Picus Security, headquartered in San Francisco, offers Continuous Security Validation and Mitigation as the most proactive approach to ensure cyber-resilience. The Picus Platform measures the effectiveness of defenses by using emerging threat samples in production environments, providing the insight required to build the right security strategy to better manage complex operations.
N/A
Qualys TruRisk Platform
Score 6.5 out of 10
N/A
Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.
N/A
Pricing
Picus Security
Qualys TruRisk Platform
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Picus Security
Qualys TruRisk Platform
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Picus Security
Qualys TruRisk Platform
Features
Picus Security
Qualys TruRisk Platform
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Picus Security
-
Ratings
Qualys TruRisk Platform
8.7
7 Ratings
8% above category average
Network Analytics
00 Ratings
8.96 Ratings
Threat Recognition
00 Ratings
8.37 Ratings
Vulnerability Classification
00 Ratings
8.87 Ratings
Automated Alerts and Reporting
00 Ratings
9.07 Ratings
Threat Analysis
00 Ratings
8.27 Ratings
Threat Intelligence Reporting
00 Ratings
8.97 Ratings
Automated Threat Identification
00 Ratings
8.77 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
If you want to analyze the full path focusing on the signatures it’s the best product in the market. If you want to test phishing, data exfiltration/DLP, DNS I don’t recommend Picus. Scenario based attacks also lacking. However Picus support is awesome and I like the development team. When we open a case, they’ll always return with the right answer
Qualys Cloud Platform is well suited for organizations that need additional tools to secure and bolster their security from end to end. The automated, real-time threat protection is very quick to notify an admin of potential vulnerabilities and risks, as well as recommending quick fixes to resolve/close the gap before an incident occurs. QCP excels at portraying all of these in a single pane of glass, and find that the Qualys reports are more detailed than competitor product lines. One of our big issues with QCP is that you do have to pay for each scanner, which can quickly add up to large costs. For this reason, I would rate Qualys at a ~7 due to great features and functionality, but overall value could be better for a large organization. I would also say that QCP may make more sense for smaller organizations due to this pricing model.
It has thousands of signatures and up-to-date attack vectors (It's the largest set in the market)
Attack vectors are mapped with existing vendors like Checkpoint and Mcafee, where you don't spend time finding out which cve mapped to which protection
Ability to focus/highlght solely new threats, it's superb for 0days and up-to-date protections. As there are always timing issue between updates and apply the updates on the products.
Blocked vs not blocked ratios on the dashboard with drill down menu specifiying the set of protections or signatures on the defensive measures
Already mapped mitre att&ck framework on the dasboard. SOC and analyst team using the Mitre framework.
Detection analytics enhance the analytics capabilities with pinpoint accuracy where to focus and how to prevent
Timeline and scheduled reports from the dashboard in flexible format
It really does well at vulnerability scanning, which it is well known for. It's accuracy at finding vulnerabilities is top notch, more so than a lot of other vulnerability tools out there. In an organization/company you want this kind of accuracy at finding vulnerabilities in your network/endpoints
It is very good at managing endpoints on a consistent basis, meaning you can add endpoints to Qualys and have the platform scan/track/protect for vulnerabilities on an ongoing basis, without user intervention
It does really well at separating out and identifying what levels of criticality each vulnerability should fall into. This way, an organization/company can attack the more critical vulnerabilities first
This program is really complicated, the multiple functions that are presented to us are not very clear and in some cases, it is a matter of intuition to execute a function, it is not very informative.
The interface of this program can be a real problem; for our taste, this program looks a bit messy, and the interface does not help or guide you to find the options you need.
Again, the usability of Qualys has been a pinpoint for this entire review. It was easily the worst thing about the product and because of this, I would not recommend Qualys to anybody in my field. This should be something that Qualys strives to improve if they wish to stay in business.
They had a support page within the WAS to report any concerns or seek help. But the UI of that is not smooth. Regardless support staff were pretty responsive and helpful. They scheduled calls to understand and address our problems. Email support is good as well.
We use other vendors Verodin, AttackIQ, SafeBreach, Cymulate etc. All of them have their advantages and disadvantages. Please take a look at TrustRadius reviews of each product. I don’t want to go head to head for each product in this review. I select Picus because it's local startup company in our region. I like their support and engineering team. Support is marvelous. Product is giving what we expected from the product. Price is adequate. Reporting and dashboard is superb.
As described before Qualys is used to scan periodically the environment in order to check if there are some packages (Linux) or Applications (Windows) outdated, generating reports to the Service Owners, fulfilling what's is expected from us, attending all our expectations regarding the tool. That's why we'd choose Qualys to our organization.
With Picus we have the tangible KPIs for the security
Detetcion and Prevention rates for the latest attacks are significantly increased
We work with many security vendors. We use picus scores and share specific outputs with the company in case of decreasing score rates where the development and product team analyzes their updates or product engines to increase the rates.
It helps our strategic plans where to focus and invest for the following years and planning/prioritizing the security budgets to specific highlighted areas
