No more typing reviews! Try our Samantha, our new voice AI agent.

Fortra Tripwire IP360 vs Tenable Nessus comparison

Fortra and Tenable are both solutions in the Vulnerability Management category. Fortra is ranked #59, while Tenable is ranked #2 with an average rating of 8.5. Fortra holds a 0.7% mindshare in VM, compared to Tenable’s 3.8% mindshare. Additionally, 60% of Fortra users are willing to recommend the solution, compared to 98% of Tenable users who would recommend it.
Sponsored
Qualys TotalCloud
Read 39 Qualys TotalCloud reviews
  • 5,336 Views
  • 3,148 Comparison Views
100% willing to recommend
Fortra Tripwire IP360
Read 6 Fortra Tripwire IP360 reviews
  • 1,701 Views
  • 1,344 Comparison Views
60% willing to recommend
Tenable Nessus
Read 88 Tenable Nessus reviews
  • 12,256 Views
  • 11,398 Comparison Views
98% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Fortra Tripwire IP360 and Tenable Nessus are both products in the vulnerability management category. Nessus is seen as superior due to its extensive features and adaptability, making it a preferred choice despite Tripwire IP360's strong enterprise-level offerings.

Features: Fortra Tripwire IP360 provides robust network discovery, detailed risk assessment, and vulnerability prioritization. It also features advanced profiling capabilities that cater to complex infrastructures. Tenable Nessus delivers high-speed asset discovery and configuration auditing. Threat detection is a key feature, along with extensive plugin support that allows for adaptable integration across different network environments.

Room for Improvement: Fortra Tripwire IP360 could improve its initial setup cost barrier, enhance support for smaller enterprises, and streamline its profiling capabilities for broader applicability. Tenable Nessus can further develop its customer service options, improve its user interface for better ease-of-use, and expand its documentation for more comprehensive understanding for new users.

Ease of Deployment and Customer Service: Fortra Tripwire IP360 offers flexible deployment options suitable for large infrastructures and provides dedicated support, making it ideal for enterprises with specific needs. Tenable Nessus offers quicker setup processes with accessible documentation and community support options, emphasizing a self-service approach.

Pricing and ROI: Fortra Tripwire IP360 has a higher initial setup cost, providing significant returns through specialized services over time. Tenable Nessus presents a more affordable entry point suitable for various budgets, delivering value through continuous updates and threat adaptability. Nessus's cost-effective licensing offers a favorable ROI for its comprehensive scanning capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Fortra Tripwire IP360 vs. Tenable Nessus Report (Updated: June 2026).
Buyer's Guide
Fortra Tripwire IP360 vs. Tenable Nessus
June 2026
Download the complete report
Helped 902,417 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Fortra Tripwire IP360
Ranking in Vulnerability Management
59th
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Tenable Nessus
Ranking in Vulnerability Management
2nd
Average Rating
8.4
Reviews Sentiment
6.0
Number of Reviews
88
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of June 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.0%, up from 0.9% compared to the previous year. The mindshare of Fortra Tripwire IP360 is 0.7%, up from 0.4% compared to the previous year. The mindshare of Tenable Nessus is 3.8%, down from 9.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Tenable Nessus3.8%
Qualys TotalCloud1.0%
Fortra Tripwire IP3600.7%
Other94.5%
Vulnerability Management
 

Featured Reviews

RO
Robert Orłowski
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Read full review
Corey Cole - PeerSpot reviewer
Corey Cole
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Read full review
MohammedJaffir - PeerSpot reviewer
MohammedJaffir
Founder at Cipheroot
Has enabled me to reduce false positives and perform deep credential auditing with seamless integrations
I mostly use the configuration audit feature for the audit configuration as a scan policy, and I will use it for credential audit, which helps me scan credentials access such as local administrator or root access, performing a deeper and more accurate check of local configuration settings and file systems, making it a highly recommended feature. Regarding integration capabilities, we can integrate Tenable Nessus with SIM tools such as Splunk, IBM QRadar, and Azure Sentinel, as well as with ticketing systems such as ServiceNow, Jira, and Slack. There is no complexity as it is very easy to integrate everything. In terms of the reporting feature, while vulnerability scanning can throw some false positives, Tenable Nessus has very few, achieving a reduction of 75% to 80% false positives with manual analysis needed. We can generate standard Nessus reports that typically include host summaries and vulnerabilities by host and plugin, alongside solutions and remediation recommendations. The main benefits I get from Tenable Nessus are complete asset inventory and comprehensive attack surface management, allowing us to prioritize vulnerabilities based on risk, focusing on true risk and threat path analysis.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable features are its security capabilities that help identify and mitigate risk factors."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
More Qualys TotalCloud pros
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"Tripwire IP360 is a very stable solution."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"We could manage our entire IP range with the solution."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"Security is the key number because it can start to scan with a few clicks instead of credits, which is a bit complicated. So simplicity is the first advantage. Then the generated reports are well done and easy to present to management. The quality of the scan is quite good in detecting the severity. The solution has simplicity. Also, it has frequent updates so that is also a valuable feature."
"The solution provides time saving and cost saving benefits."
"The valuable feature for me is being able to ping the computers to do the automated scan and to come back and be able to see everything."
"The main benefits I get from Tenable Nessus are complete asset inventory and comprehensive attack surface management, allowing us to prioritize vulnerabilities based on risk, focusing on true risk and threat path analysis."
"I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for."
"Overall, the solution is a better tool than Qualys."
"Nessus has greatly improved the security of our clients' networks."
"It allows me to prioritize efforts and utilize effective technical resources."
More Tenable Nessus pros
 

Cons

"The cost of Qualys TotalCloud is high and could be more competitive."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
More Qualys TotalCloud cons
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"We need to dedicate time and resources to keep it running."
"I am not very impressed by the technical support."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"We would like to have better reporting capabilities and for them to be more granular."
"The reporting functions can use improvement."
"Tenable Nessus is not feasible for a large company."
"The solution could improve security updates."
"Technically, it is an excellent and the best solution available in Libya. My only concern is related to its pricing. They are an emerging company in Libya, and they need to put in some effort to provide us with very good prices so that customers can go with the best solution. Chinese companies are getting into the market here, and they're providing very cheap solutions."
"Pricing is one of the most important features, and it is something that they can improve on."
"Tenable Nessus could improve the reporting by adding some dashboards. The reports are a hassle at this time."
"From my point of view the solution basically is not for the big enterprise."
"Lacks some penetration testing-related services."
"The price could be reduced."
More Tenable Nessus cons
 

Pricing and Cost Advice

"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The cost is high, but it meets our organizational needs."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
More Qualys TotalCloud pricing and cost advice
"I believe the price compares well within the market."
"The product was expensive for us."
"The price of the solution is reasonable."
"Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
"Nessus is affordable, but its licensing model could be improved with more flexibility for adding assets."
"The solution is expensive."
"We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level."
"The solution has free options."
"The cost is around $4,300 per year. Use is unlimited. You don't pay more if you want to use it for another IP."
"Cost-wise, it's an affordable tool."
More Tenable Nessus pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
902,417 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
12%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Manufacturing Company
10%
Financial Services Firm
10%
Government
9%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise19
Large Enterprise35
 

Questions from the Community

What is your experience regarding pricing and costs for Qualys TotalCloud?
The price is very expensive, actually.
See all answers
What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
See all answers
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
See all answers
Ask a question
Earn 20 points
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
See all answers
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
See all answers
What is your experience regarding pricing and costs for Tenable Nessus?
Based on my experience, the pricing for Tenable Nessus is somewhat higher, but customers still want to pay for it, so...
See all answers
 

Comparisons

Wiz vs Qualys TotalCloud Logo
Wiz vs Qualys TotalCloud
Compared 11% of the time
Microsoft Defender for Cloud vs Qualys TotalCloud Logo
Microsoft Defender for Cloud vs Qualys TotalCloud
Compared 8% of the time
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud Logo
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud
Compared 6% of the time
JupiterOne vs Qualys TotalCloud Logo
JupiterOne vs Qualys TotalCloud
Compared 5% of the time
Nucleus Security vs Qualys TotalCloud Logo
Nucleus Security vs Qualys TotalCloud
Compared 5% of the time
More Qualys TotalCloud Competitors
Tenable Security Center vs Fortra Tripwire IP360 Logo
Tenable Security Center vs Fortra Tripwire IP360
Compared 10% of the time
Checkmarx One vs Fortra Tripwire IP360 Logo
Checkmarx One vs Fortra Tripwire IP360
Compared 9% of the time
IBM Guardium Vulnerability Assessment vs Fortra Tripwire IP360 Logo
IBM Guardium Vulnerability Assessment vs Fortra Tripwire IP360
Compared 6% of the time
BMC Helix Automation Console vs Fortra Tripwire IP360 Logo
BMC Helix Automation Console vs Fortra Tripwire IP360
Compared 5% of the time
Vicarius vRx vs Fortra Tripwire IP360 Logo
Vicarius vRx vs Fortra Tripwire IP360
Compared 5% of the time
More Fortra Tripwire IP360 Competitors
Rapid7 InsightVM vs Tenable Nessus Logo
Rapid7 InsightVM vs Tenable Nessus
Compared 7% of the time
Qualys VMDR vs Tenable Nessus Logo
Qualys VMDR vs Tenable Nessus
Compared 7% of the time
Rapid7 Metasploit vs Tenable Nessus Logo
Rapid7 Metasploit vs Tenable Nessus
Compared 4% of the time
Tenable Security Center vs Tenable Nessus Logo
Tenable Security Center vs Tenable Nessus
Compared 4% of the time
Tenable Vulnerability Management vs Tenable Nessus Logo
Tenable Vulnerability Management vs Tenable Nessus
Compared 4% of the time
More Tenable Nessus Competitors
 

Product Reports

Buyer's Guide
Qualys TotalCloud
June 2026
Qualys TotalCloud reportDownload Qualys TotalCloud product report
Buyer's Guide
Fortra Tripwire IP360
June 2026
Fortra Tripwire IP360 reportDownload Fortra Tripwire IP360 product report
Buyer's Guide
Tenable Nessus
June 2026
Tenable Nessus reportDownload Tenable Nessus product report
 

Also Known As

Qualys TotalCloud with FlexScan
IP360
No data available
 

Overview

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?
  • Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
  • Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
  • Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
  • Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
  • Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
  • Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
  • FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
  • Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.
What benefits and ROI should users look for?
  • Improved Security Posture: Enhances threat detection and response across clouds.
  • Time Savings: Automation reduces time spent on manual vulnerability management.
  • Resource Efficiency: Better allocation of resources through streamlined workflows.
  • Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
  • Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys

Tripwire IP360 is a powerful vulnerability management solution that identifies and prioritizes network vulnerabilities for remediation. It is highly effective in scanning devices and applications, improving security posture, ensuring compliance, and managing risks. 

Users value its detailed reporting, user-friendly interface, and seamless integration with other security tools for efficient security management.

Fortra

Tenable Nessus enhances cybersecurity by detecting vulnerabilities with comprehensive scanning, user-friendly dashboards, and automated reporting, providing value in asset management, configuration audits, and compliance.

Providing real-time monitoring and ease of use, Nessus stands out with its integration capabilities, predictive prioritization, extensive plugin system, and cost-effectiveness. It supports vulnerability assessments for networks, applications, and devices, offering detailed reports for continuous security improvement. Nessus' capabilities extend across on-premise and cloud deployments, aiding compliance and remediation processes while aligning with security standards. While robust, it could benefit from enhanced cloud capabilities, improved scanning accuracy, and more flexible licensing options.

What are the standout features of Tenable Nessus?
  • Comprehensive Scanning: Covers platforms for in-depth vulnerability detection.
  • User-Friendly Dashboards: Simplifies monitoring with intuitive interfaces.
  • Automated Reporting: Streamlines data presentation and dissemination.
  • Integration Capabilities: Connects seamlessly with other tools for enhanced functionality.
  • Predictive Prioritization: Focuses on vulnerabilities with the greatest impact potential.
What benefits and ROI should users expect when evaluating Tenable Nessus in reviews?
  • Cost-Effectiveness: Provides strong value for investment in anomaly detection.
  • Real-Time Monitoring: Keeps security threats in check continuously.
  • Asset Management: Aids in tracking and securing organization-wide assets.
  • Detailed Reporting: Offers clear insights into compliance and security posture.

Tenable Nessus is implemented widely across industries for internal and external vulnerability assessments and management, aiding organizations in scanning servers, workstations, and network devices. Benefiting sectors prioritize security within their unique environments, leveraging Nessus for its thorough reports and compliance assurance.

Tenable
 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Buyer's Guide
Fortra Tripwire IP360 vs. Tenable Nessus
June 2026
Free Report: Fortra Tripwire IP360 vs. Tenable Nessus
Find out what your peers are saying about Fortra Tripwire IP360 vs. Tenable Nessus and other solutions. Updated: June 2026.
DOWNLOAD NOW
902,417 professionals have used our research since 2012.
See our Fortra Tripwire IP360 vs. Tenable Nessus report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.