No more typing reviews! Try our Samantha, our new voice AI agent.

Fortra Tripwire IP360 vs Microsoft Defender Vulnerability Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Fortra Tripwire IP360
Ranking in Vulnerability Management
58th
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Microsoft Defender Vulnerab...
Ranking in Vulnerability Management
13th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
18
Ranking in other categories
Advanced Threat Protection (ATP) (20th), Microsoft Security Suite (17th), Risk-Based Vulnerability Management (6th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Fortra Tripwire IP360 is 0.7%, up from 0.4% compared to the previous year. The mindshare of Microsoft Defender Vulnerability Management is 1.6%, down from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Microsoft Defender Vulnerability Management1.6%
Fortra Tripwire IP3600.7%
Other96.6%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Corey Cole - PeerSpot reviewer
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
reviewer2770602 - PeerSpot reviewer
Cloud Security Engineer at a computer software company with 51-200 employees
Has helped with regional threat monitoring but needs better documentation and real-time capabilities
The documentation from Microsoft needs significant improvement. The documents are disorganized, with one document linking to another, making the steps unclear and difficult to follow. Regarding updates, it is not truly real-time as it takes between eight to twelve hours for updates to occur. It would be beneficial if updates could happen more quickly, perhaps within 10 minutes to half an hour. Support for integration and documentation needs to be more straightforward. The pricing is expensive, even though it is part of the E5 package.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"Qualys TotalCloud is an excellent platform, and the beauty of the platform is that we can get all the vulnerabilities, see all the reports in a single dashboard, view them segregated, and easily learn about critical, high, and medium findings with appropriately provided remediation steps."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"I would definitely recommend it because it is easy to handle any cloud resources."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"Tripwire IP360 is a very stable solution."
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"We could manage our entire IP range with the solution."
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"The product's stability is very high...The scalability of the product is amazing."
"The product’s most valuable features are compliance, recommendations, and inventories."
"The main advantage of Microsoft Defender Vulnerability Management is that it can locate and prevent most threats even when the endpoints are not connected to the corporate network, as long as the internet is available."
"The integration with SIEM is the best, specifically the native integration with Microsoft SIEM."
"The most valuable aspect is the kind of assessment results I get, and the recommendations provided in Microsoft products really help in taking care of the resources."
"The recommendations, scores, and steps to remediate actions are highly useful."
"Microsoft Defender Vulnerability Management is a good product, and I believe it deserves a positive recommendation."
"The solution helps identify threats and vulnerabilities."
 

Cons

"The support is not up to the mark and seems to be overburdened."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"Their customer support needs improvement."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"Although TotalCloud is a helpful tool, some of its advanced features are still under development."
"The price is very expensive, actually."
"We need to dedicate time and resources to keep it running."
"I am not very impressed by the technical support."
"The reporting functions can use improvement."
"We would like to have better reporting capabilities and for them to be more granular."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"Configuration of Microsoft Defender Vulnerability Management is something that needs improvement."
"There should be risk scoring added to Microsoft Defender Vulnerability Management; specifically, they call it quantification of the risk."
"The general support could be improved."
"It is expensive."
"It is challenging to extract and customize reports from the system."
"The worst aspect is the refresh rate of the dashboard. A vulnerability I patch within 15 minutes takes 24 additional hours for an update."
"The product is not stable; it is very resource-intensive, consuming a lot of memory and CPU, which makes it slow."
"Regarding Microsoft's technical support, I would rate it a three out of ten; they could be more responsive and knowledgeable."
 

Pricing and Cost Advice

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"I believe the price compares well within the market."
"The product was expensive for us."
"The licensing model follows a per-user per-month structure."
"The tool is a bit costly."
"The licensing costs are reasonable."
"The product’s pricing is medium."
"I rate the product's price a three on a scale of one to ten, where one is a low price, and ten is a high price."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
12%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What needs improvement with Microsoft Defender Vulnerability Management?
Configuration of Microsoft Defender Vulnerability Management is something that needs improvement. In future updates o...
What is your primary use case for Microsoft Defender Vulnerability Management?
I can control the applications using Microsoft Defender Vulnerability Management, which are its best features for me ...
 

Also Known As

Qualys TotalCloud with FlexScan
IP360
No data available
 

Overview

 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Information Not Available
Find out what your peers are saying about Fortra Tripwire IP360 vs. Microsoft Defender Vulnerability Management and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.