No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Guardium Vulnerability Assessment vs Vulcan Cyber comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Vulcan Cyber
Ranking in Vulnerability Management
27th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Risk-Based Vulnerability Management (9th), Cloud Security Remediation (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. The mindshare of Vulcan Cyber is 0.8%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Vulcan Cyber0.8%
IBM Guardium Vulnerability Assessment0.8%
Other97.3%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
Vikram Chakravarthy - PeerSpot reviewer
Cyber Security Engineer II (Vulnerability & Threat Management) at FICO
Risk-based workflows have transformed how our teams prioritize and track critical vulnerabilities
One important area for improvement could be reporting flexibility and dashboard customization, as this would need to align with specific organizational requirements. I believe it could be better. Additionally, UI simplification and more customization around workflows and reporting would further enhance the analyst experience. Improvements in executive reporting, more customizable dashboards, and deeper workflow flexibility would enhance operational usability further. Vulcan Cyber handles scalability well in our organization. It maintains stability for visibility and remediation tracking, avoiding the need for additional storage, as it is cloud-based. It scales well in our environment, even as vulnerability data and assets grow significantly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best part I like is the on-demand scans."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"TruRisk Insights is the most important innovation they've released this year."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The most notable aspects include having prioritization capabilities and custom scripts."
"Vulcan Cyber has had the biggest positive impact on my organization through the improvement in prioritization and remediation efficiency."
"I was part of the initial deployment. It was pretty easy. To fully deploy, it took about three or four weeks."
"There is a lot of flexibility in exporting, making it a really good feature. The exporting flexibility based on application type is commendable and provides significant value."
"Vulcan Cyber helps us prioritize the vulnerabilities that are really exploitable and our point of interest for the industry based on the threat intelligence that we get."
"One of the features that I find valuable is the ability to bifurcate the report according to the many options available."
"The automation capabilities using the Vulcan API platform or the API feature allow me to easily automate scripts and reports and schedule them."
"They recently upgraded their UI, which is great. It is user-friendly."
 

Cons

"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"Their support could be improved."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"The only problem is that some of the reports come up with blanks and missing data."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"The fact that we cannot use it for our reporting leads me to rate it three out of ten."
"We have the highest privilege in the application, and at least for members with the highest privilege, having the capability to reach out to the vendor directly from the application would be beneficial."
"It would be extremely helpful to have a community group around the product."
"Their support is good, but there are some flaws as well. We often encounter some issues that are not applicable to Vulcan Cyber as a whole; they apply only to us because we have customized requirements. In such cases, when we reach out with specific data and issues to their support team, they sometimes come back and say that the issues have been resolved. However, when we test to see if they have been remediated, they are still there."
"The performance is bad. The query and the UI are always slow, and it's quite frustrating. Vulcan is trying to solve this with a newer design. The dashboard is also crowded. It pulls in all this raw information that you need to filter. Vulcan has filtering capabilities, but they're hard to manage. The labels aren't very clear, so you need to do things by trial and error. It's not as easy as other tools we've been using."
"We wish we had more insights into how they weigh the risks associated with the threat intel."
"We've faced situations where we required support on a Friday, and support wasn't available."
"Initially, when onboarding Vulcan Cyber, the setup and configuration was more complex than expected with a user-friendly approach. This aspect can be enhanced."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud is expensive."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
"Our leadership knows better about the pricing. As per my knowledge, which might not be accurate, its price can come down."
"Its pricing is quite fair compared to what is out there in the market, especially compared to the tool from Microsoft. It is a SaaS platform that has an annual cost, so it is something that is already used by many companies. It is quite affordable."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
Computer Software Company
22%
Manufacturing Company
8%
Construction Company
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business1
Large Enterprise11
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
What is your experience regarding pricing and costs for Vulcan Cyber?
My experience with pricing, setup cost, and licensing for Vulcan Cyber indicates that pricing typically depends on th...
What needs improvement with Vulcan Cyber?
One important area for improvement could be reporting flexibility and dashboard customization, as this would need to ...
What is your primary use case for Vulcan Cyber?
My main use case for Vulcan Cyber involves vulnerability prioritization and tracking remediation, including exposure ...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Interactive Demo

Demo not available
Demo not available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Stitch Fix, Mandiant, Wealthsimple, Entrust, Anaplan, Deloitte, Origami Risk, Verana Health
Find out what your peers are saying about IBM Guardium Vulnerability Assessment vs. Vulcan Cyber and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.