No more typing reviews! Try our Samantha, our new voice AI agent.

AWS GuardDuty vs Morphisec comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
7th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
25
Ranking in other categories
No ranking in other categories
Morphisec
Ranking in Cloud Workload Protection Platforms (CWPP)
35th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (57th), Endpoint Protection Platform (EPP) (48th), Advanced Threat Protection (ATP) (30th), Endpoint Detection and Response (EDR) (61st), Threat Deception Platforms (15th)
 

Mindshare comparison

As of July 2026, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of Qualys TotalCloud is 1.6%, up from 1.3% compared to the previous year. The mindshare of AWS GuardDuty is 10.0%, down from 11.6% compared to the previous year. The mindshare of Morphisec is 0.8%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
ProductMindshare (%)
AWS GuardDuty10.0%
Qualys TotalCloud1.6%
Morphisec0.8%
Other87.6%
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SK
Senior IT Auditor at Ernst & Young
Has provided automated threat detection and daily malicious activity insights while supporting seamless orchestration with existing dashboards
I would assess the integration of AWS GuardDuty with Threat Intelligence as majorly positive; no threat intelligence is 100% accurate, and there are a few false positives, but as a security engineer, this must be accepted, and overall, the response and service is good for us. We do not directly use AWS GuardDuty dashboard by itself, as we have our own integrated security dashboard; AWS GuardDuty gives the feed to that dashboard, and it's giving us a satisfactory view of how the security landscape looks. We use metrics such as zero-day threats, any malicious traffic, and any traffic which originates from OFAC countries to measure its effectiveness, as we are majorly into a financial institution, as any traffic that is from a malicious IP or a rogue device. I don't see any significant negative points regarding AWS GuardDuty; it's a good product to have if you're a cloud consumer. I rate AWS GuardDuty nine out of ten overall.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"Qualys TotalCloud is an excellent platform, and the beauty of the platform is that we can get all the vulnerabilities, see all the reports in a single dashboard, view them segregated, and easily learn about critical, high, and medium findings with appropriately provided remediation steps."
"The best part I like is the on-demand scans."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"It is a highly scalable solution since it is a service by AWS. Scalability-wise, I rate the solution a ten out of ten."
"Overall, GuardDuty is a very easy-to-use tool, and I would recommend it even to those who are not tech-savvy."
"The most valuable features are the single system for data collection and the alert mechanisms."
"It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior."
"We have over 1,000 employees, and we monitor their activity through AWS GuardDuty."
"AWS GuardDuty integrates seamlessly with third-party tools in our existing ecosystem, and we did not experience any challenges with integration."
"The correlation back end is the solution's most valuable feature."
"GuardDuty is extensive in terms of configuration and security compliance."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"Morphisec is a straightforward solution that is efficient and very stable."
"In a month, we are saving the effort of four to five days, and earlier we used to have a dedicated person and now we don't need a dedicated resource, which has reduced our security spending and we are saving approximately $600 a month."
"We haven't had any cybersecurity incidents on machines running Morphisec."
"Since we started using Morphisec, that hasn't happened even once."
"It's simple, it's easy, and it works."
"Morphisec gives me even more than Microsoft can give me, even if I were to pay."
"The product has absolutely worked flawlessly; we have had basically no issues, either with the product or with any type of virus or zero-day attacks, ransomware, nothing, as it has caught everything."
 

Cons

"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"Their customer support needs improvement."
"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"The cost of Qualys TotalCloud is high and could be more competitive."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"I work in a bank, and it would be good if AWS GuardDuty could be integrated with other monitoring and detection tools we use."
"AWS GuardDuty needs to be more customer-oriented."
"Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"For the next release, they could provide IPS features as well."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"One improvement I would suggest for AWS GuardDuty is the ability to assign findings to specific users or groups, facilitating better communication and follow-up actions."
"Comparing AWS GuardDuty to similar products from Microsoft, Microsoft has a product called Sentinel, which is a completely integrated solution that basically does everything from vulnerability management to managing log analytics. This is something which AWS GuardDuty doesn't have since it's a separate service."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."
"Right now, it's just their auto-update feature. I know they are currently working on that."
"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."
"It would be useful for them if they had some kind of network discovery."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
"We sometimes have to depend on the support team to know what action we should take."
"The weakest point of this product is how difficult it is to understand the reasons for an alert. This is a problem because it is hard to determine whether an attack is real or not."
 

Pricing and Cost Advice

"The cost is high, but it meets our organizational needs."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud is expensive."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"The tool's licensing model is pay-as-you-go."
"The pricing model is pay as you go and is based on the number of events per month."
"The tool has no subscription charges."
"Pricing is determined by the number of events sent."
"We use a pay-as-you-use license, which is competitively priced in the market."
"The price of the solution is exactly right."
"I prefer to have something on demand for myself. That's why I haven't been paying for GuardDuty specifically. AWS provides a wide range of offerings, especially in the security area."
"I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"The pricing is definitely fair for what it does."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
12%
Computer Software Company
10%
Manufacturing Company
9%
Comms Service Provider
7%
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise3
Large Enterprise16
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Amazon GuardDuty?
AWS GuardDuty is an expensive feature, and while you can't expect the price to be low, it can be lower because it's p...
What needs improvement with Amazon GuardDuty?
AWS GuardDuty is a good product; it's doing its job right now, and I don't see any additional improvements needed. Co...
What is your primary use case for Amazon GuardDuty?
We generally use AWS GuardDuty for detection of zero-day vulnerabilities and automatic threat responses; it serves as...
Ask a question
Earn 20 points
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Morphisec, Morphisec Moving Target Defense
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Find out what your peers are saying about AWS GuardDuty vs. Morphisec and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.