No more typing reviews! Try our Samantha, our new voice AI agent.

Chainguard Containers vs ReversingLabs comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Container Security
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Chainguard Containers
Ranking in Container Security
21st
Average Rating
8.4
Reviews Sentiment
3.7
Number of Reviews
5
Ranking in other categories
Container Image Security (1st)
ReversingLabs
Ranking in Container Security
52nd
Average Rating
9.2
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
Application Security Tools (40th), Anti-Malware Tools (42nd), Software Composition Analysis (SCA) (25th), Threat Intelligence Platforms (TIP) (28th), Software Supply Chain Security (18th)
 

Mindshare comparison

As of July 2026, in the Container Security category, the mindshare of Qualys TotalCloud is 1.5%, up from 0.9% compared to the previous year. The mindshare of Chainguard Containers is 1.1%, up from 0.6% compared to the previous year. The mindshare of ReversingLabs is 0.8%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.5%
Chainguard Containers1.1%
ReversingLabs0.8%
Other96.6%
Container Security
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
ParthasarathyT - PeerSpot reviewer
Senior Associate Infrastructure at Publicis Sapient
Secures container builds, has simplified compliance audits and reduced vulnerabilities dramatically
The benefit of Chainguard Containers is that it makes development simpler. It makes the development team confident there will not be any bugs or vulnerabilities in the image they are using. It is mainly needed for vulnerabilities, SLAs, security audits, and SOC 2, ISO, and PCI compliance. The image includes SBOM, signature, and provenance metadata, which makes audits much easier. The best features Chainguard Containers offers include a reduced image size. It removes the shell and the package manager, resulting in a significantly smaller image size compared with a normal image. We can deploy production workloads directly without worrying about security concerns. If we want a strong supply chain for security, we will be using it. Many users are already tired of scanning alerts, so this will be a great thing. Removing the shell and package manager has positively impacted my team's workflow and deployment speed by making it quite user-friendly, where the developer can touch it without any hesitation. Chainguard Containers are built and pushed from non-patched binaries, with the packages compiled directly from the source. No dependencies or pre-built distro packages like Debian or Alpine are required, so there are no hidden vulnerabilities. The developer gains full control over what goes inside, and the image size is smaller with fewer vulnerabilities, in fact, zero. It has built-in processes like SBOM, which is Software Bill of Material generated. The image is cryptographically signed, and provenance is tracked, leading to faster patching, minimal footprint, and best supply chain control. Chainguard Containers has positively impacted my organization by reducing constant CVE fixing, resolving security versus DevOps conflicts, and minimizing compliance headaches. After implementing secured-by-default containers, there is less effort on fixing vulnerabilities, faster delivery, and better compliance. The impact on security teams includes a lower risk of attack, less panic during audits, and significantly fewer security noises. A specific outcome we have noted since implementing Chainguard Containers is that for a client who uses more than 200 containers, they previously received vulnerability warnings for every deployment. Once we implemented Chainguard Containers, the vulnerability ratio drastically decreased, from 100 to 30. Nearly 70% of the vulnerability checks have passed. Chainguard Containers are CVE-resistant, which is significant as CVEs represent Common Vulnerabilities and Exposures.
TC
Forensic Lead, Global Security Fusion Center at a insurance company with 10,001+ employees
Very good malware and goodware repository and enables us to look more deeply at indicators of compromise
The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild. Also, the solution’s object and file analysis provide us with actionable insights. Its malware and goodware repository is very good. It's very robust. It gets all of the different repositories that are out there that do analysis and brings them under one roof where we can statically analyze for those indicators of compromise and look at them more deeply. If we need to go deeper into things, we can do that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"TruRisk Insights is the most important innovation they've released this year."
"Qualys TotalCloud has improved our security posture."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"The best part I like is the on-demand scans."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"Chainguard Containers has positively impacted my organization even during the proof of concept phase by improving our security posture."
"Chainguard Containers reduced our container CVEs by approximately 70% to 80%, reduced the time spent reviewing security scan findings by 40% to 50%, and has accelerated our vulnerability remediation cycles because the volume of vulnerabilities is significantly lower."
"Chainguard Containers reduced our container CVEs by approximately 70% to 80%, reduced the time spent reviewing security scan findings by 40% to 50%, and has accelerated our vulnerability remediation cycles because the volume of vulnerabilities is significantly lower."
"The best feature of Chainguard Containers is being distroless, and the main thing I liked about it is that they follow the SBOM process and the continuous rebuilds they were doing, and they were helping me to rapidly remediate the failures which were happening."
"Chainguard Containers has positively impacted my organization by reducing constant CVE fixing, resolving security versus DevOps conflicts, and minimizing compliance headaches."
"Specific outcomes and metrics show that before this, every month there would be 15 to 20 vulnerabilities, but after switching to Chainguard Containers, there are now only one or maybe two vulnerabilities."
"ReversingLabs has a large sample size."
"It offers reports on a great many more file types than the other analysis solutions we have. It can give us a more in-depth analysis and better reporting on a larger number of file types. It also gives us a more comprehensive score on a number of things as well, and that's why we're using it as a front-end filter. It gives us more information... It's valuable because of its depth of information, as well as the breadth it gives us. There aren't a lot of tools that cover all of the different file types."
"As far as static analysis information is concerned, we use most of the information that is available in order to determine whether or not we might be dealing with a malware variant. This includes information that is related to Java rules. This is also related to malware families indicated or specific malicious software variants that are labeled by name."
"As far as the malware repository is concerned, it's extensive. It's a good source for finding samples, where we are unable to find them on other channels or by leveraging other sources."
"The automated static analysis of malware is the most valuable feature. Its detection abilities are very good. It hits all of the different platforms out there, platforms that see the items in the wild."
"As far as the availability of the content is generally concerned and the number of malicious programs that can be looked up in the repository, these are very extensive."
"We have complete faith that it can do that for us, and can do it at scale."
"We had nothing in the environment to do such analysis, so it's been a savior in many ways."
 

Cons

"Their customer support needs improvement."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"The biggest challenge in Chainguard Containers is that they provide minimal images, which can make troubleshooting difficult because common debugging tools are also not included."
"The only limitation or challenge that stood out during my evaluation of Chainguard Containers was the fact that it is primarily based on Alpine, which can be tricky to use in native Kubernetes environments, as we use Tecton primarily, which is a CI/CD pipeline that runs on native Kubernetes."
"The accuracy and reliability of the output from Chainguard Containers are below average, but I still give it an average rating of 6.5 to 7 because of its capabilities and its functionality for a developer-friendly approach."
"Sometimes there are backend errors which we come across again and again, and there is a resolution, but there are pending tickets for it. That sucks sometimes."
"The solution needs to improve integrations."
"I would like to see if we could do a little bit more of bulk uploading of hash sets. Right now, I can only do them individually."
"While the company is very helpful, it would be very much appreciated to have extensive proof of concept scripts for the different APIs available, though not for all the APIs that we have purchased. Respective scripts are available, but those scripts which are available are typically not of very high quality."
"The product support could be better at times. Sometimes, the resources that they provide could be of higher quality."
"We would really like further integration with our threat intelligence platform, which is called ThreatConnect. We would also really like further integrations with an endpoint protection product we use called Tanium. The reason I mentioned both of these is that ReversingLabs claims to have extensive integrations with both of them, but they did not work for us."
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud is expensive."
Information not available
"We have a yearly contract based on the number of queries and malicious programs which can be processed."
"Currently, the license number of lookups that we purchased has not been reached yet, because the integration has only recently been completed. However, our usage is expected and planned to increase over the next couple of months."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Manufacturing Company
16%
Financial Services Firm
8%
Computer Software Company
7%
Healthcare Company
7%
Construction Company
16%
Financial Services Firm
12%
Computer Software Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Chainguard Containers?
My experience with pricing, setup cost, and licensing is that while I work on implementation and do not manage billin...
What needs improvement with Chainguard Containers?
The only limitation or challenge that stood out during my evaluation of Chainguard Containers was the fact that it is...
What is your primary use case for Chainguard Containers?
Chainguard Containers was a tool brought into my enterprise as a proof of concept that we evaluated, but we have not ...
Ask a question
Earn 20 points
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
ReversingLabs Titanium, ReversingLabs secure.software
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Financial services, healthcare, government, manufacturing, oil & gas, telecommunications, information technology
Find out what your peers are saying about Chainguard Containers vs. ReversingLabs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.