Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Technical support is fantastic."
"The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network."
"What I like about Qualys VM is the dashboard presentation. It's very good."
"It's a good product. After the scan our internet works well. It scans our security posture."
"It is very easy to use and there are lots of options. We can usually easily go through it and all of the things we want to configure, and we can configure everything to our specifications very easily."
"The initial setup was good. We didn't have any problems with it."
"Technical support is great and we've never really had a problem."
"The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"We're using it on container to see when activity involving executables happens, and that's great."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check."
"I would like to see this solution more developed and competitive in the Cloud space."
"The customer support is very bad."
"The reporting needs improvement. It should generate much more stuff like field reports."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"The ability to manage user accounts and give rights to the operator to know about abnormalities of applications is something that needs improvement."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
Pricing and Cost Advice
"They have recently changed the pricing model, which is now better than it was before."
"It is different for every company, but for us, it's every three years."
"Qualys is cheaper and more affordable than other solutions."
"Pricing seems to be in line with the market structure. It's fine."
"It is very expensive compared to some other products. The pricing is definitely high."
"I'm happy with the amount that we spend for the product that we get and the overall service that we get. It's not cheap, but I'm still happy with the spend."
"We find the licensing and pricing very easy to understand and a good value for the services provided."
"It came in cheaper than Trend Micro when we purchased it a few years ago."
"What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps."
Questions from the Community
Top Answer: It's a good product. After the scan our internet works well. It scans our security posture.
Top Answer: I would give the pricing three out of five.
I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
Top Answer: Thank you I’m not really interested in being sold to. I’m asking about what works, what doesn’t and pricing models. I don’t want any demos.
out of 36 in Vulnerability Management
Average Words per Review
out of 23 in Cloud Workload Security
Average Words per Review
Compared 32% of the time.
Compared 18% of the time.
Compared 15% of the time.
Compared 3% of the time.
Compared 1% of the time.
Compared 22% of the time.
Compared 15% of the time.
Compared 14% of the time.
Compared 11% of the time.
Compared 4% of the time.
Also Known As
|QualysGuard VM||Threat Stack, CSP,|
Qualys Vulnerability Management (VM) is a cloud-based service that gives you immediate, global visibility into where your IT systems might be vulnerable to the latest Internet threats and how to protect them. It helps you to continuously identify threats and monitor unexpected changes in your network before they turn into breaches.
Threat Stack Cloud Security Platform® is purpose-built to support organizations running in the cloud and the unique requirements of a cloud-based or hybrid infrastructure. In order to protect your sensitive data (the crown jewels) you need to know who is doing what, where and when – at all times. With continuous cloudand up-to-the-second alerting, you’ll always have the complete visibility you need to detect anomalous activity and know what occurred immediately.
Learn more about Qualys VM
Learn more about Threat Stack Cloud Security Platform
|Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx||StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense|
Financial Services Firm19%
Comms Service Provider19%
Computer Software Company34%
Comms Service Provider20%
Financial Services Firm7%
Computer Software Company31%
Comms Service Provider12%
Financial Services Firm9%
Qualys VM is ranked 5th in Vulnerability Management with 11 reviews while Threat Stack Cloud Security Platform is ranked 5th in Cloud Workload Security with 6 reviews. Qualys VM is rated 8.4, while Threat Stack Cloud Security Platform is rated 8.4. The top reviewer of Qualys VM writes "Easy to use and scalable but needs to be priced more competitively". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Qualys VM is most compared with Tenable Nessus, Tenable SC, Rapid7 InsightVM, Zscaler Internet Access and BMC TrueSight Vulnerability Management, whereas Threat Stack Cloud Security Platform is most compared with Lacework, Prisma Cloud by Palo Alto Networks, Dome9, Amazon GuardDuty and CloudPassage.
See our list of .
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.