We compared Qualys VMDR and Tenable Nessus based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
The setup process for Qualys VMDR is quick and uncomplicated, taking only a few minutes. However, setting up Qualys Container Security can be intricate and time-consuming. In contrast, Tenable Nessus is described as straightforward and effortless to set up, taking anywhere from 30 minutes to a couple of hours.
Qualys VMDR is notable for its effective prioritization system, ongoing monitoring, customizable dashboard, and extensive vulnerability overview. On the other hand, Tenable Nessus excels in vulnerability assessment, reporting, and ease of use.
Both Qualys VMDR and Tenable Nessus have areas that could be improved. Qualys VMDR could enhance user experience, UI design, SLA tracking, batch prioritization, integration, reporting, and dashboards. On the other hand, Tenable Nessus could improve integration, pricing, user interface, reporting, support, and learning resources.
Both Qualys VMDR and Tenable Nessus provide valuable returns on investment. Qualys VMDR prioritizes the reduction of cybersecurity risks, while Tenable Nessus places emphasis on proactive vulnerability discovery and patch deployment.
The customer service for Qualys VMDR has received both positive and negative feedback. Some customers appreciate the convenience of reaching out to a global team and the implementation of suggested improvements. However, there are concerns about the response time and the expertise of the support staff. Tenable Nessus also has a mix of reviews. Some customers find the support to be prompt and useful, while others believe that the support team could be more knowledgeable and that the solutions provided are not always effective.
Comparison Results
Based on the reviews, Qualys VMDR and Tenable Nessus have similar initial setup processes that are straightforward and easy. However, Qualys VMDR stands out for its user-friendly setup and maintenance, including automatic agent updates. On the other hand, Tenable Nessus is highly effective in vulnerability assessment and reporting, and is also praised for its affordability and scalability. Qualys VMDR is valued for its prioritization mechanism and comprehensive overview of vulnerabilities, while Tenable Nessus is commended for its real-time monitoring and self-updating engine. Customer service and support for both products have received mixed reviews, with some users finding the support teams responsive and helpful, while others had negative experiences or did not require support.
"I am impressed with the VMDR feature."
"Qualys VM's most valuable feature is automatic detection."
"It's stable and quite reliable."
"The initial setup was good. We didn't have any problems with it."
"We also like the flexibility in their licensing."
"This solution gives us insight into our environment and improves our security. It helps us to maintain a good patching system whereby we know that XYZ is vulnerable within the system."
"Detects new hosts along with vulnerabilities."
"I like Qualys because it is a very complete product, more so than Tenable."
"The scanning capabilities are most valuable when compared to Nessus."
"Tenable Nessus streamlines the process of scanning for our organization."
"I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for."
"Nessus gives me a good preview of vulnerabilities and good suggestions for remediation. It's easy to find a description of a given vulnerability and solutions for it."
"The most valuable feature is how it scanned and detected through its database to let us know exactly what fixes we needed to put in place for the vulnerabilities. It detects and it also gives you the way to fix it."
"Once you get past the initial implementation, the solution is very stable."
"Out of the box, the product works well for us, so it's not a tool that we need to customize very much."
"Security is the key number because it can start to scan with a few clicks instead of credits, which is a bit complicated. So simplicity is the first advantage. Then the generated reports are well done and easy to present to management. The quality of the scan is quite good in detecting the severity. The solution has simplicity. Also, it has frequent updates so that is also a valuable feature."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"Qualys VM should improve its methodology."
"The reporting in this solution can be improved."
"They have integrated with other third parties, but it is still not viable."
"We are moving away from Qualys to Defender ATP because I find that Defender ATP is much better at prioritizing the vulnerabilities that I should be looking at."
"They're still evolving their platform in terms of reporting capabilities."
"Finding things in management can be quite difficult."
"Improve the user interface."
"They should try to create an all-in-one solution."
"Tenable Nessus could improve the reporting by adding some dashboards. The reports are a hassle at this time. Tenable.io has more detailed reports. Having a better dashboard that can show where the vulnerabilities are and be categorized would be helpful. We then could present them to upper management for a deep overview of our network posture which they do not see."
"Tenable Nessus could improve reporting and information sharing. It would be helpful if we could share the reports and have a little bit better flexibility in the reporting of the data."
"We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux."
"The inventory management function in this solution needs improvement."
"Multiple user access would be an area for improvement from a user-access perspective. A role-based access control feature would be great because at present, there is a limitation with only one account. If that account gets compromised or gets locked, then we will encounter problems."
"The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have."
"There is room, overall, for improvement in the way it groups the workstations and the way it detects, when the vulnerability is scanned. Even when we would run a new scan, if it was an already existing vulnerability, it wouldn't put a new date on it."
Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 76 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Qualys VMDR is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Qualys VMDR is most compared with Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management, Tenable Vulnerability Management and Microsoft Defender for Cloud Apps, whereas Tenable Nessus is most compared with Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management, Pentera and Microsoft Defender Vulnerability Management. See our Qualys VMDR vs. Tenable Nessus report.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.