Why Choose Tenable over Qualys?
September 5, 2013
Are you a current Qualys customer who’s having second thoughts about your deployment?
- Do you find it difficult to get detailed dashboards and custom reports?
- Do you spend time manually tracking assets and correlating vulnerabilities across separate modules – Vulnerability Management (VM), Policy Compliance (PC), Web Application Scanning (WAS), Malware Detection Service (MDS), PCI?
- Are you worried about security and compliance gaps introduced by mobile devices and virtual systems?
Tenable Network Security hosted a webcast highlighting the key capabilities of our vulnerability management platform and the benefits it provides over Qualys. View it to find out why customers choose Tenable over Qualys.
Frequently Asked Questions (FAQs)
PVS looks for vulnerabilities not attack signatures.
Yes, full alerting is available in the SC console against vulnerabilities and events.
LCE provides IDS correlation on known vulnerabilities.
We can audit Cisco, but we are not aware of a NX-OS STIG.
We have PCI specific audit templates, as well as numerous benchmarks that PCI reference, to include CIS benchmarks.
Since SIEMs and GRCs are broad in scope, SC provides reporting on vulnerability and compliance data with much more granularity and insight.
.nessus and CSV exports are available in SecurityCenter. There is also a full XML-based API.
All reporting is fully customizable through the GUI with simple drag and drop actions.
Exploit frameworks are capable of exploiting only a very small subset of vulnerabilities. Since advanced threats go well beyond what is available in exploit frameworks, they should not be blindly used for prioritization.
You said you trend exploitable vulnerabilities. Are you really just trending on vulnerabilities that have exploits associated, or is actually exploitable vulnerabilities in the specific environment you are scanning (i.e. what if there is a firewall or IDS in my environment that prevents a vulnerability from being exploited).
Both. Exploitable vulnerabilities could be combined with attack path analysis for the latter.
Scans can be setup for DHCP tracking, which looks beyond IP address to associate targets.
Tenable research tracks several sources for exploit information, which is included in the feed.
Upgrades are minimal, usually in under 30 minutes.
Some screenshots showed SecurityCenter 4.7, which shipped early this month.
One thing cool that I think qualys does, is upgrade the scanner centrally. Like plugins, seamlessly upgrade not only plugins but upgrade the scanner to newer releases. This was a problem with Nessus, accessing local system and copying over install files to then upgrade to newer versions. Is this in the roadmap?
All plugins are updated centrally. Nessus upgrades are command-line driven, but there are several 3rd party solutions available to assist if this is a problem.
1,000,000 IP's in 1 console, several million in a tiered deployment.
Without charging more money. We still have to pay for the server to load the software on, correct? What about management of the security center boxes. We don't have good admins and Qualys said they don't need to be involved.
Tenable provides virtual and hardware appliances for this scenario.
We are currently considering several solutions, yours included. What would you say is the time frame for a new user to be able to take full control of your solution and leverage vulnerability management effectively? Is training included or is there additional cost?
Most users install and scan in less than half a day. Training is available at additional cost online, onsite, or classroom.