We performed a comparison between Qualys VMDR and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security."The process of defining and discovering scans is organized efficiently."
"It's very configurable to adjust impact to systems."
"The Vulnerability Management and Patch Management features are the most valuable features of this solution."
"It is very easy to use and there are lots of options. We can usually easily go through it and all of the things we want to configure, and we can configure everything to our specifications very easily."
"The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities."
"The solution is easy to use."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagging system is good for tagging. We can still use QualysAgent task ID tools even if tags aren't made."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"Technical support is very helpful."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
"It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check."
"The IoT scan is not great."
"Certain integration factors between different options could be improved."
"They have integrated with other third parties, but it is still not viable."
"There seems to be a lack of easy onboarding into Qualys."
"The reporting needs improvement. It should generate much more stuff like field reports."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"The compliance and governance need improvement."
"Some features do not work as expected."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Qualys VMDR is ranked 11th in Container Security with 77 reviews while Threat Stack Cloud Security Platform is ranked 30th in Container Security. Qualys VMDR is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Threat Stack Cloud Security Platform is most compared with AWS GuardDuty, Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Prisma Cloud by Palo Alto Networks and Check Point CloudGuard CNAPP.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.