No more typing reviews! Try our Samantha, our new voice AI agent.

Amazon EKS vs Chainguard Containers comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Container Security
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Amazon EKS
Ranking in Container Security
10th
Average Rating
8.4
Reviews Sentiment
6.2
Number of Reviews
96
Ranking in other categories
Container Management (1st)
Chainguard Containers
Ranking in Container Security
21st
Average Rating
8.4
Reviews Sentiment
3.7
Number of Reviews
5
Ranking in other categories
Container Image Security (1st)
 

Mindshare comparison

As of July 2026, in the Container Security category, the mindshare of Qualys TotalCloud is 1.5%, up from 0.9% compared to the previous year. The mindshare of Amazon EKS is 0.5%, up from 0.1% compared to the previous year. The mindshare of Chainguard Containers is 1.1%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security Mindshare Distribution
ProductMindshare (%)
Amazon EKS0.5%
Qualys TotalCloud1.5%
Chainguard Containers1.1%
Other96.9%
Container Security
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Mahesh Dash - PeerSpot reviewer
DevOps Consultant at US Contract | Freelancer
Has enabled seamless infrastructure configuration while improving identity integration and monitoring capabilities
It has been since 2019 that I started using Amazon EKS. At that time, it was completely new, and many people were not using it just yet; it started from version 1.21, and right now we are on 1.33. Recently, 1.34 has been launched, but it's not yet available in the service catalog; we can see only 1.33. A lot of improvements have been made. We had numerous add-ons to install manually because Kubernetes is a completely different service than AWS cloud provider, and everyone has opted to use it. After opting, there is an identity that you have to maintain—one at Kubernetes level and one at the AWS provider level. You have to maintain one identity at IAM level and one within the cluster, Amazon EKS. A few things do not make sense within the add-ons, many of the secret providers that read the secret from Secrets Manager and then mount it as a volume. We use a service called EBS CSI driver, which reads the secrets or sensitive data from Secrets Manager and then mounts it as a volume to the pod at runtime. However, that doesn't have a dynamic feature where, if any changes happen in the secrets, it can read and populate in the environment. Sometimes consider your RDS password or OpenSearch password rotates. Amazon EKS doesn't have that feature to read the dynamic one and consider that the password has changed overnight; there is no functionality from the provider to see the changes and then restart the pod or fetch the new value. This often leads to downtime of 12 or even 6 hours, depending on when you realize it, so that needs improvement. Nonetheless, mostly on the add-on side, they have developed a lot; earlier we were installing them manually, but now with EKS auto mode, many things VPC CLI and pod identity service—around four plugins—are installed by default, which is a good thing. However, I believe there should be some solution that is self-contained, covering generic use cases. With the 1.33 release, they have addressed most of my earlier concerns, but I am still looking for some improvements, particularly in CloudWatch monitoring. In IT, we manage two aspects: either the system or the application. Currently, the application logs and monitoring are not very robust in CloudWatch; you can only find things if you are familiar with them. Fortunately, we are familiar, as most of the monitoring involves two types of databases: one is a time series for monitoring data, and the other is an indexing solution for a streaming service. This means we need to get the logs from each node, index them, and populate them on a screen. That part remains a separate service, but if they managed it within Amazon EKS service, where the monitoring is consolidated in one place, you wouldn't need to rely on Prometheus, Grafana, or different services. It would be advantageous to have a consolidated platform for EKS, as Kubernetes is leveraged; monitoring and logging should also be integrated simply by enabling parameters or tags. This would create a self-contained platform where people can onboard and start using it. Currently, I still need to enable logging and monitoring among other things myself; that shouldn't be the case after six or seven years in the market. On a scale from 1 to 10, I would rate Amazon EKS tech support an eight. Some individuals have a deep understanding of the services and can identify potential bottlenecks, especially with load balancer endpoints and certificate management. The shift from NGINX to AWS load balancers has diminished many previous issues. However, not every support engineer meets the same level of expertise, hence why I rate it a solid eight, which I consider decent.
ParthasarathyT - PeerSpot reviewer
Senior Associate Infrastructure at Publicis Sapient
Secures container builds, has simplified compliance audits and reduced vulnerabilities dramatically
The benefit of Chainguard Containers is that it makes development simpler. It makes the development team confident there will not be any bugs or vulnerabilities in the image they are using. It is mainly needed for vulnerabilities, SLAs, security audits, and SOC 2, ISO, and PCI compliance. The image includes SBOM, signature, and provenance metadata, which makes audits much easier. The best features Chainguard Containers offers include a reduced image size. It removes the shell and the package manager, resulting in a significantly smaller image size compared with a normal image. We can deploy production workloads directly without worrying about security concerns. If we want a strong supply chain for security, we will be using it. Many users are already tired of scanning alerts, so this will be a great thing. Removing the shell and package manager has positively impacted my team's workflow and deployment speed by making it quite user-friendly, where the developer can touch it without any hesitation. Chainguard Containers are built and pushed from non-patched binaries, with the packages compiled directly from the source. No dependencies or pre-built distro packages like Debian or Alpine are required, so there are no hidden vulnerabilities. The developer gains full control over what goes inside, and the image size is smaller with fewer vulnerabilities, in fact, zero. It has built-in processes like SBOM, which is Software Bill of Material generated. The image is cryptographically signed, and provenance is tracked, leading to faster patching, minimal footprint, and best supply chain control. Chainguard Containers has positively impacted my organization by reducing constant CVE fixing, resolving security versus DevOps conflicts, and minimizing compliance headaches. After implementing secured-by-default containers, there is less effort on fixing vulnerabilities, faster delivery, and better compliance. The impact on security teams includes a lower risk of attack, less panic during audits, and significantly fewer security noises. A specific outcome we have noted since implementing Chainguard Containers is that for a client who uses more than 200 containers, they previously received vulnerability warnings for every deployment. Once we implemented Chainguard Containers, the vulnerability ratio drastically decreased, from 100 to 30. Nearly 70% of the vulnerability checks have passed. Chainguard Containers are CVE-resistant, which is significant as CVEs represent Common Vulnerabilities and Exposures.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"The most valuable feature is extensibility."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"The most valuable feature is the consolidated information that it provides from various platforms."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"I would rate Qualys TotalCloud ten out of ten."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"It is a scalable solution."
"Amazon EKS's scalability is brilliant, as you can easily scale from zero nodes all the way up to the tens of thousands, probably even higher, without really having a bottleneck in terms of scalability."
"What I found most valuable in Amazon EKS is its maturity as a cloud computing technology."
"The most valuable feature to us is orchestration when it comes to deploying."
"Amazon EKS is a major tool for our application functionality and job purposes; it helps us at the orchestration level, allowing us to not worry about the entire deployment and service migration."
"The solution is easy to use."
"It provides benefits in terms of operational efficiency; I consider Amazon EKS to be cost-effective, and it is fulfilling all the purposes we wanted to use it for until now."
"Overall Amazon EKS is a good solution in the industry. The solution can support multi tendencies, and network isolations are the key factors."
"Specific outcomes and metrics show that before this, every month there would be 15 to 20 vulnerabilities, but after switching to Chainguard Containers, there are now only one or maybe two vulnerabilities."
"The best feature of Chainguard Containers is being distroless, and the main thing I liked about it is that they follow the SBOM process and the continuous rebuilds they were doing, and they were helping me to rapidly remediate the failures which were happening."
"Chainguard Containers reduced our container CVEs by approximately 70% to 80%, reduced the time spent reviewing security scan findings by 40% to 50%, and has accelerated our vulnerability remediation cycles because the volume of vulnerabilities is significantly lower."
"Chainguard Containers has positively impacted my organization even during the proof of concept phase by improving our security posture."
"Chainguard Containers reduced our container CVEs by approximately 70% to 80%, reduced the time spent reviewing security scan findings by 40% to 50%, and has accelerated our vulnerability remediation cycles because the volume of vulnerabilities is significantly lower."
"Chainguard Containers has positively impacted my organization by reducing constant CVE fixing, resolving security versus DevOps conflicts, and minimizing compliance headaches."
 

Cons

"The downside is only in container security, but it has not been a long time since they introduced these models."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"The cost of Qualys TotalCloud is high and could be more competitive."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"There is a lack of data segregation according to criticality or inventory."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"The price is very expensive, actually."
"Amazon EKS could improve its plugin management; while Amazon offers some improvements, they often come at an extra cost."
"The costing perspective could be improved. With normal on-premises servers using Kubernetes services, the costing might be slightly higher compared to other Kubernetes vendors."
"Failures from containers running on nodes in AWS data centers can halt our workflows, especially when running in single availability zones."
"Amazon EKS is very scalable, but scaling can sometimes cause trouble. When Amazon EKS scales up or down, there might be occasional intermediate pod interruptions, though it's rare."
"I would like to see it a little more stable, more operational, and more convenient to develop."
"The main problem or area for improvement is flexibility in configuration."
"I encountered problems with the product’s documentation."
"For a few of the cluster upgrades that got stuck, we connect with Amazon tech support, as we have business support with Amazon."
"Sometimes there are backend errors which we come across again and again, and there is a resolution, but there are pending tickets for it. That sucks sometimes."
"The accuracy and reliability of the output from Chainguard Containers are below average, but I still give it an average rating of 6.5 to 7 because of its capabilities and its functionality for a developer-friendly approach."
"The only limitation or challenge that stood out during my evaluation of Chainguard Containers was the fact that it is primarily based on Alpine, which can be tricky to use in native Kubernetes environments, as we use Tecton primarily, which is a CI/CD pipeline that runs on native Kubernetes."
"The biggest challenge in Chainguard Containers is that they provide minimal images, which can make troubleshooting difficult because common debugging tools are also not included."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"TotalCloud's price is about right where I would expect it to be."
"The cost is high, but it meets our organizational needs."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud is expensive."
"Pricing is dependent upon instance type."
"My company paid for the license."
"The tool's pricing is good."
"Amazon EKS’s pricing is ok compared to its competitors."
"The product pricing depends on the specific requirements."
"Amazon EKS is not a cheap solution."
"The solution is more expensive than other competitors and does not require a license."
"The price could be cheaper. I would rate it as seven out of ten."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
18%
Computer Software Company
9%
Manufacturing Company
8%
Construction Company
6%
Manufacturing Company
16%
Financial Services Firm
8%
Computer Software Company
7%
Healthcare Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business36
Midsize Enterprise18
Large Enterprise49
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Amazon EKS?
Pricing for Amazon EKS is quite good, because you can choose the instances which are running under the hood. If you w...
What needs improvement with Amazon EKS?
One limitation I have found with using Amazon EKS is that there is a very big learning curve. It is very complicated ...
What advice do you have for others considering Amazon EKS?
Overall, Amazon EKS is a very good tool to use and it is commonly used in the industry. However, GKE is easier to use...
What is your experience regarding pricing and costs for Chainguard Containers?
My experience with pricing, setup cost, and licensing is that while I work on implementation and do not manage billin...
What needs improvement with Chainguard Containers?
The only limitation or challenge that stood out during my evaluation of Chainguard Containers was the fact that it is...
What is your primary use case for Chainguard Containers?
Chainguard Containers was a tool brought into my enterprise as a proof of concept that we evaluated, but we have not ...
 

Also Known As

Qualys TotalCloud with FlexScan
Amazon Elastic Kubernetes Service
No data available
 

Overview

 

Sample Customers

Information Not Available
GoDaddy, Pearson, FICO, Intuit, Verizon, Honeywell, Logicworks, RetailMeNot, LogMeIn, Conde Nast, mercari, Trainline, Axway
Information Not Available
Find out what your peers are saying about Amazon EKS vs. Chainguard Containers and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.