Fortra's Alert Logic MDR vs Qualys CyberSecurity Asset Management comparison

Fortra and Qualys are both solutions in the Vulnerability Management category. Fortra is ranked #28 with an average rating of 10.0, while Qualys is ranked #8 with an average rating of 9.2. Fortra holds a 0.5% mindshare in VM, compared to Qualys’s 1.1% mindshare. Additionally, 92% of Fortra users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jul 27, 2025

Fortra's Alert Logic MDR and Qualys CyberSecurity Asset Management compete in the cybersecurity field, each offering a distinct focus. Alert Logic MDR has a stronger edge in customer support and pricing satisfaction, whereas Qualys CSAM provides a comprehensive feature suite offering high perceived value for investment.

Features: Alert Logic MDR provides threat intelligence, continuous incident coverage, and tailored protection for dynamic environments. Qualys CSAM emphasizes vulnerability management, asset visibility, and offers a broad range of integrations for network monitoring. These aspects highlight Alert Logic's strength in threat response and Qualys' focus on asset control.

Room for Improvement: Alert Logic could enhance its user interface, expand its feature set in asset visibility, and improve its modularity to allow for better customization. Qualys CSAM might benefit from simplifying the initial configuration process, expanding support options, and improving user experience in navigating its comprehensive feature set.

Ease of Deployment and Customer Service: Alert Logic MDR is noted for seamless deployment and responsive customer service which aid in fast integration into existing systems. Qualys CSAM offers efficient deployment with options for modular expansion but often requires more initial configuration. Alert Logic's streamlined setup and robust service support make it more appealing in this aspect.

Pricing and ROI: Alert Logic MDR offers competitive pricing with clear ROI, supported by transparent subscription costs that justify its effectiveness. Qualys CSAM, while seen as a premium product, provides value through extensive capabilities that result in long-term savings despite higher initial costs. Alert Logic has a pricing advantage, whereas Qualys offers deeper asset control that justifies its premium.

To learn more, read our detailed Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management Report (Updated: July 2025).

Buyer's Guide

Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management

July 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Zafran Security

Mindshare comparison

As of August 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.9%, up from 0.0% compared to the previous year. The mindshare of Fortra's Alert Logic MDR is 0.5%, up from 0.3% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.1%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management

Featured Reviews

Israel Cavazos Landini

Associate Director IT Security Operations at a pharma/biotech company with 10,001+ employees

Weekly insights and risk analysis facilitate informed security decisions

I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.

Read full review

reviewer2191746

President at a tech services company with 11-50 employees

It's a highly mature, competitively priced solution that provides total visibility into your ecosystem. FORTRA's Alert Logic has the only Cybersecurity Platform that integrates XDR+WAF+VM+DLP in one.

Alert Logic offers total visibility into the client's IT ecosystem. The solution's intrusion detection system inspects 100 percent of the network packets and installs universal agents on all physical and virtual servers for log collection. Alert Logic also aggregates logs of the client's various 3rd Party security tools into a single pane of glass. All of the analytics from those data feeds got to a 24/7 SOC with sophisticated resources. Alert Logic has massive threat intelligence resources to provide additional context to the incident response declarations. They do all the heavy lifting for clients who lack the technology and resources to operate their own SOC. The client is solely responsible for the incident response component. The macro analytics resides on Alert Logic's cloud. You have the ECM response and business application team on the client side. Everything works in tandem, which is the only way you can deal with the advanced threats we face today, especially the ransomware families. If you don't respond in minutes, you're in trouble.

Read full review

Scott Frederick

Director of Vulnerability Management at a insurance company with 1,001-5,000 employees

Well-integrated with our vulnerability scanning utilities and efficient in asset tagging and identification

Our favorite features are the tagging and the ability to quickly find assets in the portal. Additionally, I do like the fact that Qualys CSAM is integrated with the rest of our vulnerability scanning utilities. We use the full suite from Qualys. The fact that it is integrated makes it very easy to understand. It shares tagging information with VMDR. That is very nice. Qualys CSAM has discovered assets not previously covered by our vulnerability management program. Primarily, if we have assets without vulnerabilities, they become less visible, but Qualys CSAM alerts us to them because they have IP addresses and are attached to our network. It could discover everything from printers to servers to endpoints. It could discover UPSs, network devices, and across all operating systems. It discovers our security badge readers and digital signage. We have to feed that the IP address ranges, but beyond that, it finds everything in our internal network. We were able to realize its benefits within the first quarter of installing it. We did have to take some time to learn it and understand how to operationally leverage what it was telling us, but it was very quick. In addition to vulnerabilities, Qualys CSAM helps identify other risk factors to a degree. For instance, we can see if servers or assets have incorrect naming standards. We have our network segmented into development model, test, and production, and we have server naming standards that identify which management they should be in. If a production server has the naming standard of a development model server, we can find that. That is one area we have used it for. We are not fully using TruRisk, but we are using the Qualys detection score that is central to our corporate risk prioritization approach. It has completely replaced our homegrown one.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Zafran has become an indispensable tool in our cybersecurity arsenal."

"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."

"Zafran is an excellent tool."

"We are able to see the real risk of a vulnerability on our environment with our security tools."

"We saw benefits from Zafran Security almost immediately after deploying it."

"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."

"It improves our security. Before, we didn't have anything scanning our containers. We had software scanning all the physical servers, but we had nothing to scan our containers. With Alert Logic, we can do that."

"The installation and configuration were slick."

"The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."

"We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."

"Everything is in one dashboard; I'm notified when there's an incident and advised on what steps to take."

"The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."

"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."

More Fortra's Alert Logic MDR pros

"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."

"With Qualys CSAM, we can see which assets have critical application vulnerabilities. This feature helps us prioritize and address these vulnerabilities more efficiently."

"The scanning results are pretty good, and some of the insights are quite valuable."

"I would rate the Qualys CSAM a ten out of ten for its overall performance."

"Qualys CyberSecurity Asset Management offers comprehensive features to cover our entire attack surface."

"My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software."

"I like the EASM part because it provides visibility into unmanaged assets that are public-facing."

"The most valuable aspect we receive from Qualys is the remediation."

More Qualys CyberSecurity Asset Management pros

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."

"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."

"This product needs to mature more. While it is a good product, there are some areas where it needs work."

"The product needs to mature. We don't want to be bombarded with unnecessary issues and have the real ones slip through."

"They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance."

"Could be more of an endpoint protector."

"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."

"I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited."

"We'd like to have triggered alerts sent to us so we see errors quicker."

"I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email.""

More Fortra's Alert Logic MDR cons

"In my opinion, the area that needs improvement is the role-based access control (RBAC). The access privilege management needs to be more robust and streamlined to enhance user access management. Additionally, improvements to the user interface could be beneficial."

"Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules."

"We have had challenges modifying the agent configuration. Particularly, when we want to change the tenant that the agent is pointing to, we have had difficulties making that reliable and working properly."

"One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team."

"We encountered some false positives, which required coordination with the IT team for verification."

"There can be further simplification to reduce the overall noise and provide ESAM-related data."

"Qualys CSAM is not super responsive, and there can be delays sometimes, especially with the network passive sensor. You might see duplicate objects which eventually disappear but it takes time. If that can be done faster, it will be great."

"Further research and development are needed to enhance integration with other cloud agents and products, particularly improving communication with external products and vendors."

More Qualys CyberSecurity Asset Management cons

Pricing and Cost Advice

Information not available

"Almost any product that is on the AWS Marketplace is super easy to subscribe to."

"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."

"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."

"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."

"Alert Logic has better competitive pricing than some of its competitors."

"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."

"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."

"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."

"The cost for Qualys CyberSecurity Asset Management is high."

"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."

"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."

"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."

More Qualys CyberSecurity Asset Management pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

10%

Computer Software Company

10%

Manufacturing Company

Healthcare Company

Computer Software Company

23%

Manufacturing Company

12%

Financial Services Firm

Performing Arts

Computer Software Company

17%

Financial Services Firm

15%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?

Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...

See all answers

What needs improvement with Zafran Security?

In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...

See all answers

What is your primary use case for Zafran Security?

My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...

See all answers

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?

The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, c...

See all answers

What needs improvement with Qualys CyberSecurity Asset Management?

Qualys CyberSecurity Asset Management helps us prioritize assets according to operating system, kernel version, insta...

See all answers

What is your primary use case for Qualys CyberSecurity Asset Management?

We are using Qualys CyberSecurity Asset Management for daily activities such as identifying new assets through networ...

See all answers

Comparisons

Wiz Code vs Zafran Security

Compared 37% of the time

Vulcan Cyber vs Zafran Security

Compared 15% of the time

Tenable Vulnerability Management vs Zafran Security

Compared 9% of the time

ServiceNow Security Operations vs Zafran Security

Compared 8% of the time

Qualys VMDR vs Zafran Security

Compared 7% of the time

More Zafran Security Competitors

Microsoft Defender for Cloud vs Fortra's Alert Logic MDR

Compared 19% of the time

Rapid7 InsightIDR vs Fortra's Alert Logic MDR

Compared 14% of the time

Arctic Wolf Managed Detection and Response vs Fortra's Alert Logic MDR

Compared 13% of the time

SentinelOne Vigilance vs Fortra's Alert Logic MDR

Compared 12% of the time

CrowdStrike Falcon Complete MDR vs Fortra's Alert Logic MDR

Compared 11% of the time

More Fortra's Alert Logic MDR Competitors

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Compared 11% of the time

Amazon Inspector vs Qualys CyberSecurity Asset Management

Compared 10% of the time

Armis vs Qualys CyberSecurity Asset Management

Compared 8% of the time

Axonius vs Qualys CyberSecurity Asset Management

Compared 8% of the time

Bitsight vs Qualys CyberSecurity Asset Management

Compared 7% of the time

More Qualys CyberSecurity Asset Management Competitors

Product Reports

Buyer's Guide

Zafran Security

July 2025

Download Zafran Security product report

Buyer's Guide

Fortra's Alert Logic MDR

August 2025

Download Fortra's Alert Logic MDR product report

Buyer's Guide

Qualys CyberSecurity Asset Management

August 2025

Qualys CyberSecurity Asset Management report

Download Qualys CyberSecurity Asset Management product report

Also Known As

No data available

Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM

No data available

Overview

Zafran Security integrates with existing security tools to identify and mitigate vulnerabilities effectively, proving that most critical vulnerabilities are not exploitable, optimizing threat management.

Zafran Security introduces an innovative operating model for managing security threats and vulnerabilities. By leveraging the threat exposure management platform, it pinpoints and prioritizes exploitable vulnerabilities, reducing risk through immediate remediation. This platform enhances your hybrid cloud security by normalizing vulnerability signals and integrating specific IT context data, such as CVE runtime presence and internet asset reachability, into its analysis. No longer reliant on patch windows, Zafran Security allows you to manage risks actively.

What are the key features of Zafran Security?

Threat Exposure Management: Utilizes existing tools to prioritize vulnerabilities and manage threats.
Integrative Analysis: Combines security data with IT context for precise vulnerability management.
Real-time Risk Reduction: Enables immediate risk management without waiting for patches.
Hybrid Cloud Compatibility: Functions across diverse cloud environments for comprehensive security.

What benefits can users expect from Zafran Security?

Improved Security: Enhances protection by efficiently identifying and mitigating risks.
Cost Efficiency: Reduces unnecessary patching expenses by confirming non-exploitable vulnerabilities.
Time Savings: Frees developers to focus on root causes by handling immediate threats.
Comprehensive Insight: Offers a holistic view of security threats and vulnerabilities.

In industries where security is paramount, such as finance and healthcare, Zafran Security provides invaluable protection by ensuring that only exploitable vulnerabilities are addressed. It allows entities to maintain robust security measures while allocating resources efficiently, fitting seamlessly into existing security strategies.

Zafran Security

Fortra's Alert Logic MDR specializes in threat detection and response with features like log access and user-friendly notifications. It is used primarily in extensive e-commerce deployments for network protection.

Fortra's Alert Logic MDR provides a unified interface with comprehensive search capabilities, immediate log access, and efficient reporting tools. Users benefit from accurate scanning, automated security warnings, and rapid response times, supported by SOCs for global visibility. The technology employs human expertise for enhanced threat detection and prevention, with a hardware setup designed to avoid virtual environment issues. However, there's a need for improved error tracing, intuitive navigation, and stronger analytical automation within the platform. Enhancements in setup documentation and user interfaces are desired, alongside demands for a built-in EDR and better alert management systems.

What are the key features of Fortra's Alert Logic MDR?

Comprehensive Searching: Enables detailed investigations.
Immediate Log Access: Provides quick insight into system activities.
User-Friendly Notifications: Enhances alert effectiveness.
Automated Security Warnings: Offers proactive security measures.
Optimized Platform: Delivers efficient functionality across services.
Heuristic Monitoring: Guards against complex threats.

What benefits and ROI should users seek in reviews?

Quick Response Times: Minimizes downtime and improves efficiency.
Global Visibility: Extends threat management reach through SOCs.
Human Expertise: Enhances detection and intervention accuracy.
Streamlined Deployment: Facilitates smoother hardware integration.

Fortra's Alert Logic MDR is widely implemented across public and private sectors for robust network protection. It supports large-scale e-commerce operations, offering advanced detection capabilities with AI and machine learning. Security scanning, intrusion detection, and vulnerability analysis in Kubernetes are key applications.

Fortra

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?

Real-time Visibility: Offers continuous insight into asset status and condition.
Dynamic Tagging: Allows for flexible organization and assessment of assets.
External Attack Surface Management: Identifies potential threats from external sources.
Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
Unauthorized Software Management: Detects and manages software not approved for use.
Asset Purge Rule: Automates the removal of obsolete assets from the inventory.

What benefits should users look for in reviews?

Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
Improved Compliance: Assists in meeting industry standards and regulations.
Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Qualys

Buyer's Guide

Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management

July 2025

Free Report: Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management

Find out what your peers are saying about Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,384 professionals have used our research since 2012.

See our Fortra's Alert Logic MDR vs. Qualys CyberSecurity Asset Management report.

See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.