No more typing reviews! Try our Samantha, our new voice AI agent.

AttackIQ vs SentinelOne Singularity Identity comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 22, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
AttackIQ
Ranking in Vulnerability Management
31st
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
7
Ranking in other categories
Breach and Attack Simulation (BAS) (4th), Attack Surface Management (ASM) (11th), Continuous Threat Exposure Management (CTEM) (4th)
SentinelOne Singularity Ide...
Ranking in Vulnerability Management
24th
Average Rating
9.0
Reviews Sentiment
7.3
Number of Reviews
22
Ranking in other categories
Advanced Threat Protection (ATP) (16th), Threat Deception Platforms (1st), Identity Threat Detection and Response (ITDR) (5th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of AttackIQ is 0.7%, up from 0.2% compared to the previous year. The mindshare of SentinelOne Singularity Identity is 0.9%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
SentinelOne Singularity Identity0.9%
AttackIQ0.7%
Other97.3%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Akash Das Barman - PeerSpot reviewer
Cyber Security Trainee at DataSpace Academy
Continuous validation has improved MITRE-based detection coverage across hybrid environments
Overall, AttackIQ is a strong platform, but there are a few areas where it could improve. One area is the learning curve for new users. Since the platform is deeply tied to MITRE ATT&CK mapping and security validation workflows, beginners may need more guided onboarding and simplified explanations for certain modules. Another improvement could be more customizable dashboards and reporting views for different stakeholders, especially for executive-level summaries versus technical SOC analysis. I also think integrations and automation workflows could be expanded further for multi-vendor environments, making it easier to correlate results across different security tools. From an operational perspective, more built-in recommendations for remediation or detection tuning after simulation would also be valuable, especially for teams that are still maturing their security operations.One additional area for improvement in AttackIQ could be deeper real-time guidance during simulations, especially for less experienced analysts. For example, after identifying a detection gap, the platform could provide more prescriptive recommendations on how to improve SIEM correlation rules or EDR configuration. That would help teams move faster from validation to remediation. I also think improving visualization of attack paths and attack chain relationships would make investigations easier during purple team exercises. Another potential improvement is making some workflows lighter and easier for smaller organizations that may not have a large dedicated SOC team, because BAS platforms can sometimes feel enterprise-focused.
Roftiel Constantine - PeerSpot reviewer
Global Chief Information Security Officer at Barry-Wehmiller
Provides proactive threat remediation, reduces alert volume, and enhances incident response capabilities
During our pre-purchase evaluation of SentinelOne's EDR capabilities three years ago, we were consistently impressed by the positive relationships customers reported having with SentinelOne's engineers, sales teams, and customer success managers. These strong relationships, evident in the customers' unsolicited feedback, highlighted the "soft skills" and intangible qualities that SentinelOne possessed. This positive customer experience has been mirrored in our own interactions with them. Their responsiveness to our needs, particularly when addressing a couple of challenges we faced, has been excellent. They proactively scheduled weekly meetings to demonstrate their commitment to resolving our issues, a customer-centric approach I admire. SentinelOne's dedication to customer service, including their rapid technology updates and responsiveness to our suggestions, has been crucial to our success in protecting our organization. Their ability to quickly incorporate our needs into new releases is truly impressive and sets them apart. Overall, I highly recommend SentinelOne based on our positive interactions across all levels of their organization.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has improved our security posture."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs."
"The best part I like is the on-demand scans."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"AttackIQ is solving a lot of the problems that I had before or that we as an organization had before, even the security team, so it is solving all my issues."
"Running in our SOC, it moves the conversation from assumptions and dashboards to measurable proof, which is exactly what makes AttackIQ valuable in day-to-day security operations."
"AttackIQ has had a positive impact on the organization, especially in the areas of continuous security validation, detection improvement, and overall defensive readiness, with highlights including improved visibility into detection gaps, stronger security controls validation, better SOC readiness, and faster detection engineering improvements, which are improvement areas we have implemented in our project using AttackIQ."
"Overall, I've had a good experience with the product. It's worked well for me."
"After using AttackIQ, it has helped the team and the company improve on false positives and reduce risk, as most people are now capable of identifying how to work on detection, improving fine-tuning and all those things."
"The threat detection capability is the most valuable feature."
"Behind the scenes, SentinelOne has real people who evaluate problems and mark them as false positives. That's what I find most helpful."
"The incident and threat logs are great."
"I like the detection and protection features. We don't need to do anything, and it will alert us when the mitigation is not successful. We only need to target those endpoints. Otherwise, we don't have to do anything about that."
"Having high visibility into all of our network concerns and a customizable UI are the most valuable features."
"Incident response is one of the key areas where the solution has been very useful. Whenever there is an incident, instead of being reactive, the government is now able to quickly gain the data that it needs to see what its end agency is also seeing and partner with them in real-time to look at the same data and to collaborate where needed, empowering the agency to be able to do their job."
"SentinelOne enhances our customers' risk management."
"The XDR capabilities are very good."
 

Cons

"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"The price is very expensive, actually."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"One area for improvement is the initial configuration complexity, which is very complex in the initial stage to configure the whole thing and integrate with the SOC, presenting a learning curve for organizations that are new to adversary emulation or continuous security validation, particularly concerning the initial setup scenario customization and workflow tuning."
"The main reasons I would not give it a full perfect score are the learning curve for new users and some opportunities for improvement in reporting, customization, and remediation guidance."
"The initial setup was difficult. It was not straightforward."
"There is a learning curve at the beginning, especially for teams that are quite new to a BAS or continuous validation solution."
"The customer support for AttackIQ is good but can be better."
"The initial setup was quite difficult and took a long time."
"A lot of those features came from an acquisition of a different company."
"The policies could be more precise, and Singularity should use more templates like alternative solutions have. Endpoint management is poor. We cannot manage individual endpoints and must rely on policies, exclusions, or block lists to apply settings to a group instead of the individual agent. If I have to make settings for one computer, I need to create a group, apply the configuration, and move the agent there. It's challenging to manage endpoints that way."
"Our company has different locations, such as Sunbury, Oklahoma, and Alabama. I have my devices by location, and I have not found a way to choose all the endpoints and then push the update automatically. I have been doing it one by one."
"There is a clear roadmap for improvements, including enhancing capabilities with AI and seamless functionality in an MSP model for deeper visibility across multiple agencies. Further development is anticipated to continue enhancing the solution."
"We haven't received the expected support whenever we've had questions."
"The root cause of automation could be better."
"The UI can be more user-friendly."
"Our engineers are dealing with issues to add exclusions to the antivirus for custom applications."
 

Pricing and Cost Advice

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud is expensive."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
Information not available
"SentinelOne seemed to offer more while being priced lower than its competitors."
"Ideally, I would like SentinelOne to lower their prices a little bit."
"The price is affordable."
"Their pricing has been fair, especially in the current market, and they haven't excessively increased prices at renewal times like many vendors do."
"Compared to competitors, it's well-priced for the quality offered, and I don't see anyone surpassing them in that regard."
"There is a need to make yearly payments towards the licensing charges associated with the product...I think the prices associated with the product are okay and it is not too expensive."
"The cost of SentinelOne Singularity Identity is better than CrowdStrike."
"As a SentinelOne partner, we offer competitive pricing on comprehensive packages that include the SentinelOne license, our management services, and a proof-of-concept to ensure the technology meets your needs."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
16%
Manufacturing Company
12%
Government
8%
Construction Company
7%
Manufacturing Company
11%
Computer Software Company
8%
Construction Company
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise5
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise5
Large Enterprise13
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with AttackIQ?
Overall, AttackIQ is a strong platform, but there are a few areas where it could improve. One area is the learning cu...
What is your primary use case for AttackIQ?
My main use case for AttackIQ has been validating security controls and testing detection coverage against MITRE ATT&...
What advice do you have for others considering AttackIQ?
AttackIQ is very strong in continuous security validation, MITRE ATT&CK alignment, and realistic attack simulatio...
What is your experience regarding pricing and costs for SentinelOne Singularity Identity?
I have no visibility into pricing, setup costs, or licensing as the government handles these aspects directly with Se...
What needs improvement with SentinelOne Singularity Identity?
Regarding improvements, I believe that API integration in third-party applications could be better. The Singularity t...
What is your primary use case for SentinelOne Singularity Identity?
One of the main use cases I describe is that we face lateral movement in our customer's server side. The customer is ...
 

Also Known As

Qualys TotalCloud with FlexScan
DeepSurface
No data available
 

Overview

Find out what your peers are saying about AttackIQ vs. SentinelOne Singularity Identity and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.