No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs Tenable Vulnerability Management comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Morphisec
Ranking in Vulnerability Management
57th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (48th), Advanced Threat Protection (ATP) (30th), Endpoint Detection and Response (EDR) (61st), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
Tenable Vulnerability Manag...
Ranking in Vulnerability Management
10th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
Patch Management (14th), Risk-Based Vulnerability Management (5th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Morphisec is 0.7%, up from 0.3% compared to the previous year. The mindshare of Tenable Vulnerability Management is 2.8%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Tenable Vulnerability Management2.8%
Qualys TotalCloud1.1%
Morphisec0.7%
Other95.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
Chethan Gowda - PeerSpot reviewer
Windows Security Patching Operation III (Cyber Operations) at CBTS
Have maintained accurate vulnerability scans and gained actionable remediation insights across thousands of servers
Tenable Vulnerability Management agents are very lightweight, and the results we get are very accurate. The solutions they provide to us, assuming if one vulnerability exists, there will be a solution. The resolution they give us in wording will be the best solution. The exploit rates and the reports we get provide a lot of information, making it very easy for us to verify.The main benefit of integration with Tenable Vulnerability Management is that there will be no lack of missing vulnerabilities when it comes to the patching environment. That is one of the key aspects of why we have integrated Tenable to our patching tools. It has a vast capacity of pushing the data to our tools due to its capability and compatibility. That is also one of the reasons why we are using Tenable Vulnerability Management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud provides unified vulnerability and threat assessment for IaaS and SaaS and a single prioritized view of risk, which helps reduce my workload by not having to combine multiple sources."
"Its excellent graphical interface makes the scanning process simple."
"Qualys TotalCloud's most valuable features are its security capabilities that help identify and mitigate risk factors."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"With Morphisec, at least when it does happen, I feel confident that we have in place solutions that will not only prevent it, but also let us know when something has happened."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"Morphisec is quite an important tool for us in terms of security and InfoSec because of the malware protection."
"What's valuable is really the whole kit and caboodle of the Morphisec agent. What it does is genius, in a way, until the bad guys get wise to it. You set it up and then you watch the dashboard. There isn't really much tinkering."
"Morphisec makes it super easy for our IT team to prevent breaches of critical systems; it is a one-click install, then it takes care of the rest."
"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."
"In a month, we are saving the effort of four to five days, and earlier we used to have a dedicated person and now we don't need a dedicated resource, which has reduced our security spending and we are saving approximately $600 a month."
"It's simple, it's easy, and it works."
"The solution's most valuable feature is providing a single pane of visibility on all the infrastructure and its status."
"The product has many features and continues to develop its capabilities at a rapid pace."
"It has greatly impacted us by providing asset visibility."
"Tenable Vulnerability Management agents are very lightweight, and the results we get are very accurate."
"The vulnerability scanning has been great as it's helped us to define some issues around the updates of some things, and some items surrounding services we need to take care of."
"Tenable.io Vulnerability Management is an easy-to-use product. I"
"I would rate Tenable's dashboards and reporting capabilities for illustrating security posture a nine out of ten, with ten being the best."
"The stability is commendable, and I would rate Tenable ten out of ten."
 

Cons

"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"I haven't been able to get the cloud deployment to work. When there's an update, I'm supposed to be able to roll it out for the cloud solution, but right now I'm continuing to use our SCCM solution to update it."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools."
"Overall, I don't know 100% if it's increasing our security posture, but it does give us a nice peace of mind."
"Automating reports needs improvement. I would like to have better reporting capabilities within it or automated reporting to be a little bit more dynamic. That's something I know they're working on. We literally are in the process. We started the process a week and a half ago of going to their latest version, so I've not seen their latest one up and running yet."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."
"I don't recommend Tenable.io Vulnerability Management for web scanning"
"The response times from the customer service and support team could be improved."
"Technical support from Tenable is rated six out of ten. It needs improvement in response time and addressing feature requests promptly."
"I'm not satisfied with the reporting structure."
"The one drawback that we have found is the reports. We are still getting reports from Tenable.sc since the maturity levels on the reports are lacking."
"Tenable Vulnerability Management is not very effective for real-time risk prioritization for our organization's security strategy."
"The dashboard and the main panel could be better. It's lacking right now."
"I would evaluate Tenable Vulnerability Management's customer service and technical support as average."
 

Pricing and Cost Advice

"Qualys TotalCloud is expensive."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"The pricing is definitely fair for what it does."
"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing an eight. So, it is a pretty expensive solution."
"The tool is reasonably priced."
"Compared to other VM solutions, Tenable.io Vulnerability Management is expensive."
"Tenable.io Vulnerability Management's pricing solution model isn't great."
"Tenable.io is not known for being a cheap product."
"The total cost we pay for this solution is over 45K. This is for a large education organization."
"The cost is determined by the number of endpoints, which is approximately one dollar per endpoint."
"The product costs us around $137,000 annually for 4000 to 5000 assets."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
Financial Services Firm
14%
Manufacturing Company
10%
Computer Software Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise3
Large Enterprise22
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What needs improvement with Tenable.io Vulnerability Management?
In my opinion, I would like to see additional functions and improvements. Something related to AI would be a good add...
What advice do you have for others considering Tenable.io Vulnerability Management?
I have purchased a license directly from Tenable, so I am working directly with Tenable and not through partners. My ...
 

Also Known As

Qualys TotalCloud with FlexScan
Morphisec, Morphisec Moving Target Defense
Tenable.io
 

Overview

 

Sample Customers

Information Not Available
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Global Payments AU/NZ
Find out what your peers are saying about Morphisec vs. Tenable Vulnerability Management and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.