Try our new research platform with insights from 80,000+ expert users

Amazon Inspector vs Qualys CyberSecurity Asset Management (CSAM) comparison

Amazon Web Services (AWS) and Qualys are both solutions in the Vulnerability Management category. Amazon Web Services (AWS) is ranked #25 with an average rating of 8.0, while Qualys is ranked #11 with an average rating of 9.2. Additionally, 85% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.
Amazon Inspector
Read 5 Amazon Inspector reviews
  • 1,623 Views
  • 1,408 Comparison Views
85% willing to recommend
Qualys CyberSecurity Asset ...
Read 17 Qualys CyberSecurity Asset Management (CSAM) reviews
  • 264 Views
  • 175 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Amazon Inspector and Qualys CSAM are key players in enhancing cybersecurity measures within organizations. Amazon Inspector gains the upper hand with AWS integration, while Qualys CSAM impresses with comprehensive asset management capabilities.

Features: Amazon Inspector offers seamless integration with AWS, automated security assessments, and efficient vulnerability management. Qualys CSAM provides holistic asset inventory management, robust security posture insights, and extensive coverage across diverse IT environments.

Room for Improvement: Amazon Inspector could improve by expanding support for non-AWS environments, enhancing asset visibility, and offering more advanced remediation capabilities. Qualys CSAM would benefit from simplified deployment processes, faster scan times, and better integration within AWS infrastructures.

Ease of Deployment and Customer Service: Amazon Inspector is noted for its straightforward deployment in AWS infrastructures with an intuitive user experience and minimal configuration. Qualys CSAM involves a more comprehensive setup but benefits from strong customer service across various platforms.

Pricing and ROI: Amazon Inspector is cost-effective with a pricing structure favorable for AWS users, providing good ROI aligned with seamless integration. Qualys CSAM is higher in cost but offers substantial ROI through its comprehensive asset management, appealing to organizations with diverse IT environments.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM) Report (Updated: December 2024).
Buyer's Guide
Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM)
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

Amazon Inspector
Ranking in Vulnerability Management
25th
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
IT Vendor Risk Management (7th)
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
11th
Average Rating
9.2
Reviews Sentiment
7.7
Number of Reviews
17
Ranking in other categories
Patch Management (8th), Cyber Asset Attack Surface Management (CAASM) (2nd), Attack Surface Management (ASM) (4th), Software Supply Chain Security (6th)
 

Featured Reviews

Nikhil Sehgal - PeerSpot reviewer
Primarily focuses on security of EC2 instances, provides point-in-time assessments rather than real time protection but provides automated vulnerability detection
It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents. So other is dependency on agents, like, Inspector relies on agents installed on instances for deeper assessment. So managing these agents can be additional overhead. So these kinds of things. It does not even provide real-time protection. So, Inspector provides point-in-time assessment rather than continuous monitoring. So these are all cons. When it comes to false positives, it is there for most security tools as of now. I would not consider false positives a major concern. So, these are the major concerns that I found: dependency on agents, limited scope, and no real-time protection.
Read full review
Ramachandran Sugumar - PeerSpot reviewer
Helped discover about 10,000 vulnerabilities so far
We recently had some issues related to the continuous monitoring of the SaaS module. I am working with someone from the Qualys support team. He is helping us to resolve all the issues. One request is still open with the team because the risk scan was not happening at the application level. We opened a ticket and requested them to schedule a call. It might happen next week. The support provided by Qualys is good. Their SMEs have sufficient knowledge, and if they are not the right contact, they quickly redirect us to someone who can help resolve issues. The only minor issue is occasionally being redirected to multiple teams, causing slight delays. I would rate their support a ten out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The automated vulnerability detection aspect is most valuable."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"We have had zero attacks since we enabled all the features in Qualys CSAM."
"The most valuable features of Qualys CSAM include the ability to manage authorized and unauthorized applications efficiently. This feature helps in validating applications and maintaining a secure environment."
"I would rate the Qualys CSAM a ten out of ten for its overall performance."
"The fact that it is integrated makes it very easy to understand."
"I would rate Qualys CyberSecurity Asset Management ten out of ten."
"Tags are very useful for us since we can tag virus applications in infrastructure types such as databases, operating systems, or web platforms."
"The most valuable aspect we receive from Qualys is the remediation."
"Qualys CyberSecurity Asset Management has helped to improve the organization's security posture significantly."
More Qualys CyberSecurity Asset Management (CSAM) pros
 

Cons

"One area for improvement in Amazon Inspector is the automation aspect."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"Currently, in the EASM module, the scan frequency is limited to once daily, but allowing end users control over scan scheduling would be advantageous."
"One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team."
"Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules."
"In our reporting, we faced a challenge syncing with cloud devices."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."
"The UI needs improvement as it can become overwhelming after prolonged use."
"The UI needs improvement as it can become overwhelming after prolonged use."
"We have had challenges modifying the agent configuration. Particularly, when we want to change the tenant that the agent is pointing to, we have had difficulties making that reliable and working properly."
More Qualys CyberSecurity Asset Management (CSAM) cons
 

Pricing and Cost Advice

"The pricing is very transparent and clear."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"It's priced according to market standards for its services."
"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."
"The cost for Qualys CyberSecurity Asset Management is high."
"Qualys offers excellent value for money."
"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."
"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."
"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."
More Qualys CyberSecurity Asset Management (CSAM) pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Government
8%
Manufacturing Company
6%
Computer Software Company
24%
Financial Services Firm
12%
Government
10%
Retailer
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Inspector?
The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integ...
See all answers
What is your experience regarding pricing and costs for Amazon Inspector?
The pricing for Amazon Inspector is very fair, and I would rate it as two out of ten, with ten being the most expensive. It's on the cheaper side.
See all answers
What needs improvement with Amazon Inspector?
One area for improvement in Amazon Inspector is the automation aspect. Automation for scheduling 'turn on' and 'turn off' operations and better integration with CloudWatch for alarms could enhance ...
See all answers
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management (CSAM)?
The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage.
See all answers
What needs improvement with Qualys CyberSecurity Asset Management (CSAM)?
The Qualys CAPS service requires further exploration and improvement, particularly in its handling of protocols and reactivity with MAC and IP addresses for CAP agents. Enhanced functionality in th...
See all answers
What is your primary use case for Qualys CyberSecurity Asset Management (CSAM)?
Our primary tool for asset inventory is Qualys CyberSecurity Asset Management, which our software asset management team also utilizes to check our software library. We deploy Qualys Cloud agents as...
See all answers
 

Comparisons

Tenable Vulnerability Management vs Amazon Inspector Logo
Tenable Vulnerability Management vs Amazon Inspector
Compared 27% of the time
Tenable Nessus vs Amazon Inspector Logo
Tenable Nessus vs Amazon Inspector
Compared 18% of the time
Microsoft Defender for Cloud vs Amazon Inspector Logo
Microsoft Defender for Cloud vs Amazon Inspector
Compared 12% of the time
Wiz vs Amazon Inspector Logo
Wiz vs Amazon Inspector
Compared 7% of the time
Rapid7 Metasploit vs Amazon Inspector Logo
Rapid7 Metasploit vs Amazon Inspector
Compared 4% of the time
More Amazon Inspector Competitors
Armis vs Qualys CyberSecurity Asset Management (CSAM) Logo
Armis vs Qualys CyberSecurity Asset Management (CSAM)
Compared 20% of the time
Microsoft Defender External Attack Surface Management vs Qualys CyberSecurity Asset Management (CSAM) Logo
Microsoft Defender External Attack Surface Management vs Qualys CyberSecurity Asset Management (CSAM)
Compared 18% of the time
CrowdStrike Falcon vs Qualys CyberSecurity Asset Management (CSAM) Logo
CrowdStrike Falcon vs Qualys CyberSecurity Asset Management (CSAM)
Compared 10% of the time
Tanium vs Qualys CyberSecurity Asset Management (CSAM) Logo
Tanium vs Qualys CyberSecurity Asset Management (CSAM)
Compared 9% of the time
Axonius vs Qualys CyberSecurity Asset Management (CSAM) Logo
Axonius vs Qualys CyberSecurity Asset Management (CSAM)
Compared 7% of the time
More Qualys CyberSecurity Asset Management (CSAM) Competitors
 

Product Reports

Buyer's Guide
Amazon Inspector
December 2024
Amazon Inspector reportDownload Amazon Inspector product report
Buyer's Guide
Qualys CyberSecurity Asset Management (CSAM)
December 2024
Qualys CyberSecurity Asset Management (CSAM) reportDownload Qualys CyberSecurity Asset Management (CSAM) product report
 

Learn More

Amazon Web Services (AWS)
Qualys
 

Overview

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.

Amazon Inspector security assessments help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for access to your EC2 instances from the internet, remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers.

Qualys CyberSecurity Asset Management (CSAM) provides industry-leading coverage of the internal and external attack surface (EASM), along with comprehensive cyber risk assessment, natively-integrated with Qualys Vulnerability Management, Detection, and Response (VMDR). 

CSAM solidifies attack surface coverage and turbocharges vulnerability management with:  

  • Comprehensive discovery of IT, IoT/OT, and rogue assets, internet-facing assets from mergers and subsidiaries, and business context from third-party connectors 
  • Risk factors such as EoL/EoS software, missing security controls, unsanctioned ports, and expired SSL certs to show the TruRisk of every asset 
  • Bi-directional CMDB sync to push cyber risk context to IT’s source of truth and pull business context into your security program 
 

Sample Customers

betterment, caplinked, flatiron, university of nutri dame
Information Not Available
Buyer's Guide
Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM)
December 2024
Free Report: Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM)
Find out what your peers are saying about Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM) and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our Amazon Inspector vs. Qualys CyberSecurity Asset Management (CSAM) report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.