Users have noted that Qualys VMDR offers strong automated vulnerability scanning capabilities, comprehensive reporting features, and integration capabilities with other security tools, although there are concerns about the outdated user interface and system performance. On the other hand, Prisma Cloud is praised for its competitive pricing, ease of deployment, and comprehensive security capabilities.
The summary above is based on 142 interviews we conducted recently with Qualys VMDR and Prisma Cloud by Palo Alto Networks users. To access the review's full transcripts, download our report.
"The ease of use of the platform is very nice."
"We really appreciate the Slack integration. When we have an incident, we get an instant notification. We also use Joe Sandbox, which Singularity can integrate with, so we can verify if a threat is legitimate."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"The real-time detection and response capabilities overall are great."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The mean time to detect has been reduced."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"The two most valuable features are container security and the capability to discover workloads."
"I like Palo Alto's threat protection and Wi-Fi coverage. It has advanced features like DNS security and sandboxing. The automation capabilities are excellent."
"Technical support is quite helpful."
"The most valuable features are the alerts and auto-remediation because it allows us a lot of flexibility to customize and do things the Palo Alto team never intended. We faced some challenges with certificates because we also have next-gen firewalls. We would like to equip all the traffic because there have been many cases in which the developers have done things by mistake. Deploying certificates on virtual machines can be complex in a development environment, but we managed to do that with Prisma Cloud."
"Prisma Cloud is quite simple to use. The web GUI is powerful. Prisma Cloud scans the overall architecture of the AWS network to identify open ports and other vulnerabilities, then highlights them."
"The solution will streamline and minimize manual efforts."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"What I found most valuable in Prisma Cloud by Palo Alto Networks is the VAS, such as the web application and API security. I feel that VAS adds a lot of value, mainly because it gives visibility through the application layer and threat detection features."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"The features that are most valuable are the identification, scan features, and the identification of vulnerabilities."
"The reporting is fine."
"The vulnerability management feature is what I used the most. It is a good SaaS product. It is easy to use. It has a nice UI where you can see all the assets and vulnerabilities."
"The most valuable feature of the solution is the external channel."
"We also like the flexibility in their licensing."
"Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an intrusion."
"It's really beneficial for scanning and interacting with the agent."
"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."
"I'd like to see better onboarding documentation."
"Their search feature could be better."
"There is room for improvement in the current active licensing model for PingSafe."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"If I had to pick a complaint, it would be the way the hosts are listed in the tool. You have different columns separated by endpoint name, Cloud Account, and Cloud Instances ID. I wish there was something where we could change the endpoint name and not use just the IP address. We would like to have custom names or our own names for the instances. If I had a complaint, that would be it, but so far, it meets all the needs that we have."
"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."
"They could generally give us better comprehensive rules."
"The automation capabilities are growing each day, but the problem is that the updates are not that frequent. There are some services on Amazon that have come out with updates, and Azure is also getting up to date. But Prisma takes some time to follow. There's a time gap that Prisma inherits from these clouds. I understand why it takes some time, but that time should be reduced."
"I have some challenges customizing and personalizing some of the capabilities in the CSPM in terms of new policies and services. We have to reconfigure and rebuild the CSPM."
"The UI is good, however, they could improve the experience."
"The innovation side of the solution could be more efficient and more detailed."
"The solution does not currently support servers for GCP."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"There is room for improvement on the logging and monitoring front because it's still not as holistic as I would want it to be."
"We are encountering issues with the new permissions required for AWS integration with Prisma."
"Qualys Container Security can improve the interface. It could be easier to navigate and be enriched."
"Make some minimal dashboard improvements."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"Qualys could improve the inbuilt dashboards."
"Endpoint stability and fault resolution could be improved."
"There needs to be better documentation."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"Improve the user interface."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Prisma Cloud by Palo Alto Networks Pricing and Cost Advice →
Prisma Cloud by Palo Alto Networks is ranked 1st in Container Security with 82 reviews while Qualys VMDR is ranked 11th in Container Security with 77 reviews. Prisma Cloud by Palo Alto Networks is rated 8.4, while Qualys VMDR is rated 8.2. The top reviewer of Prisma Cloud by Palo Alto Networks writes "The dashboard is very user-friendly and can be used to generate custom RQL based on user requirements". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Prisma Cloud by Palo Alto Networks is most compared with Wiz, Microsoft Defender for Cloud, Aqua Cloud Security Platform, AWS Security Hub and F5 Advanced WAF, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and CrowdStrike Falcon Cloud Security. See our Prisma Cloud by Palo Alto Networks vs. Qualys VMDR report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.