No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Wiz Code comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
CompassOne by Blackpoint Cyber
Ranking in Vulnerability Management
47th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (37th), Endpoint Detection and Response (EDR) (39th), Application Control (10th), Managed Detection and Response (MDR) (11th), Identity Threat Detection and Response (ITDR) (14th)
Wiz Code
Ranking in Vulnerability Management
17th
Average Rating
8.4
Reviews Sentiment
5.1
Number of Reviews
14
Ranking in other categories
Risk-Based Vulnerability Management (8th), Cloud Security Remediation (1st), Application Security Posture Management (ASPM) (4th), Continuous Threat Exposure Management (CTEM) (3rd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of CompassOne by Blackpoint Cyber is 0.4%, up from 0.0% compared to the previous year. The mindshare of Wiz Code is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Wiz Code1.1%
CompassOne by Blackpoint Cyber0.4%
Other97.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Gary Herbstman - PeerSpot reviewer
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
Aditya Sarkar - PeerSpot reviewer
Assistant VP at NatWest Group
Unified dashboards have streamlined code‑to‑cloud risk tracking and reduced manual reviews
The best features of Wiz Code that I appreciate the most include their entire dashboarding and the seamless integration with different DevOps tooling like GitHub or Azure DevOps. It seamlessly integrates, allowing you to run scanners directly onto the machines without consuming too many resources, and the recategorization of vulnerabilities is absolutely wonderful, giving you a complete attack path, which is something I love about Wiz Code because it details the entire lateral movement of the issue, whether it is a complete shift-left or shift-right, serving as the differentiators compared to other tools in the market. When I talk about ROI with Wiz Code, it almost cuts you down to 20% to 25% of the daily effort needed in terms of FTE. If you are working with around 100 developers or engineers, you might come down to 60 to 70 engineers, with the rest completely automated by removing false positives, showcasing where the USP comes in.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"I found the initial setup user-friendly."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices."
"We were able to realize its benefits within 24 to 48 hours."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"On a scale from one to ten, I would rate the overall solution as a ten."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"The solution is all encompassing and can incorporate email monitoring."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"The best features with Wiz Code give you a reasonable picture when it comes to vulnerabilities, which means you see the usual severity levels, you also get to see references on how to remediate vulnerabilities, and the fact that it has a visual dashboard helps all stakeholders, especially folks who need to remediate, to get that picture correctly and then take action."
"Wiz Code offers minimum false positive vulnerabilities, which is the best feature and meets expectations for the tool."
"Overall, Wiz Code is a very good tool to use in any organization, whether mid-level or high-level, and it is very useful and user-friendly for employees."
"Wiz Code has positively impacted our organization as it helped us to maintain a healthy application security side of the company and to remediate our vulnerabilities."
"The best features of Wiz Code that I appreciate the most include their entire dashboarding and the seamless integration with different DevOps tooling like GitHub or Azure DevOps, allowing you to run scanners directly onto the machines without consuming too many resources, and the recategorization of vulnerabilities is absolutely wonderful, giving you a complete attack path, which is something I love about Wiz Code because it details the entire lateral movement of the issue, whether it is a complete shift-left or shift-right, serving as the differentiators compared to other tools in the market."
"Approximately 30 to 40% of vulnerabilities are being remediated quicker and easily because Wiz Code has an auto-fixing PR feature available for IAC code, which helps us fix issues quickly."
"Wiz Code has positively impacted my organization because it is better on a daily basis; we receive new cases, and it is easy to analyze and take care of them."
"Wiz Code has positively impacted my organization through the unified platform that gives the ability to shift left in security and detect issues before they go into production."
 

Cons

"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"Some texts seem to report items as normal too quickly."
"The feature we keep asking for is a vulnerability scan."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"The interface could be more intuitive."
"Wiz Code could be improved by showing us the dependencies that are affecting us; if we are upgrading one dependency, it would be helpful to know if down the road that's going to cause any problems with other dependencies."
"Wiz Code could be better in secret scanning where no push protections are enabled at the GitHub or GitLab level to prevent pushing secrets on GitHub itself."
"Timely responses from customer support for Wiz Code are not being received. Service requests are raised, but proper responses are not provided."
"Wiz Code has many features, and I think they could continue to enhance customization according to our requirements."
"I have a big improvement in mind for Wiz Code, not a small improvement."
"I rate the accuracy and reliability as good, but not yet at a level where I trust it without validation."
"Metadata ingestion and probably the integration of Wiz Code platform is something which is missing."
"One noticeable aspect is that we are receiving some false positives, but this is better compared to the previous tool I used."
 

Pricing and Cost Advice

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"TotalCloud's price is about right where I would expect it to be."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"The pricing is reasonable."
"The pricing is in line with other products."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Computer Software Company
10%
Financial Services Firm
9%
Outsourcing Company
7%
Healthcare Company
7%
Manufacturing Company
14%
Financial Services Firm
9%
Construction Company
8%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise14
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
What is your experience regarding pricing and costs for Wiz Code?
The topic of their pricing is confidential, which I'm not authorized to share. However, it is a bit expensive, but th...
What needs improvement with Wiz Code?
Every tool has some sort of improvement required. No tool can be said to be one hundred percent secure, so there's al...
What is your primary use case for Wiz Code?
Wiz Code is designed for scanning code repositories for vulnerabilities, whether through static scans, dynamic securi...
 

Also Known As

Qualys TotalCloud with FlexScan
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
Dazz.io
 

Overview

 

Sample Customers

Information Not Available
CoreRecon, Peerless Tech Solutions, Lorien Health
Information Not Available
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Wiz Code and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.