No more typing reviews! Try our Samantha, our new voice AI agent.

Amazon Inspector vs Automox comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Amazon Inspector
Ranking in Vulnerability Management
25th
Average Rating
8.2
Reviews Sentiment
6.3
Number of Reviews
9
Ranking in other categories
IT Vendor Risk Management (7th)
Automox
Ranking in Vulnerability Management
42nd
Average Rating
8.8
Reviews Sentiment
7.0
Number of Reviews
14
Ranking in other categories
Endpoint Protection Platform (EPP) (36th), Enterprise Mobility Management (EMM) (13th), Patch Management (13th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Amazon Inspector is 1.1%, down from 2.5% compared to the previous year. The mindshare of Automox is 0.6%, down from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Amazon Inspector1.1%
Automox0.6%
Other97.2%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Abdalla Kenawy - PeerSpot reviewer
AWS DevOps SRE/Infrastructure Engineer at Capgemini
Automated insights streamline data security assessment
For Amazon Inspector, we have many EC2 or virtual machines deployed inside our AWS environment, and the problem is that the existing package deployed inside this EC2 instance has already outdated packages. As we progress with time, this package needs to be updated for security enhancement, which requires us to uninstall the package, install the new version, and then we should be fine. However, the challenge comes with how to scan all our EC2 instances for security vulnerabilities, which is currently managed by Amazon Inspector. Amazon Inspector can scan EC2 instances or ECR, which is the ECR registry where we can save artifacts Docker images. Amazon Inspector can also scan Docker images uploaded to ECR for Elastic Registry service, and it can scan databases and S3 based on the latest updates. I noticed this from a couple of months ago, and it provides huge benefits for security. Regarding the best features of Amazon Inspector, it gives us a list of all existing outdated packages as part of a deployed package on EC2 instances or specific Python packages that are part of the Docker file and the Docker image itself, which are causing security concerns. Amazon Inspector can list these security concerns and offer guidance on how we can remediate it by updating the package to a specific upper version or something similar.
Naqash Ahmed - PeerSpot reviewer
Senior Data Reporting Analyst at University of Bradford
Automation has saved time and improves secure, centralized patching across all our devices
While Automox has very good features, I think there's still room for improvement. I want the custom reports to be even more detailed, specifically where I can add more details. It would be nice to have more filters in reports based on location and department more easily. Secondly, the notifications could be more customizable. Many times notifications come, but we don't have control over which notification is urgent and which is not. For example, if there's an alert of a critical update or pending approval, it can help me focus better. An alert of a security threat could be another type of notification that tells me something is important. Customized notifications would be much better. I would say the user interface could be improved as well. Some parts of the dashboard are a bit hard to understand. If they could be improved to be more intuitive, for example, if it could be easy to navigate between devices and reports, that would be great. I would say if Automox could also provide automation templates, that would help. I know there are templates, but I want more templates. Having ready-made worklets for common tasks can save a lot of time. Lastly, it should also support the interface for mobile screens.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"Its dashboards are brilliant. It provides in-depth insights."
"The scalability is good as well. I would rate it ten out of ten."
"In my opinion, this is the best tool."
"Qualys TotalCloud has improved our security posture."
"I found the initial setup user-friendly."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"I recommend Amazon Inspector because it allows the automation of processes and requires less manual monitoring."
"It is scanning the whole repository for any sort of vulnerabilities, so it allows us to be more confident in our DevSecOps and not put a lot of folks or attention to it."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"The assessment reports provided by Amazon Inspector have helped me in identifying security vulnerabilities in my cloud applications by giving us a nicely designed dashboard that provides all the security information we need to work on remediation."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"My experience with AWS technical support is very good, I didn't face any specific challenges, and even the documentation of AWS is good for both Microsoft, which is Azure, and AWS."
"The automated vulnerability detection aspect is most valuable."
"Automox provides complete visibility for any laptop, desktop or server in our environment, regardless of whether the person is on the train, in the cloud or on the move."
"Automox has eased our operations; it is very simple to use and does not have heavy workflows."
"The fact that it's just one product that can patch multiple operating systems is really great."
"Automox has saved us on multiple tasks at least 10 to 15 hours a week."
"They've been adding some new features lately, which I'm not nearly as familiar with, but the ability to just deploy patches and exempt certain machines from certain patches is helpful. For instance, for our servers, we may not want to roll out zero-day patches. We are able to exempt those and make sure that they don't get those policies. We've got certain servers that have to run a particular version of Java, and being able to exempt those servers from receiving Java updates is pretty fantastic."
"The biggest improvement to our organization involves the reduction in its man hours... We've probably saved hundreds of hours."
"Automox has positively impacted my organization with significant time-saving, improved our security posture by automatically patching vulnerabilities, and is easy to manage and deploy while offering Automox University as a great resource for learning the platform."
"Coming from prior solutions that were a lot more effort, Automox's patch management abilities are transformational. When I took over patching at my company, they were using on-premise architecture to patch. As the workforce shifted from being in the office into their home offices, I was able to lift and shift with no effort other than deploying the new agent out into the environment."
 

Cons

"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"It has automated vulnerability assessment, yet I seek more flexibility in defining custom vulnerability checks tailored to my needs, which is more difficult."
"The other point is that the reporting features of Inspector need improvement. For example, I am in an organization with millions of CVEs, and getting an overview of all this is challenging."
"The most challenging aspect I faced with Amazon Inspector during integration was automating the remediation process."
"The false positive rate of Amazon Inspector is a little high, and it is not covering all different applications and scanning."
"There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"The stability has come a long way from what it was like when it started and now it's really good."
"The biggest area they need to fix, without a doubt, is the ability to copy and sync profiles and worklets between all of the organizations you manage, and the ability to have top-level user access control across all of the companies that you manage."
"However, I feel Automox's present quirks in its ability to manage multiple clients to constitute its weakest point."
"I would add that remote support for iOS could be better, and remote support of Linux is also lacking."
"Asset management would be a great feature to add to Automox. We would run easier scripts or more out of the box scripts that would help us in audits. \"
"They need to improve the automation features."
"There should be better inventory capabilities; right now, they only allow you to have insight into software out-of-the-box, and it would be nice to also extend that into custom inventory that can be modified and managed by the practitioner."
"We would like to see additional detailed reporting for Service providers like us. We had to build our own reports via their APIs to meet our needs."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"TotalCloud's price is about right where I would expect it to be."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud is expensive."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is very transparent and clear."
"It's priced according to market standards for its services."
"The lowest cost would be around $10 for a few small accounts, however, for thousands of accounts, it could be around $5000 to $6000 dollars per month."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"We are on the premium licensing, which is the one that has the API capability that we use."
"The cost is very reasonable compared to the competition."
"There are no additional costs in addition to the extended licensing fees with Automox. You get your support and your per endpoint license with what you purchased."
"The pricing and licensing costs have been great for us... My advice to others who are evaluating or thinking of implementing Automox is to give it a shot. If a free trial is still available, definitely use it, because it makes life a lot easier."
"For all these software tools, it is usually a subscription model. There is a monthly charge that we need to pass along to our clients because we are doing all this for their benefit. It is only a couple of bucks a month per computer, and that is a low enough price point where our clients, without exception, have accepted it, and said, "This is great. We will pay that. It sounds like a worthwhile thing.""
"We're doing it annually directly through Automox. It is per endpoint. It is $2 and some change per endpoint, but I believe the cost is right around $28,000. Everything is covered in this fee."
"Automox just charges us a set amount per user, per month, for using the product. That is very important to us. Because it's a cloud-native solution, you're saving on the cost of hosting an on-premises solution on your servers."
"Its licensing for a year was nine grand. There was no additional fee."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
8%
Government
7%
Comms Service Provider
6%
Financial Services Firm
11%
Manufacturing Company
10%
Outsourcing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise6
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise3
Large Enterprise11
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Amazon Inspector?
I am not honestly sure about the pricing side of Amazon Inspector, but that is taken care of by a separate team. I be...
What needs improvement with Amazon Inspector?
They might launch support for third-party environments in the next version regarding the best features in Amazon Insp...
What is your primary use case for Amazon Inspector?
I mostly use Amazon Inspector for vulnerability scanning on AWS native applications. For hybrid applications, we have...
What is your experience regarding pricing and costs for Automox?
The cost is very affordable. We have been able to save a lot of time, approximately 30%. Cost reduction has been noti...
What needs improvement with Automox?
From an enterprise perspective, Automox could have better compliance reporting, which is needed for audit readiness, ...
What is your primary use case for Automox?
Automox is used in our system primarily to manage patch management. It helps in managing Windows updates, third-party...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
betterment, caplinked, flatiron, university of nutri dame
Information Not Available
Find out what your peers are saying about Amazon Inspector vs. Automox and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.