No more typing reviews! Try our Samantha, our new voice AI agent.

CloudPassage vs Tenable Cloud Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
7th
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
CloudPassage
Ranking in Cloud Workload Protection Platforms (CWPP)
27th
Ranking in Cloud Security Posture Management (CSPM)
41st
Average Rating
8.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Tenable Cloud Security
Ranking in Cloud Workload Protection Platforms (CWPP)
20th
Ranking in Cloud Security Posture Management (CSPM)
24th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
12
Ranking in other categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) (16th), Container Security (31st), Cloud-Native Application Protection Platforms (CNAPP) (18th), Cloud Infrastructure Entitlement Management (CIEM) (3rd)
 

Mindshare comparison

As of July 2026, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of Qualys TotalCloud is 1.6%, up from 1.3% compared to the previous year. The mindshare of CloudPassage is 1.2%, up from 0.1% compared to the previous year. The mindshare of Tenable Cloud Security is 2.5%, up from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.6%
Tenable Cloud Security2.5%
CloudPassage1.2%
Other94.7%
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
it_user854058 - PeerSpot reviewer
Lead Information Security Engineer
It helped us be more aware of what our security posture is, but not all of the features work in my environment
I would say CloudPassage is very useful for certain things. If you just want a few modules then focus on what you need and negotiate the price based on the individual module, rather than looking at the whole thing, because I didn't find all the modules very useful. Also, use Splunk in combination with it if you want reporting. I would give CloudPassage at least a seven out of 10. I rate it on the high-end because of the customer support - I've never seen any support that is comparable to that, it's very good, excellent. The support staff actually care, they actually follow up; it's very nice. And CloudPassage really listens to its customers. The product itself is very nice if you're only looking to check off your compliance requirements, but if you're looking for more of dashboarding and things like that, CloudPassage is improving but it's not quite there.
CD
Information Security Architect at WSP
Has significantly improved proactive monitoring through automated asset discovery and seamless integration with cloud environments
Making the system smarter would be beneficial. Adding modules for integration with AWS and Azure would be helpful. Adding capabilities for the scanner to automatically pick up changes and add assets automatically would be valuable. When discussing a big company, it is mandatory to have tools that will assist us rather than waiting for manual input to add hosts. Adding assets manually is prone to mistakes. Humans might forget to add an asset or make errors when adding multiple assets. Taking the human element out of the context and making it more streamlined is the future for security. The human should be involved where expertise is needed, such as analysis and decision-making. Currently, with resource constraints, we need tools to collect and aggregate data, eliminate false positives as much as possible, and present relevant information to employees for action.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is extensibility."
"The scalability is good as well. I would rate it ten out of ten."
"I highly recommend Qualys TotalCloud to other users."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"The most valuable feature is the consolidated information that it provides from various platforms."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"Key features are the Software Vulnerability Assessment and the CSM, which is the configuration check."
"Our scores let us know when to trigger workflow to go out in a patch, it has reduced the amount of time we had to take to manually verify software and check our updates, and it helped us be more aware of what our security posture is."
"Policies are very easy to manage on a day-to-day basis."
"CloudPassage allowed us to implement changes that affected hundred of servers within our environments in seconds."
"Ermetic can provide super visibility for our cloud environment (we are using AWS), the dashboard is simple to use, the findings provide all of the information you require, it provides detection and remediation, and creating a Jira ticket from a finding is just one click away."
"The key benefit lies in having the largest and most up-to-date database. When it comes to using any Tenable product, it excels in finding vulnerabilities and providing analytics."
"The analytical and reporting capabilities are pretty straightforward and show every transaction and major attempt to attack the application in the cloud."
"The product's deployment phase is easy."
"The solution’s vulnerability management feature has helped us identify and mitigate risks well."
"Ermetic can provide super visibility for our cloud environment (we are using AWS)."
"The tool alerts us on depreciating performance or deficiencies of our web application. It helps us react on time."
"Scanning and reporting are the most valuable features of Tenable Cloud Security"
 

Cons

"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"The support process is inefficient due to the excessive number of replies required when submitting tickets."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"Although TotalCloud is a helpful tool, some of its advanced features are still under development."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"In the CSM module the policies are really hard to work with it. It is not very flexible at all. I would suggest that they change that. Right now, the scan is based on the group that the server is in. What happens if the server is in multiple groups?"
"The reports and graphs are unintuitive."
"Of all the advertised functions, I only find two things that really work in my environment, even though I wanted to use all of them. They're not flexible enough to be used."
"Anything outside of the software vulnerability management and the CSM, things like the GhostPort, need some improvement. The dashboard is in beta. It looks really good, I wish it would come out of beta."
"We still maintain Tenable Cloud Security but have reduced the number of licenses. We now use it occasionally to validate specific items rather than monitoring the entire surface, for which we use Element."
"The product must provide more features."
"If Tenable Cloud Security offers a complete Cnapp solution with CWP, CIEM, and Waap security, it will be able to compete with other competitors."
"I didn't find anything that wasn't useful or needed to be added."
"There is a need for the support team to improve their response time since it is one of the areas where the product's technical team has certain shortcomings."
"In my experience, Tenable Cloud Security is not very stable."
"I do think there might be room for more integrations. This could allow for further customization and flexibility, essentially offering different functionality options to accommodate various budgets."
"Ermetic needs to improve its security scanning. I would like to see more dynamic graphical forms."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"TotalCloud's price is about right where I would expect it to be."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"CloudPassage is a little bit on the expensive side. So my suggestion is that the company lower its price point a wee bit or sell modules, separate them in modules, because I only find two things that are useful to me, yet I pay for four or five modules. It didn't seem like it was a fair deal."
"We also evaluated VMware NSX, but the pricing and features available in a CloudPassage implementation were decisive in deciding to go with CP."
"The tool's price is good compared to other brands. The tool's subscription is for a year."
"There is a need to opt for a subscription-based pricing model to use Tenable Cloud Security. I rate the product price an eight on a scale of one to ten, where one is low price and ten is high price."
"The tool's pricing is fair."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Comms Service Provider
14%
Manufacturing Company
14%
Financial Services Firm
10%
Construction Company
8%
Government
11%
Financial Services Firm
10%
Manufacturing Company
9%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise2
Large Enterprise5
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What needs improvement with Tenable Cloud Security?
Making the system smarter would be beneficial. Adding modules for integration with AWS and Azure would be helpful. Ad...
What is your primary use case for Tenable Cloud Security?
We had other solutions that we used. One solution was that we did not have something exactly similar to what Element ...
What is your experience regarding pricing and costs for Ermetic CSPM?
I wasn't involved with the pricing, setup cost and licensing for Tenable Cloud Security.
 

Also Known As

Qualys TotalCloud with FlexScan
CloudPassage Halo
Ermetic, Ermetic Identity Governance for AWS
 

Overview

 

Sample Customers

Information Not Available
Citrix
Tyler Technologies, Bilfinger, BarkBox, MongoDB, airSlate, Adama, Latch, Cloudinary, Riskified, AppsFlyer, IntelyCare, Aidoc, 42Dot, and more.
Find out what your peers are saying about CloudPassage vs. Tenable Cloud Security and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.