No more typing reviews! Try our Samantha, our new voice AI agent.

Fortra Tripwire IP360 vs JupiterOne comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Fortra Tripwire IP360
Ranking in Vulnerability Management
58th
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
JupiterOne
Ranking in Vulnerability Management
48th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
5
Ranking in other categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) (22nd), Cloud Security Posture Management (CSPM) (29th), Cyber Asset Attack Surface Management (CAASM) (5th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Fortra Tripwire IP360 is 0.7%, up from 0.4% compared to the previous year. The mindshare of JupiterOne is 0.5%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
JupiterOne0.5%
Fortra Tripwire IP3600.7%
Other97.7%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Corey Cole - PeerSpot reviewer
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Prakhar Birthare - PeerSpot reviewer
Machine Learning And Gen Ai Engineer at Jaypee University of Engineering and Technology
Automated cloud insights have transformed compliance monitoring and reduced audit preparation time
Regarding the advantages of JupiterOne, the automated asset discovery, graph-based visualizations, and compliance mapping against SOC 2 and ISO 27001 policy management with pre-built templates are standout features. The J1QL query language for custom security queries, alerting for misconfigurations, and integrations with AWS, GitHub, Okta, and CloudTrail are also valuable. The graph-based querying is underrated. Most people think of it as just an asset inventory tool, but the ability to query relationships between assets and understand what is connected to what in an automated compliance context is truly powerful once the team becomes comfortable with it. The impact is much better visibility into cloud security posture than I had before. My security team has spent less time manually hunting for information and more time actually acting on risk. The query capability helps me reduce back-and-forth between security and engineering. Instead of security asking the team manual questions about the environment, much of the context is now available directly in JupiterOne, allowing me to query it directly and get answers immediately. The monitoring part covers assets and metrics including asset coverage counts, compliance score percentage, policy violation counts, mean time to detect, mean time to respond, alert response rate, and integration count across connected tools. The policy violation count is the best metric I use to measure the impact of JupiterOne's centralized asset management repository on security initiatives.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"I found the initial setup user-friendly."
"We were able to realize its benefits within 24 to 48 hours."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"Tripwire IP360 is a very stable solution."
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"We could manage our entire IP range with the solution."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"The product’s UI is pretty decent and fast."
"The security team saved 80% of manual tracking time, reducing the weekly effort from 15 to 20 hours down to 3 to 4 hours."
"JupiterOne helps us aggregate all those things on one single platform, allowing us to quickly identify what environment that asset lives in and what type of asset it is."
"I have definitely seen a positive return on investment from JupiterOne in a few concrete ways."
"Using JupiterOne, I have observed an increase in transaction success rates to 99% without improper data, translating to 99% time saved."
 

Cons

"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"I am not very impressed by the technical support."
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"The reporting functions can use improvement."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"We need to dedicate time and resources to keep it running."
"We would like to have better reporting capabilities and for them to be more granular."
"The only improvements I would suggest for JupiterOne are addressing the J1QL learning curve with better tutorials."
"You can only write Python queries in Jupiter, not other languages, like, SQL or PySpark."
"Regarding performance and speed scenarios for JupiterOne, queries sometimes take too long, especially when dealing with large datasets or complex graph relationships that can slow down significantly."
"JupiterOne could improve regarding the cost, as enterprise deployment can be costly."
"However, the compliance module has not worked well, and we have had to continue tracking our compliance manually with the tools we use."
 

Pricing and Cost Advice

"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"The product was expensive for us."
"I believe the price compares well within the market."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
12%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Construction Company
17%
Financial Services Firm
15%
Comms Service Provider
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What needs improvement with JupiterOne?
Regarding performance and speed scenarios for JupiterOne, queries sometimes take too long, especially when dealing wi...
What is your primary use case for JupiterOne?
I have been using JupiterOne for four to five months. I explored JupiterOne during my cybersecurity studies, and it s...
What advice do you have for others considering JupiterOne?
I have several practical pieces of advice for anyone looking into JupiterOne. The first is to start with clear asset ...
 

Also Known As

Qualys TotalCloud with FlexScan
IP360
No data available
 

Overview

 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Information Not Available
Find out what your peers are saying about Fortra Tripwire IP360 vs. JupiterOne and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.