No more typing reviews! Try our Samantha, our new voice AI agent.

Amazon Inspector vs Kandji comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Amazon Inspector
Ranking in Vulnerability Management
25th
Average Rating
8.2
Reviews Sentiment
6.3
Number of Reviews
9
Ranking in other categories
IT Vendor Risk Management (7th)
Kandji
Ranking in Vulnerability Management
19th
Average Rating
8.8
Reviews Sentiment
6.6
Number of Reviews
19
Ranking in other categories
Mobile Device Management (MDM) (3rd), Enterprise Mobility Management (EMM) (5th), Endpoint Detection and Response (EDR) (13th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Amazon Inspector is 1.1%, down from 2.5% compared to the previous year. The mindshare of Kandji is 0.4%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Kandji0.4%
Amazon Inspector1.1%
Other97.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Abdalla Kenawy - PeerSpot reviewer
AWS DevOps SRE/Infrastructure Engineer at Capgemini
Automated insights streamline data security assessment
For Amazon Inspector, we have many EC2 or virtual machines deployed inside our AWS environment, and the problem is that the existing package deployed inside this EC2 instance has already outdated packages. As we progress with time, this package needs to be updated for security enhancement, which requires us to uninstall the package, install the new version, and then we should be fine. However, the challenge comes with how to scan all our EC2 instances for security vulnerabilities, which is currently managed by Amazon Inspector. Amazon Inspector can scan EC2 instances or ECR, which is the ECR registry where we can save artifacts Docker images. Amazon Inspector can also scan Docker images uploaded to ECR for Elastic Registry service, and it can scan databases and S3 based on the latest updates. I noticed this from a couple of months ago, and it provides huge benefits for security. Regarding the best features of Amazon Inspector, it gives us a list of all existing outdated packages as part of a deployed package on EC2 instances or specific Python packages that are part of the Docker file and the Docker image itself, which are causing security concerns. Amazon Inspector can list these security concerns and offer guidance on how we can remediate it by updating the package to a specific upper version or something similar.
CD
SysAdmin at a recreational facilities/services company with 11-50 employees
Strong security structure has supported fast Mac and iOS administration with minimal IT effort
One area for improvement for Kandji would be having a bigger suite of applications. I noticed that some of the niche apps our data software firm needs were not in the regular library. We were able to use the custom app feature to create those apps ourselves, but I would love it if Kandji could expand the library. I also wish Kandji could lock down different ports on MacBooks based on which ones we wanted to shut down, and I hope there is an easier way to sandbox people's bring your own device devices because when we're doing SOC 2, it really wants us to sandbox things so that if someone were to take a device that is not ours, we could delete just our data off there and not theirs. An improvement needed for Kandji would be the ability to remote into devices. I would appreciate something that is really reliable for that without having to buy third-party software.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"Its excellent graphical interface makes the scanning process simple."
"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The assessment reports provided by Amazon Inspector have helped me in identifying security vulnerabilities in my cloud applications by giving us a nicely designed dashboard that provides all the security information we need to work on remediation."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"It is scanning the whole repository for any sort of vulnerabilities, so it allows us to be more confident in our DevSecOps and not put a lot of folks or attention to it."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The scalability of the solution itself is unparalleled."
"The automated vulnerability detection aspect is most valuable."
"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"Kandji has positively impacted my organization because it was very easy to implement and manage all of our devices, especially when we manage with the ISO and SOC 2 certifications that we need for our organization."
"Kandji has positively impacted my organization because it helps us be more secure and enforce compliance."
"Kandji offers excellent features, including the ability to erase devices remotely without needing to be in front of the laptop."
"I have seen a return on investment with Kandji, as I save time."
"Kandji has positively impacted my organization by increasing our security, reducing our resolution times, and ensuring that all employees who work from home have their computers working from day one."
"Kandji has positively impacted my organization because it is very user-friendly, and among the multiple MDM solutions I have used, such as JumpCloud and Intune, Kandji stands out as one of the best for Mac devices."
"I highly recommend Kandji to others looking into using it since I have not seen any game-breaking issues; it is highly reliable, scalable, improves security, and reduces the time individuals need to spend on system configuration for security updates."
"Kandji has positively impacted my organization by allowing us to better assist and it allows for a better user experience, a better kind of fleet management."
 

Cons

"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"The price is very expensive, actually."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"There is a lack of data segregation according to criticality or inventory."
"The support is not up to the mark and seems to be overburdened."
"From a downside perspective, the UI is not user-friendly and feels dated compared to other tools like Prisma Cloud."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges."
"It has automated vulnerability assessment, yet I seek more flexibility in defining custom vulnerability checks tailored to my needs, which is more difficult."
"The false positive rate of Amazon Inspector is a little high, and it is not covering all different applications and scanning."
"One area for improvement in Amazon Inspector is the automation aspect."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"The most challenging aspect I faced with Amazon Inspector during integration was automating the remediation process."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"One thing I have noticed is that Kandji is mainly for Mac devices."
"I think Kandji could be improved with a better UI."
"While it might be on the expensive side compared to Jamf Pro, it is closer in pricing to other MDMs such as Microsoft Intune, which comes with the EMS E3 license, making it potentially pricey for startups, yet a good cost for established enterprises."
"I rated Kandji an eight because the laptop needs to be connected to Wi-Fi to erase it."
"The Windows part needs a lot of work."
"I believe Kandji can be improved by having more self-service options, as users can complete a few steps before reaching out to IT support, which will give us more context on the issue."
"In Kandji, I see a drawback related to the remote wipe function."
"One thing I think could be improved is what happens when a user gets locked out."
 

Pricing and Cost Advice

"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"TotalCloud's price is about right where I would expect it to be."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is expensive."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"The lowest cost would be around $10 for a few small accounts, however, for thousands of accounts, it could be around $5000 to $6000 dollars per month."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"The pricing is very transparent and clear."
"It's priced according to market standards for its services."
"Users have to pay a yearly licensing fee for Kandji, which is expensive."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
8%
Government
7%
Comms Service Provider
6%
Financial Services Firm
12%
Comms Service Provider
10%
Outsourcing Company
8%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise6
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise5
Large Enterprise7
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Amazon Inspector?
I am not honestly sure about the pricing side of Amazon Inspector, but that is taken care of by a separate team. I be...
What needs improvement with Amazon Inspector?
They might launch support for third-party environments in the next version regarding the best features in Amazon Insp...
What is your primary use case for Amazon Inspector?
I mostly use Amazon Inspector for vulnerability scanning on AWS native applications. For hybrid applications, we have...
What is your experience regarding pricing and costs for Kandji?
My experience with pricing, setup cost, and licensing is that we are using nearly 100 machines in Kandji, which comes...
What needs improvement with Kandji?
Kandji can definitely be improved by the complexity. I feel we cannot necessarily tweak the Blueprints in the ways th...
What is your primary use case for Kandji?
My main use case for Kandji is MDM management, so managing our Macs and iOS devices in a corporate enterprise environ...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
betterment, caplinked, flatiron, university of nutri dame
Information Not Available
Find out what your peers are saying about Amazon Inspector vs. Kandji and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.