehensive vulnerability overview Qualys VMDR provides. They also found its continuous monitoring and asset tagging features valuable. Aqua Security Platform reviewers reported mixed experiences with the initial setup and said the solution lacked essential features.
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"PingSafe has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"The cloud misconfiguration is the most valuable feature."
"The user interface is well-designed and easy to navigate."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too."
"Support is very helpful."
"The most valuable feature is the security."
"We use Aqua Security for the container security features."
"Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment."
"Their sandboxing service is also really good."
"Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"The reporting is fine."
"It is quite easy to implement."
"The solution is easy to use."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"It's stable and quite reliable."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
"The solution shows us classic categories, including high, medium, and low risks. It also shows critical items, and that gives us the advantage of prioritizing things."
"In addition to the console alerts, I would like PingSafe to also send email notifications."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"We don't get any notifications from PingSafe when the clusters are down."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"Their search feature could be better."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."
"We repeatedly get alerts on the tool dashboard that we've already solved on our end, but they still appear. That is somewhat irritating."
"Aqua Security lacks a lot in reporting."
"We would like to see an improvement in the overview visibility that this solution offers."
"In the next release, Aqua Security should add the ability to automatically send reports to customers."
"Since we are working from home, we would like to have the proper training for Aqua."
"The user interface could be improved, especially in terms of organization and clarity."
"The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better."
"Sometimes I got stressed with the UI."
"It's a bit hard to use the user roles. That was a bit confusing."
"When tested on Zero day, there were errors."
"This solution could be improved by extending the agent capabilities to different operating systems including Mac and Linux. We would also like the capability to easily check for vulnerability in assets in the IOTs."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
"The reporting in this solution can be improved."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"Make some minimal dashboard improvements."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Aqua Cloud Security Platform is ranked 7th in Container Security with 16 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Aqua Cloud Security Platform is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Snyk, Red Hat Advanced Cluster Security for Kubernetes and Lacework, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management. See our Aqua Cloud Security Platform vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
