No more typing reviews! Try our Samantha, our new voice AI agent.

Fortra Tripwire IP360 vs Wiz Code comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Fortra Tripwire IP360
Ranking in Vulnerability Management
58th
Average Rating
7.0
Reviews Sentiment
4.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Wiz Code
Ranking in Vulnerability Management
17th
Average Rating
8.4
Reviews Sentiment
5.1
Number of Reviews
14
Ranking in other categories
Risk-Based Vulnerability Management (8th), Cloud Security Remediation (1st), Application Security Posture Management (ASPM) (4th), Continuous Threat Exposure Management (CTEM) (3rd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Fortra Tripwire IP360 is 0.7%, up from 0.4% compared to the previous year. The mindshare of Wiz Code is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Wiz Code1.1%
Fortra Tripwire IP3600.7%
Other97.1%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Corey Cole - PeerSpot reviewer
Service Coordinator - Technology Security at a government with 10,001+ employees
The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain
Only the administrator was using the product. He used it to read reports as part of our compliance programs. It wasn't heavily used by a lot of users. The tool comes in at a large scale, and we tried to scale it down. The scaling did not apply to us. It was neither difficult nor easy. I rate the scalability a five out of ten. We had some challenges while scaling it down. It could do 10,000 devices, and we wanted to use it for ten devices. The process was difficult and expensive. We did not need the product anymore.
Aditya Sarkar - PeerSpot reviewer
Assistant VP at NatWest Group
Unified dashboards have streamlined code‑to‑cloud risk tracking and reduced manual reviews
The best features of Wiz Code that I appreciate the most include their entire dashboarding and the seamless integration with different DevOps tooling like GitHub or Azure DevOps. It seamlessly integrates, allowing you to run scanners directly onto the machines without consuming too many resources, and the recategorization of vulnerabilities is absolutely wonderful, giving you a complete attack path, which is something I love about Wiz Code because it details the entire lateral movement of the issue, whether it is a complete shift-left or shift-right, serving as the differentiators compared to other tools in the market. When I talk about ROI with Wiz Code, it almost cuts you down to 20% to 25% of the daily effort needed in terms of FTE. If you are working with around 100 developers or engineers, you might come down to 60 to 70 engineers, with the rest completely automated by removing false positives, showcasing where the USP comes in.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"In my opinion, this is the best tool."
"I would rate Qualys TotalCloud ten out of ten."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"TruRisk Insights is the most important innovation they've released this year."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"It has enhanced the security program by ensuring that all external-facing systems are scanned on a routine basis."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"Tripwire IP360 helps me to discover most of the vulnerabilities, and I like the way that it prioritizes these vulnerabilities, as it allows me to focus on the most important ones first and then follow up with the rest."
"We could manage our entire IP range with the solution."
"Tripwire is one of the most mature in terms of companies, suites, support, everything, much more than any other product."
"The company probably chose this solution because they thought that they would be getting the best bang for their buck."
"Tripwire IP360 is a very stable solution."
"This product detects vulnerabilities which exist in the environment, and provides enough information that allows for remediation, thereby securing the environment."
"The best features with Wiz Code give you a reasonable picture when it comes to vulnerabilities, which means you see the usual severity levels, you also get to see references on how to remediate vulnerabilities, and the fact that it has a visual dashboard helps all stakeholders, especially folks who need to remediate, to get that picture correctly and then take action."
"Using Wiz Code has been a worthy investment, as manually checking all 100 AWS accounts for issues would take an immense amount of time, but Wiz Code allows us to scan all accounts within minutes and continuously monitors our cloud environment every 24 hours, displaying any changes in the Wiz Code UI under the issues and threats section."
"Overall, Wiz Code is a very good tool to use in any organization, whether mid-level or high-level, and it is very useful and user-friendly for employees."
"From the CNAPP focus, it has been serving me exceptionally with zero failure rate since I've been using it."
"Wiz Code has positively impacted our organization as it helped us to maintain a healthy application security side of the company and to remediate our vulnerabilities."
"In my opinion, all the security features Wiz Code offers are the best."
"The best features of Wiz Code that I appreciate the most include their entire dashboarding and the seamless integration with different DevOps tooling like GitHub or Azure DevOps, allowing you to run scanners directly onto the machines without consuming too many resources, and the recategorization of vulnerabilities is absolutely wonderful, giving you a complete attack path, which is something I love about Wiz Code because it details the entire lateral movement of the issue, whether it is a complete shift-left or shift-right, serving as the differentiators compared to other tools in the market."
"I would definitely recommend Wiz Code to boost development and productivity because I have seen significant positive improvements since I started using it."
 

Cons

"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"There is room for improvement in the support."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"The cost of Qualys TotalCloud is high and could be more competitive."
"The reporting functions can use improvement."
"For IP360, unfortunately, scans for certain vulnerabilities often cause issues, as they are mainly false positive."
"If you are looking for better reporting capabilities and vulnerability tracking over time for remediation purposes, then this is not the best solution."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"I am not very impressed by the technical support."
"We need to dedicate time and resources to keep it running."
"We would like to have better reporting capabilities and for them to be more granular."
"Wiz Code could be improved by showing us the dependencies that are affecting us; if we are upgrading one dependency, it would be helpful to know if down the road that's going to cause any problems with other dependencies."
"Wiz Code has many features, and I think they could continue to enhance customization according to our requirements."
"The pricing of Wiz Code is a little bit higher for small enterprises that I run, but it's something that I can manage."
"I rate the accuracy and reliability as good, but not yet at a level where I trust it without validation."
"There are many improvements that could be made to Wiz Code, but I would point out that sometimes it gives false results, though not every time."
"Wiz Code could be better in secret scanning where no push protections are enabled at the GitHub or GitLab level to prevent pushing secrets on GitHub itself."
"Metadata ingestion and probably the integration of Wiz Code platform is something which is missing."
"I have a big improvement in mind for Wiz Code, not a small improvement."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"The product was expensive for us."
"I believe the price compares well within the market."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
12%
Manufacturing Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Manufacturing Company
14%
Financial Services Firm
9%
Construction Company
8%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise14
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Wiz Code?
The topic of their pricing is confidential, which I'm not authorized to share. However, it is a bit expensive, but th...
What needs improvement with Wiz Code?
Every tool has some sort of improvement required. No tool can be said to be one hundred percent secure, so there's al...
What is your primary use case for Wiz Code?
Wiz Code is designed for scanning code repositories for vulnerabilities, whether through static scans, dynamic securi...
 

Also Known As

Qualys TotalCloud with FlexScan
IP360
Dazz.io
 

Overview

 

Sample Customers

Information Not Available
1. Aetna 2. Accenture 3. Adidas 4. AIG 5. Airbus 6. Akamai 7. Amazon 8. American Express 9. Aon 10. Apple 11. ATT 12. Autodesk 13. Bank of America 14. Barclays 15. Bayer 16. Bechtel 17. BlackRock 18. Boeing 19. BNP Paribas 20. Cisco 21. CocaCola 22. Comcast 23. Dell 24. Deutsche Bank 25. eBay 26. ExxonMobil 27. FedEx 28. Ford 29. General Electric 30. Google 31. HP 32. IBM
Information Not Available
Find out what your peers are saying about Fortra Tripwire IP360 vs. Wiz Code and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.