Users have noted that Qualys VMDR offers strong automated vulnerability scanning capabilities, comprehensive reporting features, and integration capabilities with other security tools, although there are concerns about the outdated user interface and system performance. On the other hand, Prisma Cloud is praised for its competitive pricing, ease of deployment, and comprehensive security capabilities.
The summary above is based on 142 interviews we conducted recently with Qualys VMDR and Prisma Cloud by Palo Alto Networks users. To access the review's full transcripts, download our report.
"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"The UI is very good."
"The ease of use of the platform is very nice."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"Visibility is a key feature. Integration with other technologies across the board, whether they are Palo Alto technologies, Windows technologies, or cloud technologies, is probably the biggest thing."
"We were pleased with Prisma's custom and built-in reports. We could go into the dashboard and see all these notifications telling us which subscriptions didn't have TLS 1.2 enabled. The security controls were the most valuable features."
"Comprehensive and valuable for providing security. It is scalable, its stability is impressive, and setting it up is straightforward."
"The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis."
"Integrating with a CI/CD pipeline and incorporating a vulnerability assessment process are highly effective features, especially when combined with runtime protection."
"The support is excellent."
"You can also integrate with Amazon Managed Services. You can also get a snapshot in time, whether that's over a 24-hour period, seven days, or a month, to determine what the estate might look like at a certain point in time and generate reports from that for vulnerability management forums."
"I am impressed with the VMDR feature."
"The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe. It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment"
"There are fewer false positives when using this solution."
"What I like about Qualys VM is the dashboard presentation. It's very good."
"I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth."
"The reporting is fine."
"The prioritization feature is great. I think it has all of the advanced features that we need."
"Detects new hosts along with vulnerabilities."
"While it is good, I think the solution's console could be improved."
"We had a glitch in PingSafe where it fed us false positives in the past."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"There is room for improvement in the current active licensing model for PingSafe."
"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"The solution does not currently support servers for GCP."
"It's not really on par with, or catering to, what other products are looking at in terms of SAST and DAST capabilities. For those, you'd probably go to the market and look at something like Veracode or WhiteHat."
"The UI is the worst."
"They need to improve the API gateway."
"We are encountering issues with the new permissions required for AWS integration with Prisma."
"The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools."
"The security automation capabilities are average."
"For some custom policies, we need more features."
"The customer support is very bad."
"Qualys currently does not have any features for scanning SCADA, IoT, and Industrial Control Systems."
"They have integrated with other third parties, but it is still not viable."
"Could use additional security for the app."
"They're still evolving their platform in terms of reporting capabilities."
"Qualys Container Security can improve the interface. It could be easier to navigate and be enriched."
"The solution is a bit expensive if you do not have access to discounts."
"Qualys VM's machine learning and artificial intelligence features could be improved."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and Tenable.io Container Security, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and CrowdStrike Falcon Cloud Security. See our Prisma Cloud by Palo Alto Networks vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.