We performed a comparison between Qualys VMDR and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"The management console is highly intuitive to comprehend and operate."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"The user interface is well-designed and easy to navigate."
"Cloud Native Security offers attack path analysis."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"We use the infrastructure as code scanning, which is good."
"Detects new hosts along with vulnerabilities."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"The reporting functionality is great."
"It is quite easy to implement."
"The most valuable feature is the ability to run different capabilities with the same agent. With only one agent, we can have EDR, vulnerability management, compliance and some basic SaaS security capabilities."
"It's a good product. After the scan our internet works well. It scans our security posture."
"Technical support is fantastic."
"The prioritization feature is great. I think it has all of the advanced features that we need."
"Threat Stack has connectivity."
"There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be."
"An important feature of this solution is monitoring. Specifically, container monitoring."
"The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see."
"We're using it on container to see when activity involving executables happens, and that's great."
"Technical support is very helpful."
"It is scalable. It deploys easily with curl and yum."
"The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"We are experiencing problems with Cloud Native Security reporting."
"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."
"PingSafe can improve by eliminating 100 percent of the false positives."
"While it is good, I think the solution's console could be improved."
"Endpoint stability and fault resolution could be improved."
"One of the biggest issues from the clients' perspective is that all Qualys computing is on the cloud."
"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."
"The disadvantage of working with Qualys is that the graphical interface is quite outdated."
"I would like to see this solution simplified to work more easily in a multi-cloud environment."
"Qualys VM should improve its methodology."
"The solution is a bit expensive if you do not have access to discounts."
"The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"It shoots back a lot of alerts."
"The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area... The API does not mimic the features of the UI as far as reporting and pulling data out go. There's a big discrepancy there."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"The compliance and governance need improvement."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Qualys VMDR is ranked 11th in Container Security with 77 reviews while Threat Stack Cloud Security Platform is ranked 30th in Container Security. Qualys VMDR is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management, whereas Threat Stack Cloud Security Platform is most compared with Darktrace, AWS GuardDuty, Palo Alto Networks URL Filtering with PAN-DB, Prisma Cloud by Palo Alto Networks and Check Point CloudGuard CNAPP. See our Qualys VMDR vs. Threat Stack Cloud Security Platform report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
