Qualys VMDR vs Tenable Security Center comparison

Qualys and Tenable are both solutions in the Risk-Based Vulnerability Management category. Qualys is ranked #3 with an average rating of 8.2, while Tenable is ranked #1 with an average rating of 8.4. Additionally, 94% of Qualys users are willing to recommend the solution, compared to 95% of Tenable users who would recommend it.

Qualys VMDR

Read 90 Qualys VMDR reviews

6,004 Views
4,628 Comparison Views

94% willing to recommend

Tenable Security Center

Read 51 Tenable Security Center reviews

9,279 Views
6,803 Comparison Views

95% willing to recommend

Qualys VMDR

Tenable Security Center

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 29, 2024

Qualys VMDR and Tenable Security Center compete in the vulnerability management category. Tenable Security Center is favored by users for its comprehensive features and better reviews in several aspects.

Features: In Qualys VMDR, users value its automated vulnerability detection, endpoint coverage, and integration capabilities. Tenable Security Center is preferred for its deep analytics, integration with various tools, and extensive reporting features.

Room for Improvement: Users suggest Qualys VMDR could enhance real-time data processing, reduce false positives, and simplify the initial setup. For Tenable Security Center, users recommend improving navigation, speeding up scanning, and making the interface more intuitive.

Ease of Deployment and Customer Service: Qualys VMDR is praised for its cloud-based deployment, yet users find the initial configuration challenging. Customer service is responsive but can be improved in technical query resolution. Tenable Security Center offers flexible deployment and quicker setup times. Its customer service receives higher ratings, especially for technical support.

Pricing and ROI: Qualys VMDR has cost-effective pricing with good ROI, though additional modules can increase costs. Tenable Security Center has higher upfront costs but is justified by its extensive features and better integration capabilities, leading to a higher perceived ROI. Users feel that Tenable Security Center offers better long-term value despite the higher price.

To learn more, read our detailed Qualys VMDR vs. Tenable Security Center Report (Updated: October 2024).

Buyer's Guide

Qualys VMDR vs. Tenable Security Center

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Qualys VMDR

Ranking in Vulnerability Management

2nd

Ranking in Risk-Based Vulnerability Management

3rd

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

IT Asset Management (4th), Configuration Management Databases (3rd), Container Security (10th)

Tenable Security Center

Ranking in Vulnerability Management

4th

Ranking in Risk-Based Vulnerability Management

1st

Average Rating

8.2

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Cloud Security Posture Management (CSPM) (13th)

Featured Reviews

Harold Jensen

Senior Cybersecurity Engineer at 3M Health Information Systems

Jul 13, 2023

Good visibility but expensive and needs better support

Support: It's often overseas and often following a script, basically asking us to redo what we opened the case with. Multiple APIs: There seems to be a lack of easy onboarding into Qualys. We had to use manual inputs and some API calls to get items in place. Dashboard: It is very rudimentary with very little customization. The Qualys Scripting Language (QSL) works differently in different Qualys modules, so when you get it working in one area you have to modify the syntax in others. User account management: We often have to give users more rights than needed just to give them what they need. Integration with the various Qualys Modules: You can tell the UI is different based on of the different teams that created them. QSL syntax same in all modules Responsiveness of some of the components: They time out, you get a blank screen, etc. Backend updates between the various modules: You update connectors and information takes a few minutes to show in VMDR or Global Asset View Connectors: Connectors have a throttling issue with AWS which causes them to frequently fail unless you manually run them again.

Read full review

Md. Shahriar Hussain

Cyber Security Chartered Engineer at Banglalink

Feb 23, 2024

A security solution for vulnerability assessment with automated scans

Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers. For example, suppose I manually conducted CIS hardening or compliance scoring in a separate data centre. These scores should also be reflected in the Tenable Security Center dashboard. Since the scanner is connected to the Tenable Security Center, the dashboard should display the direct scan results from the general security centre and the connected scanners. There could be unusual activities or attacks with the rising AI-related issues or threats that the Tenable Security Center could track in the future.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It gives you a lot of options, and it integrates with our ServiceNow for ticketing and all."

"The most valuable feature is the QID part, especially of CentralList, which makes it easy to assess new critical vulnerabilities."

"I find the most valuable features are the continuous monitoring. Even on premises, there is constant monitoring."

"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."

"The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe. It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment"

"The Vulnerability Management and Patch Management features are the most valuable features of this solution."

"I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth."

"The reporting functionality is great."

More Qualys VMDR pros

"I think that this is a good solution for evaluating vulnerability in the network."

"Very customizable with a lot of templates."

"Compliance and vulnerability scans are most valuable. Compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing. Its vulnerability detection is accurate."

"The product is our second solution, and we are happy that it meets our requirements."

"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."

"The usability is really good. It's very easy to use and a good platform. It is scalable and very stable. The technical support is fine and the setup is super easy."

"We use Tenable to scan all of our environments and plugins for vulnerabilities. Tenable helps us discover network vulnerabilities to threats and piracy."

"It is a very good and user-friendly product."

More Tenable Security Center pros

Cons

"Support could be improved since the response can be slow."

"The only improvement I can think of is on the implementation side. At times it is a bit slow."

"Qualys VM should improve its methodology."

"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."

"The response time of technical support takes a while."

"Make some minimal dashboard improvements."

"The customer support is very bad."

"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."

More Qualys VMDR cons

"The web application scanning area can be improved."

"There is not much room for improvement. However, there should be a guide that describes the step-by-step procedures for doing tasks. Otherwise, training is required from a senior guy to a junior guy."

"The product should provide risk-based vulnerability management."

"We are facing some challenges related to our channel."

"In terms of configuration, there is some level of flexibility that we are not able to achieve."

"The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team."

"The solution needs to improve its support. I would like to see a bird's eye view of my network architecture. I would also like to see the continuous view feature in the tool."

"I will say it's a lot slower compared to an MS scan. It takes so much longer, so the performance could definitely be worked on."

More Tenable Security Center cons

Pricing and Cost Advice

"The tool's pricing is expensive and I would rate the pricing a seven out of ten."

"Qualys is a pay-as-you-go model, so there's flexibility to the pricing."

"The price is very reasonable."

"Qualys VM is reasonably priced."

"The solution is costly."

"In Nigerian Naira, we spend about roughly four to five million to use this solution and this is expensive compared to solutions like Nessus."

"Qualys VM is quite expensive. It's a subscription-based license, and it's yearly. Right now, it's open for me, and I don't have any limitations or caps on the licenses. They are seeing if the product is viable for 4500 users. I can add as much as I want, and at the end of the subscription, they'll let me know how many licenses were actually used and bill me accordingly. On a scale from one to five, I would give their pricing a three. It's still expensive."

"Qualys Virtual Scanner Appliance isn't expensive right now. But the price for their product bundles could be better."

More Qualys VMDR pricing and cost advice

"We're happy with the licensing cost and find it affordable."

"We're a Fortune 500 company... our licensing costs [are] in the seven figures."

"I rate the solution's price as seven on a scale of one to ten, where one is cheap and ten is expensive. The tool is quite expensive."

"The tool provides competitive pricing."

"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."

"The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."

"It is a bit expensive. Everything is included in the license."

"The pricing depends upon the number of IPs."

More Tenable Security Center pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

35%

Computer Software Company

11%

Financial Services Firm

11%

Manufacturing Company

Educational Organization

21%

Computer Software Company

11%

Government

11%

Financial Services Firm

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is your primary use case for Qualys VM?

Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the ...

See all answers

What do you like most about Qualys VMDR?

I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagging system is good for tagging. We can still use QualysAgent task ID tools even ...

See all answers

What is your experience regarding pricing and costs for Qualys VMDR?

I am not aware of the actual cost or pricing as it is managed by the client.

See all answers

What do you like most about Tenable SC?

The tool's dashboard and reporting capabilities match our company's needs since we are able to modify the basic view to create a new dashboard, and it works out very well for our needs.

See all answers

What is your experience regarding pricing and costs for Tenable SC?

Tenable Security Center is considered pricey compared to other solutions, yet relatively cheaper than some like Qualys. However, when compared to Rapid7, it is more expensive. I rate the pricing si...

See all answers

What needs improvement with Tenable SC?

The dashboard templates are limited. More templates that align with our daily needs would be beneficial. Current dashboards are available for Linux, separate unit systems, and other systems, but th...

See all answers

Comparisons

Tenable Nessus vs Qualys VMDR

Compared 19% of the time

Rapid7 InsightVM vs Qualys VMDR

Compared 9% of the time

Microsoft Defender Vulnerability Management vs Qualys VMDR

Compared 8% of the time

Wiz vs Qualys VMDR

Compared 5% of the time

Tenable Vulnerability Management vs Qualys VMDR

Compared 5% of the time

More Qualys VMDR Competitors

Tenable Vulnerability Management vs Tenable Security Center

Compared 26% of the time

Rapid7 InsightVM vs Tenable Security Center

Compared 11% of the time

Tenable Nessus vs Tenable Security Center

Compared 10% of the time

The NodeZero Platform vs Tenable Security Center

Compared 7% of the time

Tanium vs Tenable Security Center

Compared 5% of the time

More Tenable Security Center Competitors

Product Reports

Buyer's Guide

Qualys VMDR

November 2024

Download Qualys VMDR product report

Buyer's Guide

Tenable Security Center

October 2024

Download Tenable Security Center product report

Also Known As

Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance

Tenable.sc, Tenable Unified Security, Tenable SecurityCenter

Learn More

Qualys

Tenable

Overview

Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time.

Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

Get a risk-based view of your IT, security and compliance posture so you can quickly identify, investigate and prioritize your most critical assets and vulnerabilities.

Managed on-premises and powered by Nessus technology, the Tenable Security Center (formerly Tenable.sc) suite of products provides the industry’s most comprehensive vulnerability coverage with real-time continuous assessment of your network. It’s your complete end-to-end vulnerability management solution.

Sample Customers

Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx

IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific

Buyer's Guide

Qualys VMDR vs. Tenable Security Center

October 2024

Free Report: Qualys VMDR vs. Tenable Security Center

Find out what your peers are saying about Qualys VMDR vs. Tenable Security Center and other solutions. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our Qualys VMDR vs. Tenable Security Center report.

See our list of best Risk-Based Vulnerability Management vendors and best Vulnerability Management vendors.

We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.