No more typing reviews! Try our Samantha, our new voice AI agent.

JupiterOne vs Qualys VMDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
JupiterOne
Ranking in Vulnerability Management
48th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
5
Ranking in other categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) (22nd), Cloud Security Posture Management (CSPM) (29th), Cyber Asset Attack Surface Management (CAASM) (5th)
Qualys VMDR
Ranking in Vulnerability Management
2nd
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
96
Ranking in other categories
IT Asset Management (3rd), Configuration Management Databases (3rd), Container Security (9th), Risk-Based Vulnerability Management (1st)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of JupiterOne is 0.5%, up from 0.2% compared to the previous year. The mindshare of Qualys VMDR is 3.9%, down from 7.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys VMDR3.9%
Qualys TotalCloud1.1%
JupiterOne0.5%
Other94.5%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Prakhar Birthare - PeerSpot reviewer
Machine Learning And Gen AI Engineer at Jaypee University of Engineering and Technology
Automated cloud insights have transformed compliance monitoring and reduced audit preparation time
Regarding the advantages of JupiterOne, the automated asset discovery, graph-based visualizations, and compliance mapping against SOC 2 and ISO 27001 policy management with pre-built templates are standout features. The J1QL query language for custom security queries, alerting for misconfigurations, and integrations with AWS, GitHub, Okta, and CloudTrail are also valuable. The graph-based querying is underrated. Most people think of it as just an asset inventory tool, but the ability to query relationships between assets and understand what is connected to what in an automated compliance context is truly powerful once the team becomes comfortable with it. The impact is much better visibility into cloud security posture than I had before. My security team has spent less time manually hunting for information and more time actually acting on risk. The query capability helps me reduce back-and-forth between security and engineering. Instead of security asking the team manual questions about the environment, much of the context is now available directly in JupiterOne, allowing me to query it directly and get answers immediately. The monitoring part covers assets and metrics including asset coverage counts, compliance score percentage, policy violation counts, mean time to detect, mean time to respond, alert response rate, and integration count across connected tools. The policy violation count is the best metric I use to measure the impact of JupiterOne's centralized asset management repository on security initiatives.
Vaibhav Ghule - PeerSpot reviewer
Soc Lead & Edr Administration at Persistent Systems
Continuous risk-based monitoring has strengthened incident response and vulnerability prioritization
I haven't explored Qualys VMDR's vulnerability lifecycle automation yet. One of my analysts mentioned that queries lack grouping operators in Qualys VMDR. From my experience, I would appreciate improvements in the query options in Qualys VMDR, specifically in the query-building process where I would need more features and operators. Additionally, we have been facing issues with Qualys on the cloud level. We cannot download the configuration profile from the cloud agent, and it is showing a pending action for download. During 2025, we noticed outages of Qualys a couple of times. I want to mention that there is an issue with receiving timely RCA deliveries. While this is not necessarily about the tool, it relates to support. The support has not been very responsive, and we are receiving RCAs a little delayed whenever we raise support cases or communicate with the TAMs. Additionally, the UI has a slight latency, which I and my team have experienced. They have also reported this latency issue when navigating through different pages.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has improved our security posture."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"Qualys TotalCloud provides unified vulnerability and threat assessment for IaaS and SaaS and a single prioritized view of risk, which helps reduce my workload by not having to combine multiple sources."
"The platform's unified view of the organization proves particularly valuable for leadership team meetings."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"Using JupiterOne, I have observed an increase in transaction success rates to 99% without improper data, translating to 99% time saved."
"JupiterOne helps us aggregate all those things on one single platform, allowing us to quickly identify what environment that asset lives in and what type of asset it is."
"The product’s UI is pretty decent and fast."
"I have definitely seen a positive return on investment from JupiterOne in a few concrete ways."
"The security team saved 80% of manual tracking time, reducing the weekly effort from 15 to 20 hours down to 3 to 4 hours."
"The integrations for this solution are very good, as I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product."
"Using this product, we now have a vulnerability management cycle wherein VMDR plays a major role."
"In a world of the hybrid workforce and work from home, if you're looking for a more effective vulnerability management tool, you have to go to the agent-based vulnerability management tools that are out there, and we've been extremely happy with Qualys."
"The initial setup and onboarding process of Qualys VMDR was quite smooth, as we were able to draft the SOPs from the documentation portal itself and everything was available in the documentation, so it was not a hassle for us to get the integrations done on time."
"I find the most valuable features are the continuous monitoring. Even on premises, there is constant monitoring."
"The solution is easy to use."
"We also like the flexibility in their licensing."
"Authenticated scans provide different options, including those using or not using the FactSet and adding option profiles."
 

Cons

"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"However, the compliance module has not worked well, and we have had to continue tracking our compliance manually with the tools we use."
"The only improvements I would suggest for JupiterOne are addressing the J1QL learning curve with better tutorials."
"You can only write Python queries in Jupiter, not other languages, like, SQL or PySpark."
"JupiterOne could improve regarding the cost, as enterprise deployment can be costly."
"Regarding performance and speed scenarios for JupiterOne, queries sometimes take too long, especially when dealing with large datasets or complex graph relationships that can slow down significantly."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"The customer support is very bad."
"Sometimes we face a problem with accessing the tool and not getting an expected result. From a technology point of view, they need to look into this."
"Qualys Container Security can improve the interface. It could be easier to navigate and be enriched."
"The reporting and the GUI need improvements. Tenable dominated in these two areas: reporting and graphical user interface."
"The reporting is lacking a little, and it would be nice to have reports sent via email."
"It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."
 

Pricing and Cost Advice

"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud is expensive."
Information not available
"The solution is costly."
"The license is on a yearly basis."
"We have an annual contract for Qualys VMDR. I believe it's for either two years or five years."
"The pricing is very competitive."
"The solution is reasonably priced for the value it provides."
"There is a license for the use of this solution. We pay annually instead of monthly to receive a better discount on the price."
"In Nigerian Naira, we spend about roughly four to five million to use this solution and this is expensive compared to solutions like Nessus."
"It is more expensive than other products on the market."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
17%
Financial Services Firm
15%
Comms Service Provider
6%
Manufacturing Company
6%
Financial Services Firm
16%
Manufacturing Company
7%
Computer Software Company
7%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise12
Large Enterprise70
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with JupiterOne?
Regarding performance and speed scenarios for JupiterOne, queries sometimes take too long, especially when dealing wi...
What is your primary use case for JupiterOne?
I have been using JupiterOne for four to five months. I explored JupiterOne during my cybersecurity studies, and it s...
What advice do you have for others considering JupiterOne?
I have several practical pieces of advice for anyone looking into JupiterOne. The first is to start with clear asset ...
What is your experience regarding pricing and costs for Qualys VMDR?
My experience with pricing, setup cost, and licensing shows that we can consider both time and money saved.
What needs improvement with Qualys VMDR?
I haven't explored Qualys VMDR's vulnerability lifecycle automation yet. One of my analysts mentioned that queries la...
What advice do you have for others considering Qualys VMDR?
I have some understanding about PeerSpot, and I have visited the website. PeerSpot is similar to TrustRadius. It take...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
Find out what your peers are saying about JupiterOne vs. Qualys VMDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.