No more typing reviews! Try our Samantha, our new voice AI agent.

Amazon Inspector vs The NodeZero Platform by Horizon3.ai comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Amazon Inspector
Ranking in Vulnerability Management
25th
Average Rating
8.2
Reviews Sentiment
6.3
Number of Reviews
9
Ranking in other categories
IT Vendor Risk Management (7th)
The NodeZero Platform by Ho...
Ranking in Vulnerability Management
7th
Average Rating
8.8
Reviews Sentiment
6.1
Number of Reviews
24
Ranking in other categories
Advanced Threat Protection (ATP) (12th), Penetration Testing Services (1st), Breach and Attack Simulation (BAS) (1st), Risk-Based Vulnerability Management (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Amazon Inspector is 1.1%, down from 2.5% compared to the previous year. The mindshare of The NodeZero Platform by Horizon3.ai is 1.3%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
The NodeZero Platform by Horizon3.ai1.3%
Qualys TotalCloud1.1%
Amazon Inspector1.1%
Other96.5%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Abdalla Kenawy - PeerSpot reviewer
AWS DevOps SRE/Infrastructure Engineer at Capgemini
Automated insights streamline data security assessment
For Amazon Inspector, we have many EC2 or virtual machines deployed inside our AWS environment, and the problem is that the existing package deployed inside this EC2 instance has already outdated packages. As we progress with time, this package needs to be updated for security enhancement, which requires us to uninstall the package, install the new version, and then we should be fine. However, the challenge comes with how to scan all our EC2 instances for security vulnerabilities, which is currently managed by Amazon Inspector. Amazon Inspector can scan EC2 instances or ECR, which is the ECR registry where we can save artifacts Docker images. Amazon Inspector can also scan Docker images uploaded to ECR for Elastic Registry service, and it can scan databases and S3 based on the latest updates. I noticed this from a couple of months ago, and it provides huge benefits for security. Regarding the best features of Amazon Inspector, it gives us a list of all existing outdated packages as part of a deployed package on EC2 instances or specific Python packages that are part of the Docker file and the Docker image itself, which are causing security concerns. Amazon Inspector can list these security concerns and offer guidance on how we can remediate it by updating the package to a specific upper version or something similar.
Brent Hamlin - PeerSpot reviewer
Infrastructure Manager at a construction company with 501-1,000 employees
Continuous threat scanning has improved remediation time and strengthened executive reporting
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint. The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist. The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic. NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments. I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has helped us view our risk structure, vulnerabilities, and security posture."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"I recommend Amazon Inspector because it allows the automation of processes and requires less manual monitoring."
"It operates continuously, so as soon as resources are created, it scans them for vulnerabilities."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The scalability of the solution itself is unparalleled."
"My experience with AWS technical support is very good, I didn't face any specific challenges, and even the documentation of AWS is good for both Microsoft, which is Azure, and AWS."
"The assessment reports provided by Amazon Inspector have helped me in identifying security vulnerabilities in my cloud applications by giving us a nicely designed dashboard that provides all the security information we need to work on remediation."
"The NodeZero Platform by Horizon3.ai is better than manual penetration test scans, definitely worth trying if you are considering using it because it reduces the time and cost associated with manual scans and presents the data in a very clear way that even non-technical people can understand."
"Honestly, it's one of the most transformational technologies we've implemented in our company."
"After the third party conducts the pen test, The NodeZero Platform is run, and it finds the same things they found and sometimes a few other things that they did not even identify."
"I believe that The NodeZero Platform by Horizon3.ai has kept me safer in a cybersecurity sense."
"The NodeZero Platform's real attack capabilities help in identifying vulnerabilities on our on-prem systems because it provides actual vulnerabilities by attacking our systems."
"The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization."
"The NodeZero Platform's real attack capabilities help identify vulnerabilities on my on-premise systems by adding an element of validation and offensive security testing on top of known vulnerabilities. The feature that allows security teams to fix and retest vulnerabilities instantly is very useful, even though it may not happen literally 'instantly.' It's a necessary tool for any organization to understand whether vulnerabilities are genuinely exploitable by attackers. With its near-real-time testing capabilities, it's an essential part of any security portfolio."
"The NodeZero Platform by Horizon3.ai has positively impacted our organization by definitely increasing our security posture significantly."
 

Cons

"There should be improvement from a dashboard perspective when collecting and showcasing data to lead management."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"The support is not up to the mark and seems to be overburdened."
"There are challenges associated with the interdependencies in AWS services, like requiring an Active Directory for other services, resulting in additional charges."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"The false positive rate of Amazon Inspector is a little high, and it is not covering all different applications and scanning."
"The other point is that the reporting features of Inspector need improvement. For example, I am in an organization with millions of CVEs, and getting an overview of all this is challenging."
"It has automated vulnerability assessment, yet I seek more flexibility in defining custom vulnerability checks tailored to my needs, which is more difficult."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"One area for improvement in Amazon Inspector is the automation aspect."
"Occasionally, I will get one that does not offer a lot in the way of specific steps because the device on which it found the vulnerability is not a standard device that it recognizes."
"I think The NodeZero Platform could improve by leveraging GPUs for password cracking, which would be pretty good."
"I think customizability is one area of The NodeZero Platform by Horizon3.ai that could be improved or enhanced."
"The NodeZero Platform by Horizon3.ai can be improved in some ways, particularly regarding the test scan sometimes."
"We did hundreds of tests, so that is why we did not continue, as it was very expensive for a very low yield."
"The reports are quite useless."
"The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually starting the test, as the deployment of the underlying infrastructure can take several minutes, sometimes over 10 minutes."
"I encountered challenges with patch management, as we struggled to test and implement patches due to time constraints. This led to our patch management process being ineffective."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"The pricing is very transparent and clear."
"The lowest cost would be around $10 for a few small accounts, however, for thousands of accounts, it could be around $5000 to $6000 dollars per month."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"It's priced according to market standards for its services."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
8%
Government
7%
Comms Service Provider
6%
Comms Service Provider
9%
Manufacturing Company
8%
Government
8%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise6
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Amazon Inspector?
I am not honestly sure about the pricing side of Amazon Inspector, but that is taken care of by a separate team. I be...
What needs improvement with Amazon Inspector?
They might launch support for third-party environments in the next version regarding the best features in Amazon Insp...
What is your primary use case for Amazon Inspector?
I mostly use Amazon Inspector for vulnerability scanning on AWS native applications. For hybrid applications, we have...
What needs improvement with Horizon3.ai?
The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually s...
What is your primary use case for Horizon3.ai?
My main use case for The NodeZero Platform by Horizon3.ai is autonomous and continuous penetration testing. A specifi...
What advice do you have for others considering Horizon3.ai?
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to use it to its full potential, as it...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Horizon3.ai
 

Overview

 

Sample Customers

Information Not Available
betterment, caplinked, flatiron, university of nutri dame
Government agencies, Defense Industrial Base organizations, and enterprises in regulated industries such as finance, healthcare, manufacturing, and criticalinfrastructure rely on NodeZero to meet rigorous security and compliance requirements with continuous, scheduled, and on-demand testing.
Find out what your peers are saying about Amazon Inspector vs. The NodeZero Platform by Horizon3.ai and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.