• Home
  • Qualys VMDR vs. Tenable Nessus

Qualys VMDR vs Tenable Nessus comparison

Cancel
You must select at least 2 products to compare!
Qualys Logo

Qualys VMDR

Read 77 Qualys VMDR reviews
6,866 views|5,201 comparisons
93% willing to recommend
Tenable Logo

Tenable Nessus

Read 75 Tenable Nessus reviews
11,726 views|8,496 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Qualys VMDR vs. Tenable Nessus
March 2023
Executive Summary
Updated on Sep 20, 2023

We compared Qualys VMDR and Tenable Nessus based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:

  • Ease of Deployment

    The setup process for Qualys VMDR is quick and uncomplicated, taking only a few minutes. However, setting up Qualys Container Security can be intricate and time-consuming. In contrast, Tenable Nessus is described as straightforward and effortless to set up, taking anywhere from 30 minutes to a couple of hours.

  • Features

    Qualys VMDR is notable for its effective prioritization system, ongoing monitoring, customizable dashboard, and extensive vulnerability overview. On the other hand, Tenable Nessus excels in vulnerability assessment, reporting, and ease of use.

  • Room for Improvement

    Both Qualys VMDR and Tenable Nessus have areas that could be improved. Qualys VMDR could enhance user experience, UI design, SLA tracking, batch prioritization, integration, reporting, and dashboards. On the other hand, Tenable Nessus could improve integration, pricing, user interface, reporting, support, and learning resources.

  • ROI

    Both Qualys VMDR and Tenable Nessus provide valuable returns on investment. Qualys VMDR prioritizes the reduction of cybersecurity risks, while Tenable Nessus places emphasis on proactive vulnerability discovery and patch deployment.

  • Service and Support

    The customer service for Qualys VMDR has received both positive and negative feedback. Some customers appreciate the convenience of reaching out to a global team and the implementation of suggested improvements. However, there are concerns about the response time and the expertise of the support staff. Tenable Nessus also has a mix of reviews. Some customers find the support to be prompt and useful, while others believe that the support team could be more knowledgeable and that the solutions provided are not always effective.

Comparison Results

Based on the reviews, Qualys VMDR and Tenable Nessus have similar initial setup processes that are straightforward and easy. However, Qualys VMDR stands out for its user-friendly setup and maintenance, including automatic agent updates. On the other hand, Tenable Nessus is highly effective in vulnerability assessment and reporting, and is also praised for its affordability and scalability. Qualys VMDR is valued for its prioritization mechanism and comprehensive overview of vulnerabilities, while Tenable Nessus is commended for its real-time monitoring and self-updating engine. Customer service and support for both products have received mixed reviews, with some users finding the support teams responsive and helpful, while others had negative experiences or did not require support.

To learn more, read our detailed Qualys VMDR vs. Tenable Nessus Report (Updated: March 2023).
Download the complete report
768,740 professionals have used our research since 2012.
Featured Review
Anonymous User
Researched Tenable Nessus but chose Qualys VMDR: The solution is efficient, with easy implementation, and simple to use
We have an excellent relationship with the vendor, so we use the solution in our company and in two other companies. We have a communication... Read more →
Anonymous User
Researched Qualys VMDR but chose Tenable Nessus: Saves me significant time when putting together reports for compliance agencies
One thing that is important for us is that when the regulation agency is asking for something. we can send them reports from Nessus and they're... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Performs automated, regular scans in the network.""The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning.""Tech support is helpful.""The solution shows us classic categories, including high, medium, and low risks. It also shows critical items, and that gives us the advantage of prioritizing things.""The most valuable feature is the ability to run different capabilities with the same agent. With only one agent, we can have EDR, vulnerability management, compliance and some basic SaaS security capabilities.""The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities.""I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth.""The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."

More Qualys VMDR Pros →

"It gives a holistic view of your entire environment.""Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips at documentation), tests against cloud providers, database profiles, several types of telecom devices, and others highly customizable scans.""The most valuable feature is the installation of Tenable which is incredibly easy.""I like the fact that it was not expensive. I like that it's user-friendly.""Makes ransomware checking and OS auditing and implementation relatively easy.""It is a mature tool.""I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for.""I have found the vulnerability assessment and the reports to be useful."

More Tenable Nessus Pros →

Cons
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap.""I would like to see this solution simplified to work more easily in a multi-cloud environment.""I would like to have CSPM, a continuous scan-like cloud added to the solution.""Qualys could improve the inbuilt dashboards.""The reporting in this solution can be improved.""They should make it accessible for more operating systems.""We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at.""Qualys should improve their customer experience. They need to improve the tech support experience and the turnaround time."

More Qualys VMDR Cons →

"I would like to see an improvement in the ranking of high, medium and low vulnerability.""The product must be more comprehensive.""They could make their reporting a little better.""The inventory management function in this solution needs improvement.""It would be nice for the professional module to include some of the reports available in the expert module.""The features are limited when it comes to scanning network devices for vulnerabilities.""The solution could improve security updates.""The reporting could be improved. The reporting in Rapid7 is much better."

More Tenable Nessus Cons →

Pricing and Cost Advice
  • "Usually every implementation is different and the quote is in function of number of assets."
  • "When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
  • "It is more expensive than other products on the market."
  • "They have recently changed the pricing model, which is now better than it was before."
  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "The license is on a yearly basis."

    • More Qualys VMDR Pricing and Cost Advice →

  • "The pricing is much more manageable versus other products."
  • "The price of Tenable Nessus is much more competitive versus other solutions on the market."
  • "I think the price is fairly affordable. It provides a license that is fair."
  • "Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
  • "We pay approximately $2,500 on a yearly basis."
  • "We have a subscription, the licensing fees are paid yearly, and I am using the latest version."
  • "We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level."
  • "The price is reasonable."

    • More Tenable Nessus Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
    See Recommendations
    768,740 professionals have used our research since 2012.
    Questions from the Community
    What is your primary use case for Qualys VM?
    Top Answer:Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the… more »
    Read all 36 answers   →
    What do you like most about Qualys VMDR?
    Top Answer:The process of defining and discovering scans is organized efficiently.
    Read all 56 answers   →
    What is your experience regarding pricing and costs for Qualys VMDR?
    Top Answer:The product is more expensive than that of any other vendor.
    Read all 33 answers   →
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What's the difference between Tenable Nessus and Tenable.io Vulnerability...
    Top Answer: Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation… more »
    Read all 2 answers   →
    What do you like most about Tenable Nessus?
    Top Answer:We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network… more »
    Read all 53 answers   →
    Ranking
    3rd
    out of 37 in Risk-Based Vulnerability Management
    Views
    6,866
    Comparisons
    5,201
    Reviews
    26
    Average Words per Review
    423
    Rating
    8.0
    3rd
    out of 110 in Vulnerability Management
    Views
    11,726
    Comparisons
    8,496
    Reviews
    30
    Average Words per Review
    422
    Rating
    8.4
    Comparisons
    Also Known As
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    Qualys
    Tenable
    Overview

    Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time. 

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

    With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

    Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a greater number of technologies than its competitors.

    Tenable Nessus Benefits

    Some of the ways that organizations can benefit by deploying Tenable Nessus include:

    • Ease of use. Tenable Nessus is designed with security administrators in mind. It is built so that users can manipulate it intuitively without having to undergo special systems training. Users can create security policies with the greatest level of ease and can initiate scans of their entire networks with only a few clicks.
    • Support and resources. Tenable Nessus has both a support system of clarification resources and technical support for users to rely on. The solution has a resource center that contains guides and tips that can clarify things that confuse users and can aid them in gaining the maximum level of value. Additionally, users can reach out to Tenable Nessus’s technical support team, which is available around the clock and is reachable via a number of methods. This makes it simple for users to get help if they need it.
    • Reduction of threat vectors. Tenable Nessus provides users with the ability to reduce the number of potential threat vectors that a hacker can exploit. It enables users to find where the vulnerabilities in their networks are so their security won’t be compromised. They can then quickly address those weak points and head off issues before any have the chance to arise.

    Tenable Nessus Features

    • Report customization. Tenable Nessus enables users to customize the security reports that their system produces. They are able to set Tenable Nessus to generate reports that contain the information that is most relevant to their business objectives. Users can also utilize these report customization capabilities to customize the formats of their reports.
    • Vulnerability triage capability. Included in the Tenable Nessus security suite is a feature that enables users to conduct a triage of their vulnerabilities. The solution can apply one of five ratings to vulnerabilities that it detects. This makes it possible for organizations to work on addressing issues by order of severity.
    • Scaling. Tenable Nessus can scale to meet an organization’s needs by migrating the network that it is connected to, to other Tenable solutions. Users can scale up their systems as their security demands increase. It is capable of reaching hundreds of thousands of systems.

    Reviews from Real Users

    Tenable Nessus is a solution that stands out when compared to many of its competitors. Two major advantages it offers are its ease of use and its vulnerability scanning feature.

    Rallis F., the principal security architect at a technology vendor, writes, “The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies.”

    Sandip D., a cyber security expert at Birlasoft India Ltd, writes, “The vulnerability scanner is the most valuable feature. It's an important feature for us. We use the plugin output for that. It shows us the exact version of Nessus and what is needed for remediation. Based on that, we decide what should be remediated first to get the best result for security.”

    Sample Customers
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
    Top Industries
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider15%
    Manufacturing Company15%
    Transportation Company11%
    VISITORS READING REVIEWS
    Educational Organization32%
    Computer Software Company11%
    Financial Services Firm11%
    Manufacturing Company6%
    REVIEWERS
    Computer Software Company14%
    Financial Services Firm12%
    Manufacturing Company9%
    Security Firm9%
    VISITORS READING REVIEWS
    Educational Organization35%
    Computer Software Company11%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise41%
    Large Enterprise44%
    REVIEWERS
    Small Business40%
    Midsize Enterprise22%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise43%
    Large Enterprise41%
    Buyer's Guide
    Qualys VMDR vs. Tenable Nessus
    March 2023
    Free Report: Qualys VMDR vs. Tenable Nessus
    Find out what your peers are saying about Qualys VMDR vs. Tenable Nessus and other solutions. Updated: March 2023.
    DOWNLOAD NOW
    768,740 professionals have used our research since 2012.

    Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Qualys VMDR is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Qualys VMDR is most compared with Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management, Tenable Vulnerability Management and Microsoft Defender for Cloud Apps, whereas Tenable Nessus is most compared with Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management, Pentera and Microsoft Defender Vulnerability Management. See our Qualys VMDR vs. Tenable Nessus report.

    We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.