No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Guardium Vulnerability Assessment vs Vicarius vRx comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Vicarius vRx
Ranking in Vulnerability Management
16th
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
21
Ranking in other categories
Patch Management (6th), Risk-Based Vulnerability Management (10th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. The mindshare of Vicarius vRx is 0.9%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Vicarius vRx0.9%
IBM Guardium Vulnerability Assessment0.8%
Other97.2%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
OrenBen Shalom - PeerSpot reviewer
Information Security Manager at Pango
Consolidates vulnerability discovery, prioritization, and remediation in a single platform
Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching. The platform helps prioritize patch installation by identifying high-risk vulnerabilities, allowing IT teams to focus on critical threats first. This prioritization is crucial because it prevents IT teams from being overwhelmed by the constant influx of patches, enabling them to create a manageable plan and allocate resources effectively. By distinguishing between critical, high-risk, and medium-risk vulnerabilities, Vicarius vRx empowers IT teams to address the most urgent threats promptly and schedule less critical patches for later. Both native operating system updates and Vicarius vRx offer vulnerability remediation. Native OS updates allow for the patching of system vulnerabilities on Windows, macOS, and Linux. However, Vicarius vRx provides a single solution for installing both operating system and application updates by also discovering application vulnerabilities. Another valuable feature is virtual patching, which allows us to protect an asset from a specific vulnerability without installing a patch. Sometimes, installing a patch alone is insufficient and requires restarting the asset. However, production servers often cannot be restarted during the day, restricting restarts to specific timeslots. Virtual patching creates a network-based protection layer that prevents exploitation of a vulnerability, offering a temporary safeguard. While not a foolproof solution for long-term use, it's a valuable tool that reduces tension between IT and security teams by providing time to properly install patches.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"Qualys TotalCloud fulfills all these needs."
"I would definitely recommend Qualys TotalCloud to other users."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"The best part I like is the on-demand scans."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"The most valuable feature is the consolidated information that it provides from various platforms."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
"I like that vRx is cloud-based. It protects the health of applications against zero-day threats."
"Vicarius vRx has reduced meantime to remediate by 90 percent."
"vRx seemed to be user-friendly and very easy to use."
"Agent-based scanning is the most valuable feature."
"Vicarius vRx has reduced our mean time to remediate vulnerabilities by 20%."
"The most valuable features of vRx would be virtualized patching and severity prioritization."
"Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching."
"The prioritization of the vulnerabilities and patches that we must apply immediately is valuable. The automation of the tasks allows us to spend less time in that area."
 

Cons

"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"The support is not up to the mark and seems to be overburdened."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"The only problem is that some of the reports come up with blanks and missing data."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"There can be more scripting capability and more filtering capability. We should be able to filter more granular details in the operating system such as whether it is a service, application, executable, or something like that. For the most part, we are satisfied with what we are able to filter."
"The multi-tenant portal has room for improvement."
"We are now in the process of trying to get our money back because the tool does not work."
"We had an outage due to a change Vicarius performed in their system."
"It would be good if there were more login options. At the moment, it sends you an email to verify your email address, and then you can log in. It would be beneficial to have other options for signing in, like MFA or maybe security keys, especially since it is a security product."
"It would be beneficial if Vicarius vRx could implement smart tagging or suggest tags to create a group for these development tools, signifying that they should not be regularly updated."
"In the past, Vicarius vRx was cheap, but now they have adjusted their pricing policy, resulting in higher renewal costs."
"The user interface for deploying patches can be improved, as it appears complicated when launching patches. We can launch it for apps or OS, but the steps to get there are a bit tedious. This is the only thing."
 

Pricing and Cost Advice

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is expensive."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"TotalCloud's price is about right where I would expect it to be."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
"It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced."
"The pricing was very reasonable and fair compared to other products. I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT."
"Vicarius vRx's per-asset pricing makes it easy for me to market to clients as it scales with their needs."
"Vicarius vRx is priced competitively within the market."
"Vicarius' pricing was reasonable compared to the other systems we evaluated."
"Vicarius vRx is reasonably priced."
"I am not sure how much it costs, but it would have saved us some costs."
"From a pricing perspective, Vicarius was cheaper compared to other competitors."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
Computer Software Company
11%
Non Profit
10%
Media Company
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
What is your experience regarding pricing and costs for Vicarius vRx?
I do not use other solutions, so I cannot compare its pricing to others, but its price seems okay.
What needs improvement with Vicarius vRx?
I would be happy if the patch update could be downloaded to the Vicarius server and then implemented on the client. C...
What is your primary use case for Vicarius vRx?
We use Vicarius vRx to manage all third-party software updates. Previously, we could manage Windows updates, but thir...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

Find out what your peers are saying about IBM Guardium Vulnerability Assessment vs. Vicarius vRx and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.