• Home
  • BMC TrueSight Vulnerability Management vs. Qualys VMDR

BMC TrueSight Vulnerability Management vs Qualys VMDR vs Skybox Security Suite comparison

Cancel
You must select at least 2 products to compare!
BMC Logo

BMC TrueSight Vulnerability Management

Read 1 BMC TrueSight Vulnerability Management review
167 views|127 comparisons
100% willing to recommend
Qualys Logo

Qualys VMDR

Read 77 Qualys VMDR reviews
6,806 views|5,195 comparisons
93% willing to recommend
Skybox Security Logo

Skybox Security Suite

Read 34 Skybox Security Suite reviews
591 views|437 comparisons
85% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Vulnerability Management
April 2024
Executive Summary

We performed a comparison between BMC TrueSight Vulnerability Management, Qualys VMDR, and Skybox Security Suite based on real PeerSpot user reviews.

Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management.
To learn more, read our detailed Vulnerability Management Report (Updated: April 2024).
Download the complete report
769,334 professionals have used our research since 2012.
Featured Review
Anonymous User
Good features for infrastructure application; lacking in integrations with other software
Anonymous User
Excellent intelligence and real-time inventory of vulnerabilities
Qualys VM has allowed us to know the vulnerabilities we need to prioritize based on the threat levels and the possible impact if there's an... Read more →
Anonymous User
Researched Qualys VMDR but chose Skybox Security Suite: Mature and powerful with elaborate tools for creating focused views or attack vectors
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Takes reports from other vulnerabilities."

More BMC TrueSight Vulnerability Management Pros →

"The integrations for this solution are very good. I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product.""This is one of the best products I have worked with so far. I like the power of Qualys, and it's a better solution because you can scan a compact file, a BIT file, or batch files. The product already knows what's happening inside, and you don't need to expand the package. Tenable will do the same thing, but you need to have a package issuance claim. With Qualys, we can immediately understand the file, even a compact file. If there's some kind of discovery or incident, you will know what happened in the environment.""The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities.""Qualys VM's most valuable feature is automatic detection.""The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities.""Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported.""The Vulnerability Management and Patch Management features are the most valuable features of this solution.""It is quite easy to implement."

More Qualys VMDR Pros →

"We are currently working on rule review and compliance. The logging features are good.""Key features for us include the firewall change audit every week. Also, being able to track firewall ACL usage, so that we can produce semiannual reports on ACL usage and shadowed and redundant rules on the firewall.""I am impressed with the tool's change management, firewall and network assurance.""The port division management was the solution's most valuable aspect for our organization.""It has a good policy management feature and can provide customers with good quality outputs.""The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines.""Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network.""The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks."

More Skybox Security Suite Pros →

Cons
"No third-party applications or integrations with additional software solutions."

More BMC TrueSight Vulnerability Management Cons →

"Make some minimal dashboard improvements.""Qualys VM should improve its methodology.""Its integration with ServiceNow and other similar products is complicated and can be improved. It should also have virtual batching. They should support more standards and compliance requirements and more customizations. For policy compliance, they can add the standards required by the countries in the Middle East. Each country generates its own standards and frameworks, and those frameworks should be there in all products, not only in Qualys. The market here is huge, especially in the cybersecurity field. Qatar has a framework for Qatar 2022, and each and every company in the public or private sector has to follow the Qatar 2022 framework.""Finding things in management can be quite difficult.""I do not like that all of the data is stored on the cloud.""The reporting and dashboards could improve in Qualys VM. However, they have improved since the previous versions.""It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution.""They have integrated with other third parties, but it is still not viable."

More Qualys VMDR Cons →

"The solution does not support certain devices or vendors in some regions or countries due to regulations.""The price could be cheaper.""The cloud site could be better. They should provide some use cases to help users.""Skybox should improve their UX features by making them easier to use.""The support could be improved.""The Network Assurance, which helps to create the network model, is not so rich.""It's expensive.""The solution needs to add more automation and orchestration capabilities. Those features would make the solution much stronger."

More Skybox Security Suite Cons →

Pricing and Cost Advice
Information Not Available
  • "Usually every implementation is different and the quote is in function of number of assets."
  • "When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
  • "It is more expensive than other products on the market."
  • "They have recently changed the pricing model, which is now better than it was before."
  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "The license is on a yearly basis."

    • More Qualys VMDR Pricing and Cost Advice →

  • "I think for the cost, what we got definitely is worth it. The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay."
  • "The pricing is high, and the licensing model needs more flexibility."
  • "The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product."
  • "I've seen the pricing of every solution on the market. When you compare apples to apples, where Skybox becomes exceedingly expensive is if you look at it compared to something like FireMon that only does a fraction of what Skybox does. But if you include everything that Skybox does, it becomes way more expensive than the competition, but you're also not comparing apples to apples. If you look at FireMon, and you look at like just the firewall assurance piece, they are fairly comparable and, actually, Skybox comes in a little bit cheaper in some cases, depending on which product you're looking at."
  • "The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products."
  • "With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore."
  • "Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly."
  • "Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."

    • More Skybox Security Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
    See Recommendations
    769,334 professionals have used our research since 2012.
    Questions from the Community
    Ask a question

    Earn 20 points

    What is your primary use case for Qualys VM?
    Top Answer:Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many… more »
    Read all 36 answers   →
    What do you like most about Qualys VMDR?
    Top Answer:The process of defining and discovering scans is organized efficiently.
    Read all 56 answers   →
    What is your experience regarding pricing and costs for Qualys VMDR?
    Top Answer:The product is more expensive than that of any other vendor.
    Read all 33 answers   →
    What do you like most about Skybox Security Suite?
    Top Answer:When you import all the assets that you have, like desktops, servers, networks, devices, routers, and then firewalls… more »
    Read all 25 answers   →
    What is your experience regarding pricing and costs for Skybox Security S...
    Top Answer:You always negotiate a little bit when the price is in question. But, the price could be a little bit smaller. Maybe it… more »
    Read all 20 answers   →
    What needs improvement with Skybox Security Suite?
    Top Answer:There is room for improvement in pricing. It would be better, especially if a customer bought all four modules.
    Read all 26 answers   →
    Ranking
    49th
    out of 112 in Vulnerability Management
    Views
    167
    Comparisons
    127
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    3rd
    out of 39 in Risk-Based Vulnerability Management
    Views
    6,806
    Comparisons
    5,195
    Reviews
    27
    Average Words per Review
    426
    Rating
    8.0
    19th
    out of 112 in Vulnerability Management
    Views
    591
    Comparisons
    437
    Reviews
    8
    Average Words per Review
    459
    Rating
    7.5
    Comparisons
    Also Known As
    TrueSight Vulnerability Management, SecOps Response Service, BladeLogic Threat Director
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    BMC
    Qualys
    Skybox Security
    Overview

    Helps security and IT operations teams prioritize and remediate risks based on potential impact to the business.

    • Powerful dashboards highlight vulnerability data, performance trends, and SLA compliance for quick prioritization of remediation tasks
    • Streamlined workflows combine scan verification and remediation tasks, leveraging BladeLogic Server Automation and Microsoft SCCM systems management
    • Blindspot awareness enables you to identify areas of your infrastructure which are not being monitored, leaving you exposed
    • Rapid import lets you quickly consume vulnerability scanning reports with native integration to Qualys, Tenable, and Rapid 7
    • Data export enables deep analysis and custom reports to help meet audit requirements and fuel process improvements

    Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time. 

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

    With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

    The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.

    Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets and finding attack vectors that others miss. Skybox covers the most comprehensive list of firewall vendors, complex rulesets, even virtual and cloud-based firewalls. With proven scalability in 1,500+ firewall deployments, Firewall Assurance keeps rules optimized and ensures changes don’t introduce new risk. 

    Gain total visibility of the vulnerabilities in your attack surface without waiting for a scan. Leverage Skybox Research Lab's vulnerability and threat intelligence, and automatically correlate it to your unique environment. With network modeling and advanced simulations, pinpoint exposed vulnerabilities and other attack vectors. And use context to prioritize vulnerabilities in terms of actual risk and respond to threats with accuracy and efficiency.

    For more information or to view a demo, visit www.skyboxsecurity.com.

    Sample Customers
    Online Business Systems
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
    Top Industries
    VISITORS READING REVIEWS
    Financial Services Firm22%
    Government12%
    Wholesaler/Distributor12%
    Computer Software Company10%
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider15%
    Manufacturing Company15%
    Transportation Company11%
    VISITORS READING REVIEWS
    Educational Organization32%
    Computer Software Company11%
    Financial Services Firm11%
    Manufacturing Company6%
    REVIEWERS
    Financial Services Firm16%
    Outsourcing Company16%
    Comms Service Provider16%
    Insurance Company11%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Manufacturing Company9%
    Government6%
    Company Size
    No Data Available
    REVIEWERS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise41%
    Large Enterprise44%
    REVIEWERS
    Small Business50%
    Midsize Enterprise10%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    Buyer's Guide
    Vulnerability Management
    April 2024
    Download Free Report
    Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management. Updated: April 2024.
    DOWNLOAD NOW
    769,334 professionals have used our research since 2012.