We performed a comparison between Qualys VMDR and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cloud Native Security offers attack path analysis."
"Cloud Native Security is a tool that has good monitoring features."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek."
"PingSafe offers comprehensive security posture management."
"Cloud Native Security offers a valuable tool called an offensive search engine."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."
"Great web application security for scanning."
"Technical support is great and we've never really had a problem."
"Intuitive and easy to use."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"It's very configurable to adjust impact to systems."
"The reporting functionality is great."
"The Vulnerability Management and Patch Management features are the most valuable features of this solution."
"Technical support is fantastic."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"An important feature of this solution is monitoring. Specifically, container monitoring."
"It is scalable. It deploys easily with curl and yum."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."
"Threat Stack has connectivity."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"With Cloud Native Security, we can't selectively enable or disable alerts based on our specific use case."
"Whenever I view the processes and the process aspect, it takes a long time to load."
"The cost has the potential for improvement."
"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."
"While it is good, I think the solution's console could be improved."
"The integration with Oracle has room for improvement."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching. They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework."
"Qualys VM could improve by having more skilled support personnel."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"The reporting in this solution can be improved."
"There needs to be better documentation."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"Some features do not work as expected."
"It shoots back a lot of alerts."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The compliance and governance need improvement."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Qualys VMDR is ranked 11th in Container Security with 77 reviews while Threat Stack Cloud Security Platform is ranked 30th in Container Security. Qualys VMDR is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, AWS GuardDuty, Palo Alto Networks URL Filtering with PAN-DB, Check Point CloudGuard CNAPP and BMC Helix Cloud Security. See our Qualys VMDR vs. Threat Stack Cloud Security Platform report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.