We performed a comparison between Qualys VMDR and RiskIQ Illuminate based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"The initial setup was good. We didn't have any problems with it."
"The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network."
"The reporting is fine."
"There are fewer false positives when using this solution."
"Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported."
"The most valuable feature is the certificate management."
"Detects new hosts along with vulnerabilities."
"The solution is stable with 12 years of established historical data."
"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution."
"There needs to be better documentation."
"Make some minimal dashboard improvements."
"The solution is a bit expensive if you do not have access to discounts."
"A low-cost service to evaluate the risk score of a supply chain would be very helpful."
Earn 20 points
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while RiskIQ Illuminate is ranked 13th in Attack Surface Management (ASM). Qualys VMDR is rated 8.2, while RiskIQ Illuminate is rated 0.0. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of RiskIQ Illuminate writes "Able to discover unpatched servers, offers good stability, and scales very well". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas RiskIQ Illuminate is most compared with Microsoft Defender External Attack Surface Management, Palo Alto Networks WildFire, Recorded Future and ZeroFOX.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.