No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Guardium Vulnerability Assessment vs The NodeZero Platform by Horizon3.ai comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
The NodeZero Platform by Ho...
Ranking in Vulnerability Management
7th
Average Rating
8.8
Reviews Sentiment
6.1
Number of Reviews
24
Ranking in other categories
Advanced Threat Protection (ATP) (12th), Penetration Testing Services (1st), Breach and Attack Simulation (BAS) (1st), Risk-Based Vulnerability Management (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. The mindshare of The NodeZero Platform by Horizon3.ai is 1.3%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
The NodeZero Platform by Horizon3.ai1.3%
Qualys TotalCloud1.1%
IBM Guardium Vulnerability Assessment0.8%
Other96.8%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
Brent Hamlin - PeerSpot reviewer
Infrastructure Manager at a construction company with 501-1,000 employees
Continuous threat scanning has improved remediation time and strengthened executive reporting
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint. The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist. The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic. NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments. I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"I would definitely recommend Qualys TotalCloud to other users."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"Qualys TotalCloud has helped us view our risk structure, vulnerabilities, and security posture."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"The most valuable feature is extensibility."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The NodeZero Platform is amazing; what I love most about it is that it's automated and comparable to the manual pen testing we did with a third-party company, but with the added benefit of unlimited retesting to validate fixes."
"If someone was looking into this product, I would absolutely recommend it."
"The NodeZero Platform by Horizon3.ai has positively impacted my organization by allowing my security team to be more efficient and focus on the most valuable work at the highest criticality."
"Penetration testing and scans are useful features."
"My favorite feature about The NodeZero Platform is that it's autonomous, and it truly delivers on that promise—it can be set and forgotten while it performs its tasks, and it does exactly what it claims to do."
"We experienced a threat that could have severely crippled us, but we were able to shut it down before it escalated, thanks to internal vulnerability testing and addressing critical vulnerabilities using their tool."
"The NodeZero Platform's real attack capabilities help in identifying vulnerabilities on our on-prem systems because it provides actual vulnerabilities by attacking our systems."
"We chose The NodeZero Platform by Horizon3.ai because, first, of its superior technical capability for the use cases we were looking for, second, the cost, which we believe was much more affordable than the other products, and third, the customer and technical support was very good for us."
 

Cons

"The support is not up to the mark and seems to be overburdened."
"Although TotalCloud is a helpful tool, some of its advanced features are still under development."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"The only problem is that some of the reports come up with blanks and missing data."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"Sometimes even their support doesn't know why we're seeing certain issues."
"You need to be cautious about what it scans, as it could potentially cause issues."
"The speed of the scans takes some time, but in my opinion, it is not surprising for what it is doing."
"The reports are quite useless."
"Occasionally, I will get one that does not offer a lot in the way of specific steps because the device on which it found the vulnerability is not a standard device that it recognizes."
"The NodeZero Platform by Horizon3.ai could be improved by reducing the elapsed time from identifying a zero-day vulnerability from their QA environment to their production environment."
"The NodeZero Platform by Horizon3.ai can be improved in some ways, particularly regarding the test scan sometimes."
"When it comes to the stability of The NodeZero Platform by Horizon3.ai, I would rate it around seven to eight because the stability is not that high initially due to the need for daily updates and modifications as new vulnerabilities appear."
 

Pricing and Cost Advice

"TotalCloud's price is about right where I would expect it to be."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"The cost is high, but it meets our organizational needs."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
Comms Service Provider
9%
Manufacturing Company
8%
Government
8%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
What needs improvement with Horizon3.ai?
The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually s...
What is your primary use case for Horizon3.ai?
My main use case for The NodeZero Platform by Horizon3.ai is autonomous and continuous penetration testing. A specifi...
What advice do you have for others considering Horizon3.ai?
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to use it to its full potential, as it...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Horizon3.ai
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Government agencies, Defense Industrial Base organizations, and enterprises in regulated industries such as finance, healthcare, manufacturing, and criticalinfrastructure rely on NodeZero to meet rigorous security and compliance requirements with continuous, scheduled, and on-demand testing.
Find out what your peers are saying about IBM Guardium Vulnerability Assessment vs. The NodeZero Platform by Horizon3.ai and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.