I'm a Senior System Engineer at a mid-sized enterprise. I am comparing Qualys VM and Tenable Nessus:
Qualys is clearly the winner, especially with the new VMDR offering.
Tenable Nessus is a Vulnerability Assessment tool not a Vulnerability Management tool.
The correct comparison to Qualys's Cloud VM would be Tenable's Cloud VM platform: Tenable.io.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
In the past vulnerability assessment has been the primary approach used to detect cyber threats. Risk-based vulnerability management has become increasingly popular. How do each of these approaches work, and which do you think is more effective?