No more typing reviews! Try our Samantha, our new voice AI agent.

Fortra Tripwire IP360 vs Qualys CyberSecurity Asset Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Fortra Tripwire IP360
Ranking in Vulnerability Management
58th
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
6th
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
35
Ranking in other categories
Patch Management (4th), Cyber Asset Attack Surface Management (CAASM) (3rd), Attack Surface Management (ASM) (3rd), Software Supply Chain Security (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Fortra Tripwire IP360 is 0.7%, up from 0.4% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.4%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys CyberSecurity Asset Management1.4%
Qualys TotalCloud1.1%
Fortra Tripwire IP3600.7%
Other96.8%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Corey Cole - PeerSpot reviewer
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Nicki Møller - PeerSpot reviewer
Information Security Engineer at a manufacturing company with 5,001-10,000 employees
Enables automation and quick access to necessary information
One of the significant challenges Qualys is discovery, which I know Microsoft excels at. I can't recall how well Qualys performs this function; it seems I might be missing some details. However, if there's one key aspect to focus on, it's discovery—the ability to identify assets that you are not aware of, even when you can see they are present. Understanding what those assets are is crucial. With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system. The features within Qualys are limited to what they have developed. Sometimes a complete overview is needed to push to a Power BI dashboard, Splunk, ServiceNow, or other platforms. The export process is incredibly challenging. We needed a developer to write a hundred-line Python script that would loop over certain assets due to export limitations. Qualys CyberSecurity Asset Management could improve its integration capabilities. While it generates substantial data, correlating it with other data sources can be challenging. The export process is difficult, and pre-built integrations with other tools could be enhanced for better process implementation.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"I would definitely recommend Qualys TotalCloud to other customers."
"Qualys TotalCloud has improved our security posture."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"Tripwire IP360 is a very stable solution."
"We could manage our entire IP range with the solution."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"I really enjoy the flexibility of the interface setup configuration for my network VLANs, which makes it very easy to configure."
"The comprehensive view that Qualys CyberSecurity Asset Management gives us on our assets enables us to go to a single screen and get a good idea of our holistic asset count."
"We have had zero attacks since we enabled all the features in Qualys CSAM."
"The asset management part is very simple and essential, and Qualys CyberSecurity Asset Management was particularly effective because the information was available exactly where needed, enabling automation and quick access to necessary answers."
"I mainly appreciate Qualys CyberSecurity Asset Management for its patch management capabilities, which are essential in my job for deploying patches and remediating vulnerabilities."
"My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software."
"I recommend Qualys CyberSecurity Asset Management due to its superior asset information collection capabilities, including comprehensive hardware and software inventorying."
"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."
 

Cons

"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"There is room for improvement in the support."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"We need to dedicate time and resources to keep it running."
"We would like to have better reporting capabilities and for them to be more granular."
"I am not very impressed by the technical support."
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"The reporting functions can use improvement."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."
"Further research and development are needed to enhance integration with other cloud agents and products, particularly improving communication with external products and vendors."
"As of now, the support, results, and low false positives do not necessitate changes."
"Sometimes both updates and software types appear together on one list, making it hard to differentiate."
"The only minor issue is occasionally being redirected to multiple teams, causing slight delays."
"Integration of Qualys CyberSecurity Asset Management, particularly with ServiceNow, takes a very long time, and it needs prioritization of patch rules based on vulnerability risk."
"Qualys CSAM is not super responsive, and there can be delays sometimes, especially with the network passive sensor. You might see duplicate objects which eventually disappear but it takes time. If that can be done faster, it will be great."
"We have had challenges modifying the agent configuration. Particularly, when we want to change the tenant that the agent is pointing to, we have had difficulties making that reliable and working properly."
 

Pricing and Cost Advice

"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud is expensive."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"I believe the price compares well within the market."
"The product was expensive for us."
"The pricing is market-competitive."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
"The pricing for Qualys CSAM is nominal."
"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."
"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."
"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."
"Qualys offers excellent value for money."
"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
12%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Financial Services Firm
15%
Computer Software Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise2
Large Enterprise23
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What needs improvement with Qualys CyberSecurity Asset Management?
I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating ...
What is your primary use case for Qualys CyberSecurity Asset Management?
I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection...
 

Also Known As

Qualys TotalCloud with FlexScan
IP360
No data available
 

Overview

 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Information Not Available
Find out what your peers are saying about Fortra Tripwire IP360 vs. Qualys CyberSecurity Asset Management and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.