No more typing reviews! Try our Samantha, our new voice AI agent.

ARCON Secure Compliance Management vs Qualys CyberSecurity Asset Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
ARCON Secure Compliance Man...
Ranking in Vulnerability Management
63rd
Average Rating
8.0
Reviews Sentiment
5.9
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
6th
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
35
Ranking in other categories
Patch Management (4th), Cyber Asset Attack Surface Management (CAASM) (3rd), Attack Surface Management (ASM) (3rd), Software Supply Chain Security (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of ARCON Secure Compliance Management is 0.5%, up from 0.1% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.4%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys CyberSecurity Asset Management1.4%
Qualys TotalCloud1.1%
ARCON Secure Compliance Management0.5%
Other97.0%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SarojMohapatra - PeerSpot reviewer
Zonal Credit Head at ICICIBANK Ltd
Great for productivity checking and provides good reports
We use this solution for password encryption and remote access. We are customers of ARCON This solution is good for productivity checking and provides good reports.  We've had instances where some parameters have disappeared and that is frustrating. The automation needs to be improved.  We've…
Nicki Møller - PeerSpot reviewer
Information Security Engineer at a manufacturing company with 5,001-10,000 employees
Enables automation and quick access to necessary information
One of the significant challenges Qualys is discovery, which I know Microsoft excels at. I can't recall how well Qualys performs this function; it seems I might be missing some details. However, if there's one key aspect to focus on, it's discovery—the ability to identify assets that you are not aware of, even when you can see they are present. Understanding what those assets are is crucial. With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system. The features within Qualys are limited to what they have developed. Sometimes a complete overview is needed to push to a Power BI dashboard, Splunk, ServiceNow, or other platforms. The export process is incredibly challenging. We needed a developer to write a hundred-line Python script that would loop over certain assets due to export limitations. Qualys CyberSecurity Asset Management could improve its integration capabilities. While it generates substantial data, correlating it with other data sources can be challenging. The export process is difficult, and pre-built integrations with other tools could be enhanced for better process implementation.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"I would rate Qualys TotalCloud ten out of ten."
"I would definitely recommend Qualys TotalCloud to other users."
"Its excellent graphical interface makes the scanning process simple."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."
"Qualys TotalCloud fulfills all these needs."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"The support for ARCON ARSIM is very good."
"Good for productivity checking."
"It is very user friendly; there are not a lot of clicks and buttons, the tool helps me with the installations so the user can do the installation rather than having a technical guide, and I also like the browsing stream and its good dashboard."
"I would definitely advise anyone to look at it, it is a good product, quite stable and scalable, and for the requirements that we looked into, ARCON met the customer's needs."
"Qualys CyberSecurity Asset Management offers valuable features such as continuous vendor support, rapid response times, dedicated vendor partnerships, and advanced technical capabilities for risk identification."
"We have a diverse organization with a robust infrastructure of more than 300,000 assets. By creating unauthorized lists and rules in the Qualys CSAM module, I can block certain software from being used in the organization."
"The most valuable feature is the Management sensor, which helps identify gaps in policy agent availability, thereby improving agent utilization."
"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."
"Overall, I would give Qualys CyberSecurity Asset Management a nine out of ten."
"What I appreciate most about Qualys CyberSecurity Asset Management is the inventory feature, where I can look up assets, software, applications, open ports, and similar items because it's very useful."
"Regarding return on investment, I first look at the reality of the environment and the decrease in critical vulnerabilities with Qualys CyberSecurity Asset Management, which equals a positive return on investment."
"I recommend Qualys CyberSecurity Asset Management due to its superior asset information collection capabilities, including comprehensive hardware and software inventorying."
 

Cons

"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"As for what can be improved, definitely pricing. Customers look for pricing and ARCON is a little more expensive than Thycotic. So the pricing model could be improved."
"I would love to have all the products. Currently they have all the server operating systems and network operating systems but they should have all the other devices also included, like security devices. That's what I think is missing. They should also improve the license audit part. If I want to do a license audit from this tool, I'm not able to do it right now."
"The automation needs to be improved."
"The UI needs improvement as it can become overwhelming after prolonged use."
"In our reporting, we faced a challenge syncing with cloud devices."
"The UI and menu navigation has improved significantly, however, the menus could still be clunky, making navigation within the assets challenging."
"The Qualys CAPS service requires further exploration and improvement, particularly in its handling of protocols and reactivity with MAC and IP addresses for CAP agents."
"The product stability has notably declined over the last two months, and the performance to fulfill a page request is very slow compared to its previous performance."
"One downside of Qualys CyberSecurity Asset Management is that I would prefer to see a more interactive dashboard."
"As of now, the support, results, and low false positives do not necessitate changes."
"There can be further simplification to reduce the overall noise and provide ESAM-related data."
 

Pricing and Cost Advice

"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"TotalCloud's price is about right where I would expect it to be."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
Information not available
"The pricing is market-competitive."
"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."
"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."
"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."
"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."
"The pricing for Qualys CSAM is nominal."
"Qualys offers excellent value for money."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
No data available
Financial Services Firm
15%
Computer Software Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise2
Large Enterprise23
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What needs improvement with Qualys CyberSecurity Asset Management?
I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating ...
What is your primary use case for Qualys CyberSecurity Asset Management?
I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection...
 

Also Known As

Qualys TotalCloud with FlexScan
ARCON ARSIM, ARCON SCM
No data available
 

Overview

 

Sample Customers

Information Not Available
RAK Bank, AXIS Bank, Reliance Capital, Kotak Life Insurance, MTS
Information Not Available
Find out what your peers are saying about ARCON Secure Compliance Management vs. Qualys CyberSecurity Asset Management and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.