


Find out in this report how the two Cloud Security Posture Management (CSPM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
It has saved about 90% of our time.
TotalCloud has generated overall savings of 30 to 40 percent across various departments.
CallStream helps us integrate and automate tasks.
Aikido Security caught a critical remote code execution vulnerability in my Python machine learning pipelines before it reached production.
Since we got rid of that, our productivity has increased, I believe, by thirty-two percent.
We were expecting to complete the compliance in a month, but I figured out Aikido Security could do it within a week for all our 13 repositories.
They are helpful, respond to my queries, and can answer any question.
Qualys's tech support is highly responsive, providing multiple ways to interact with them.
Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA.
Aikido Security was the easiest to use, the easiest to onboard, and the one with the most active customer support.
Their team proactively reached out after signup to ensure we were set up correctly.
Customer support is good; if you raise a query, hardly within a day, your issues get resolved.
I see a lot of lack of knowledge and lack of training.
We never had major issues to report or request support.
We started our organization about nine months back. We started with about 30 users, and we now have more than 100 users.
Our organization currently uses it to manage over 1200 web applications.
It is absolutely scalable, and I would rate its scalability as nine out of ten.
That kind of reliability becomes invisible when it works well, which is exactly what you want from a security tool running in your CI/CD pipelines.
Aikido Security scales well by supporting multiple projects, repositories, and development teams on a single platform.
You can deploy it on your team, and if you have a large team, it works very well.
Overall, the support provided has been excellent.
It is a stable solution, which is why we chose it.
Continuous monitoring is crucial to ensure system stability and avoid vulnerabilities or threats.
The platform has been reliable and provides accurate security findings.
Until version six or seven, it was perfect.
Ideally, the scanner should automatically detect and scan all subdomains, even if not explicitly defined, ensuring comprehensive vulnerability assessment.
Ideally, updates should be more immediate, enabling quicker implementation of solutions.
Our goal is to integrate all these functions into Qualys, creating a single dashboard for comprehensive security monitoring and management.
I would love to see a Terraform module for Aikido Security.
I had a certain object with a UUID that was being considered as a private secret key or API key, which was not the case.
Aikido Security tells you what is vulnerable, but sometimes the fix suggestions are generic.
VCF 9 will bring VCF Automation and VCF Operations, the new product line of VMware.
It operates for both of my products, however, as a product, it is complicated to integrate and automate with other products.
Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive.
Pricing is managed by our finance team; however, Qualys TotalCloud offers cost-effective licensing flexibility.
Qualys TotalCloud is expensive, but it offers a premier solution with no headaches.
I used the free trial, which was sufficient for evaluating the platform and its core features.
This view of risk helps reduce the work we would have to do to combine multiple sources to prioritize risk.
It will help cybersecurity professionals monitor the cloud and find vulnerabilities.
We are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs.
We were able to get all codebase vulnerability fixes within a week for all our 13 or 14 repositories that we had.
Security shifted left, meaning issues were caught during development rather than after deployment.
My favorite feature is the dependency vulnerability scanning because it quickly identifies the risk in third-party packages, which saves me time in finding vulnerabilities.
We leverage VRO when the going gets tough. When something is not doable with the tools we have with VMware Aria Automation, we use the capabilities of VRO because it has many plugins for many things.
It helps us automate the workflow of creating many VMs and the TensorFlow key method.
We have strong regulations for maintaining compliance and mitigating risks with this product.
| Product | Mindshare (%) |
|---|---|
| Qualys TotalCloud | 1.8% |
| Aikido Security | 0.9% |
| VMware Aria Automation | 1.0% |
| Other | 96.3% |


| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 4 |
| Large Enterprise | 29 |
| Company Size | Count |
|---|---|
| Small Business | 6 |
| Midsize Enterprise | 2 |
| Large Enterprise | 2 |
| Company Size | Count |
|---|---|
| Small Business | 33 |
| Midsize Enterprise | 24 |
| Large Enterprise | 131 |
Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.
Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.
What are the most important features of Qualys TotalCloud?Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.
Aikido Security is the no-nonsense platform that empowers developers by centralizing code-to-cloud security issues and providing rapid guidance for fixing vulnerabilities.
With over 6,000 teams utilizing its features, Aikido Security prioritizes effective security management by consolidating 11 comprehensive scans into one platform. This approach translates complex vulnerabilities into understandable insights, targeting non-enterprise SaaS businesses with engineering teams of 10-500 developers. It focuses on delivering security management without excessive costs or complexity through a product-led growth model.
What are the standout features of Aikido Security?In industries like software development and cloud services, Aikido Security is implemented to provide clear insights, enabling teams to focus on rapid product growth while maintaining robust security. Its product-led growth strategy, including a freemium offering, allows developers to experience benefits firsthand without initial investment.
VMware Aria Automation is known for its automation capabilities, integrating with VMware and third-party tools to enhance workflow efficiency, save time, and manage resources effectively.
VMware Aria Automation offers a diverse set of features including a self-service portal and a streamlined user-friendly interface, which make it ideal for organizations aiming to automate virtual machine provisioning. The platform supports extensive automation capabilities across multi-cloud environments, featuring flexible blueprint designs and comprehensive integration with platforms like AWS, Azure, and ServiceNow. Though improvements are desired in areas like logging, template management, and vCenter integration, its robust framework facilitates IT infrastructure services, disaster recovery, and development operations. It is specifically beneficial for orchestrating workflows, automating routine tasks, and managing workloads efficiently in private and hybrid cloud environments.
What are the most important features of VMware Aria Automation?VMware Aria Automation is implemented across industries for automating the provisioning of virtual machines and managing cloud environments. It is used in sectors requiring efficient server deployment, network configurations, and seamless integration with tools such as AWS and Azure. It aids in reducing manual efforts, supporting IT infrastructure services, and enhancing disaster recovery protocols.
We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.