We performed a comparison between Qualys VMDR and Skyhigh Security based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."I like Qualys because it is a very complete product, more so than Tenable."
"Qualys VM had a recent upgrade and the newer version is supporting the cloud."
"Technical support is fantastic."
"Performs automated, regular scans in the network."
"The reporting functionality is great."
"We also like the flexibility in their licensing."
"Detects new hosts along with vulnerabilities."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"The support is excellent."
"I like the encrypted disk feature and the endpoint protection."
"Skyhigh performs well, and we can choose from virtual and hardware plans. We can deploy the ISO on as many virtual machines as possible and easily set up high availability on the web proxy. The location doesn't matter. The user at a site will always access the web proxy for that location. It's suitable for an organization distributed across multiple regions."
"Overall, the performance is good."
"The management is very good."
"We have gained a deep insight into our Shadow IT usage as well as the different activities involved in Office 365."
"The risk rating of each cloud application has been very useful. Whenever we discover a new application is use, we are able to quickly determine if this application is safe to use and whether or not we should allow our end users to be able to access it."
"I found the solution to be stable."
"We face issues while scanning multiple assets."
"Qualys could improve the inbuilt dashboards."
"Qualys VM should improve its methodology."
"There's a need to upgrade or fix the potential vulnerability rate. Around 20,000 potential vulnerabilities were showing in Qualys VMDR, but none of the other tools showed them. When we checked, it wasn't the case. Support explained that even small issues were being counted as vulnerabilities, causing issues in our audit. So, the security features could be improved to identify vulnerabilities accurately."
"The solution is a bit expensive if you do not have access to discounts."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
"Qualys could be improved in its overall performance compared to other vulnerability management or scanning tools."
"There needs to be better documentation."
"I would like to see more power being given to the admin. In the sense that in case an employee is facing an issue and they want to configure a service, like attaching an email in Gmail, for example, they should be given the option to make the service request and get that configured on the go."
"User interface could be more intuitive."
"Iron out the few bugs that I've seen."
"You have to have some kind of background with cloud-based security, like working with different providers and how to make instances in the clouds and that kind of stuff - including cloud, networking cloud, cloud application development, anything like that is a requirement to be in the CASB space."
"Its initial setup could be more straightforward."
"You can integrate Skyhigh's rules with Active Directory groups. For example, you can allow access to a specific website for a defined set of users. I can do that, but the rules are not straightforward. It can look up the group in Active Directory. However, it doesn't always find the proper group name. The rule configuration should be simpler and more granular. The admin should be able to map 80 groups in the rules quickly."
"It is an expensive solution."
"The documentation could be improved."
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews while Skyhigh Security is ranked 7th in Secure Web Gateways (SWG) with 51 reviews. Qualys VMDR is rated 8.2, while Skyhigh Security is rated 8.4. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Skyhigh Security writes "Good scalability, but the technical support service needs improvement". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Skyhigh Security is most compared with Zscaler Internet Access, Netskope , Microsoft Defender for Cloud Apps, Symantec Proxy and Prisma Access by Palo Alto Networks.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.