No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Guardium Vulnerability Assessment vs VulnCheck comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
VulnCheck
Ranking in Vulnerability Management
50th
Average Rating
8.4
Reviews Sentiment
6.2
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. The mindshare of VulnCheck is 0.4%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
VulnCheck0.4%
IBM Guardium Vulnerability Assessment0.8%
Other97.7%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
reviewer2805510 - PeerSpot reviewer
Partner Account Manager at a wholesaler/distributor with 51-200 employees
Proactive exploit intelligence has transformed how we prioritize real-world vulnerability risks
VulnCheck needs improvement in terms of data. It is primarily an intelligence and data layering system and not a complete vulnerability management platform. This means that it lacks native patch workflows, so you do not have asset discovery as you would with Tenable or Qualys. You will require other tools to act on the data that you find, which necessitates engineering time for API integration, data mapping, and tuning. Additionally, not all exploit signs are clear; some can be noisy or ambiguous, so teams need to apply their judgment. Finally, the time to value is not instant; it requires integration, workflow changes, and team training. I think VulnCheck is an excellent tool and valuable data resource. However, if you wish to send alerts via an API to platforms like Rapid7 or Tenable VM, you will need to integrate that with a SIEM solution to perform any kind of risk management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"We were able to realize its benefits within 24 to 48 hours."
"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"Its excellent graphical interface makes the scanning process simple."
"The most valuable feature is extensibility."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"TruRisk Insights is the most important innovation they've released this year."
"The platform's unified view of the organization proves particularly valuable for leadership team meetings."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The clear prioritization based on risk is probably the biggest day-to-day benefit."
"With VulnCheck's early exploit visibility, I can remediate vulnerabilities quickly, making timely decisions before the vulnerabilities are known to the public and hackers."
"VulnCheck has shifted the mindset within my organization and my partners from a reactive to a more proactive approach."
 

Cons

"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"The price is very expensive, actually."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"Their support could be improved."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"There should be improvement from a dashboard perspective when collecting and showcasing data to lead management."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"The only problem is that some of the reports come up with blanks and missing data."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"VulnCheck's UI and reporting can be improved for better visibility."
"VulnCheck needs improvement in terms of data."
 

Pricing and Cost Advice

"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is expensive."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
Outsourcing Company
31%
Construction Company
16%
Computer Software Company
7%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
What needs improvement with VulnCheck?
VulnCheck needs improvement in terms of data. It is primarily an intelligence and data layering system and not a comp...
What is your primary use case for VulnCheck?
Over the year and a half that I have been dealing with VulnCheck, I have also worked with numerous similar solutions....
What advice do you have for others considering VulnCheck?
VulnCheck has shifted the mindset within my organization and my partners from a reactive to a more proactive approach...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

Find out what your peers are saying about IBM Guardium Vulnerability Assessment vs. VulnCheck and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.