No more typing reviews! Try our Samantha, our new voice AI agent.

ARCON Secure Compliance Management vs Morphisec comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
ARCON Secure Compliance Man...
Ranking in Vulnerability Management
63rd
Average Rating
8.0
Reviews Sentiment
5.9
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Morphisec
Ranking in Vulnerability Management
57th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (48th), Advanced Threat Protection (ATP) (30th), Endpoint Detection and Response (EDR) (61st), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of ARCON Secure Compliance Management is 0.5%, up from 0.1% compared to the previous year. The mindshare of Morphisec is 0.7%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Morphisec0.7%
ARCON Secure Compliance Management0.5%
Other97.7%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SarojMohapatra - PeerSpot reviewer
Zonal Credit Head at ICICIBANK Ltd
Great for productivity checking and provides good reports
We use this solution for password encryption and remote access. We are customers of ARCON This solution is good for productivity checking and provides good reports.  We've had instances where some parameters have disappeared and that is frustrating. The automation needs to be improved.  We've…
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"The most valuable feature is extensibility."
"The scalability is good as well. I would rate it ten out of ten."
"I would definitely recommend Qualys TotalCloud to other customers."
"Qualys TotalCloud has helped us view our risk structure, vulnerabilities, and security posture."
"I appreciate TotalCloud's real-time protection and remediation features. The remediation options include automated one-click remedies and custom changes that help manage vulnerabilities efficiently."
"I would definitely advise anyone to look at it, it is a good product, quite stable and scalable, and for the requirements that we looked into, ARCON met the customer's needs."
"It is very user friendly; there are not a lot of clicks and buttons, the tool helps me with the installations so the user can do the installation rather than having a technical guide, and I also like the browsing stream and its good dashboard."
"The support for ARCON ARSIM is very good."
"Good for productivity checking."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
"Morphisec as the last line of defense is as good as you can get."
"It's simple, it's easy, and it works."
"We have not had one machine that has been taken down due to malware now in almost four and a half years, with 600 machines that we don't have routine infections on because nothing can execute."
"If you have the ability to get Morphisec into their environment, it's going to be a hundred percent return on investment."
"The ability to stop attacks without having to detect or have a signature for the attack is the most valuable feature."
"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"Morphisec makes use of deterministic attack prevention that doesn’t require investigation of security alerts. It changes the memory locations of where certain applications run. If you think of Excel, opening a PDF, running an Excel macro, or opening a webpage and clicking on a link, all of those actions run in a certain area of memory. Morphisec changes the memory locations of where those run."
 

Cons

"The support is not up to the mark and seems to be overburdened."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"There is room for improvement in the support."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"From a downside perspective, the UI is not user-friendly and feels dated compared to other tools like Prisma Cloud."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"I would love to have all the products. Currently they have all the server operating systems and network operating systems but they should have all the other devices also included, like security devices. That's what I think is missing. They should also improve the license audit part. If I want to do a license audit from this tool, I'm not able to do it right now."
"As for what can be improved, definitely pricing. Customers look for pricing and ARCON is a little more expensive than Thycotic. So the pricing model could be improved."
"The automation needs to be improved."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
"I haven't seen ROI because I haven't seen a threat that it has protected against, exactly."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."
"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."
"We sometimes have to depend on the support team to know what action we should take."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
"If anything, tech support might be their weakest link."
 

Pricing and Cost Advice

"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"TotalCloud's price is about right where I would expect it to be."
"The cost is high, but it meets our organizational needs."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
Information not available
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"The pricing is definitely fair for what it does."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
No data available
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
Ask a question
Earn 20 points
 

Also Known As

Qualys TotalCloud with FlexScan
ARCON ARSIM, ARCON SCM
Morphisec, Morphisec Moving Target Defense
 

Overview

 

Sample Customers

Information Not Available
RAK Bank, AXIS Bank, Reliance Capital, Kotak Life Insurance, MTS
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Find out what your peers are saying about ARCON Secure Compliance Management vs. Morphisec and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.