Try our new research platform with insights from 80,000+ expert users

CoreOS Clair vs Qualys VMDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.6
Reviews Sentiment
8.1
Number of Reviews
92
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (4th), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (3rd)
CoreOS Clair
Ranking in Container Security
23rd
Average Rating
8.6
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Qualys VMDR
Ranking in Container Security
10th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
89
Ranking in other categories
IT Asset Management (4th), Vulnerability Management (2nd), Configuration Management Databases (3rd), Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of November 2024, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.0%, up from 0.8% compared to the previous year. The mindshare of CoreOS Clair is 0.5%, down from 0.7% compared to the previous year. The mindshare of Qualys VMDR is 2.9%, up from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Aug 29, 2024
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Felipe Giffu - PeerSpot reviewer
Apr 26, 2024
An operational system, similar to Linux where you can run your applications inside containers
With CoreOS, you can run your applications inside containers. For example, if you have an application that needs to run on Linux, you can create and install a container. However, it's important to note that you don't install CoreOS inside a container; CoreOS is the host operating system that manages containers. When you mentioned using Nacula as part of your CI/CD pipeline, it means your application is deployed and managed automatically through the CI/CD process. Containers are used to deploy your application within this pipeline, but CoreOS does not run inside these containers. Instead, CoreOS is the base operating system that supports and manages these containers.
Harold Jensen - PeerSpot reviewer
Jul 13, 2023
Good visibility but expensive and needs better support
Support: It's often overseas and often following a script, basically asking us to redo what we opened the case with. Multiple APIs: There seems to be a lack of easy onboarding into Qualys. We had to use manual inputs and some API calls to get items in place. Dashboard: It is very rudimentary with very little customization. The Qualys Scripting Language (QSL) works differently in different Qualys modules, so when you get it working in one area you have to modify the syntax in others. User account management: We often have to give users more rights than needed just to give them what they need. Integration with the various Qualys Modules: You can tell the UI is different based on of the different teams that created them. QSL syntax same in all modules Responsiveness of some of the components: They time out, you get a blank screen, etc. Backend updates between the various modules: You update connectors and information takes a few minutes to show in VMDR or Global Asset View Connectors: Connectors have a throttling issue with AWS which causes them to frequently fail unless you manually run them again.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities."
"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The mean time to detect has been reduced."
"The solution is a good alerting tool."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"CoreOS Clair's best feature is detection accuracy."
"With CoreOS, you can run your applications inside containers. For example, if you have an application that needs to run on Linux, you can create and install a container. However, it's important to note that you don't install CoreOS inside a container; CoreOS is the host operating system that manages containers."
"Technical support is fantastic."
"I like Qualys because it is a very complete product, more so than Tenable."
"Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an intrusion."
"Intuitive and easy to use."
"Technical support is great and we've never really had a problem."
"The vulnerability management feature is what I used the most. It is a good SaaS product. It is easy to use. It has a nice UI where you can see all the assets and vulnerabilities."
"Provides great functionality."
"The most valuable feature is the certificate management."
 

Cons

"PingSafe can improve by eliminating 100 percent of the false positives."
"They need more experienced support personnel."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"Customized queries should be made easier to improve PingSafe."
"There is room for improvement in the current active licensing model for PingSafe."
"It can be improved in its support response. They usually take up to seven days to resolve the issue."
"An area for improvement is that CoreOS Clair doesn't provide information about the location of vulnerabilities it detects."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"Finding things in management can be quite difficult."
"The solution is a bit expensive if you do not have access to discounts."
"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."
"It is more expensive vs. other products on the market."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Qualys VM should improve its methodology."
"Endpoint stability and fault resolution could be improved."
 

Pricing and Cost Advice

"It was reasonable pricing for me."
"Singularity Cloud Security by SentinelOne is cost-efficient."
"SentinelOne offers excellent pricing and licensing options."
"I am personally not taking care of the pricing part, but when we moved from CrowdStrike to PingSafe, there were some savings. The price of CrowdStrike was quite high. Compared to that, the price of PingSafe was low. PingSafe is charging based on the subscription model. If I want to add an AWS subscription, I need to pay more. It should not be based on subscription. It should be based on the number of servers that I am scanning."
"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."
"As a partner, we receive a discount on the licenses."
"It is cheap."
"PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price."
"CoreOS Clair is open-source and free of charge."
"When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
"There are no additional fees in addition to the standard licensing fees."
"I used to work there, so I never paid for the product. As an employee, we get a lifetime license for personal use, and that's what I'm using. It is a comprehensive platform, so there is a lot more to it. There could be other solutions that are probably a little bit cheaper, but it depends on what people need. Different people have different needs. It offers many things on the same platform. If you add all the things up, it should be cheaper, but I have not done any analysis specifically."
"The solution is reasonably priced for the value it provides."
"Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
"Qualys is a pay-as-you-go model, so there's flexibility to the pricing."
"The license is on a yearly basis."
"Qualys VM is reasonably priced."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
19%
Financial Services Firm
16%
Manufacturing Company
10%
Insurance Company
5%
Financial Services Firm
23%
Manufacturing Company
15%
Computer Software Company
13%
Construction Company
5%
Educational Organization
35%
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native S...
What needs improvement with PingSafe?
They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing t...
What is your experience regarding pricing and costs for CoreOS Clair?
If you work with CoreOS or OpenShift, you don't need to pay for CoreOS separately. When you pay for OpenShift, you ge...
What needs improvement with CoreOS Clair?
It can be improved in its support response. They usually take up to seven days to resolve the issue.
What is your primary use case for CoreOS Clair?
We use the tool to manage and secure the event file system. CoreOS Clair is an operational system that is very simila...
What is your primary use case for Qualys VM?
Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are man...
What do you like most about Qualys VMDR?
I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagg...
What is your experience regarding pricing and costs for Qualys VMDR?
I am not aware of the actual cost or pricing as it is managed by the client.
 

Also Known As

PingSafe
No data available
Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
 

Overview

 

Sample Customers

Information Not Available
eBay, Veritas, Verizon, SalesForce
Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
Find out what your peers are saying about CoreOS Clair vs. Qualys VMDR and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.