No more typing reviews! Try our Samantha, our new voice AI agent.

Nucleus Security vs The NodeZero Platform by Horizon3.ai comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 23, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Nucleus Security
Ranking in Vulnerability Management
40th
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
2
Ranking in other categories
Application Security Tools (28th), Risk-Based Vulnerability Management (14th), Continuous Threat Exposure Management (CTEM) (13th)
The NodeZero Platform by Ho...
Ranking in Vulnerability Management
7th
Average Rating
8.8
Reviews Sentiment
6.1
Number of Reviews
24
Ranking in other categories
Advanced Threat Protection (ATP) (12th), Penetration Testing Services (1st), Breach and Attack Simulation (BAS) (1st), Risk-Based Vulnerability Management (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Nucleus Security is 1.0%, up from 0.8% compared to the previous year. The mindshare of The NodeZero Platform by Horizon3.ai is 1.3%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
The NodeZero Platform by Horizon3.ai1.3%
Qualys TotalCloud1.1%
Nucleus Security1.0%
Other96.6%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
VK
manager at a computer software company with 201-500 employees
Unified vulnerability workflows have transformed how our teams prioritize and resolve critical risks
While the platform is incredibly powerful, the initial configuration curve of Nucleus Security can be a bit steep. When first setting up complex, multi-layered automation rules and asset groupings, the interface can feel a little overwhelming. Having more intuitive step-by-step visualized wizards or guided templates for building complex triage workflows would make the onboarding process much smoother for new team members. Dashboard customization and reporting would definitely be on my wish list. While the default dashboards are great for a general overview, it can take a bit of manual tweaking when building highly tailored workspace views for different engineering groups. Having a more flexible drag-and-drop widget system where individual teams can prioritize exactly what metrics they see first on their layout would be a huge quality of life update. On the reporting side, the data it generates is solid, but I would like to see more granular control over formatting within the platform itself. Sometimes leadership wants data tailored in very specific ways, and currently, we occasionally have to export the data and clean it up externally to meet those exact visual preferences.
Brent Hamlin - PeerSpot reviewer
Infrastructure Manager at a construction company with 501-1,000 employees
Continuous threat scanning has improved remediation time and strengthened executive reporting
The best features that The NodeZero Platform by Horizon3.ai offers include the automated scans, which are great to use; you set it, scope it, and let it go, which works really well. The executive reporting feature is impactful for me as a manager, providing a strong foundation to give quarterly and yearly reports to our executives and board to see the state of our infrastructure from a security standpoint. The level of detail and clarity in the executive reports from The NodeZero Platform by Horizon3.ai absolutely helps me communicate effectively with leadership. They are detailed enough for me to extract the necessary information tailored for the executives and to provide a broader perspective on our mitigation efforts or accepted risk stance and where additional controls exist. The NodeZero Platform by Horizon3.ai has positively impacted my organization by giving us a better continuous picture of our security posture, what's exploitable, and what can be used against the organization. It allows us to run scans whenever needed, unlike a single third-party system that only provides a snapshot in time; our processes must be ongoing as the security landscape is dynamic. NodeZero's endpoint security effectiveness feature impacts my understanding of potential security threats by providing a clear picture of both the external and internal landscapes within my organization, enabling me to prioritize and adjust as needed for vulnerabilities such as WordPress plugin issues or user enumerations and software code version assessments. I have built The NodeZero Platform by Horizon3.ai into our weekly and monthly workflows for security CI/CD, and we scan our externally accessible assets every week to address anything quickly if it comes up. That includes our firewalls, websites, and anything that is an external web server, which we scan weekly, while the monthly scans are for internal systems that feed our security CI/CD pipeline, enabling us to action across and prioritize any vulnerabilities caught by The NodeZero Platform by Horizon3.ai.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"We were able to realize its benefits within 24 to 48 hours."
"TruRisk Insights is the most important innovation they've released this year."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"Qualys TotalCloud is an excellent platform, and the beauty of the platform is that we can get all the vulnerabilities, see all the reports in a single dashboard, view them segregated, and easily learn about critical, high, and medium findings with appropriately provided remediation steps."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"The most valuable feature is extensibility."
"The best features that Nucleus Security offers in my experience are the unified integrations with all of the different vulnerability management platforms."
"Nucleus Security has fundamentally changed how we manage our vulnerability lifecycle and made our entire incident response process much more proactive, organized, and reliable."
"After the third party conducts the pen test, The NodeZero Platform is run, and it finds the same things they found and sometimes a few other things that they did not even identify."
"Overall, I'd rate NodeZero at nine to 9.5 out of ten."
"If someone was looking into this product, I would absolutely recommend it."
"The NodeZero Platform by Horizon3.ai has positively impacted my organization by allowing my security team to be more efficient and focus on the most valuable work at the highest criticality."
"For us, The NodeZero Platform is literally the single best security solution we have because the way that it works is we're able to scan every part of our network, both internally and externally, and then get completely actionable feedback that doesn't matter if it's for an application developer or a network admin."
"Penetration testing and scans are useful features."
"The NodeZero Platform is amazing; what I love most about it is that it's automated and comparable to the manual pen testing we did with a third-party company, but with the added benefit of unlimited retesting to validate fixes."
"The NodeZero Platform's real attack capabilities help in identifying vulnerabilities on our on-prem systems because it provides actual vulnerabilities by attacking our systems."
 

Cons

"The downside is only in container security, but it has not been a long time since they introduced these models."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"The cost of Qualys TotalCloud is high and could be more competitive."
"There is room for improvement in the support."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"The support process is inefficient due to the excessive number of replies required when submitting tickets."
"Nucleus Security needs a better view into exposure management, as exposure management and attack path management are missing."
"While the platform is incredibly powerful, the initial configuration curve of Nucleus Security can be a bit steep."
"We did hundreds of tests, so that is why we did not continue, as it was very expensive for a very low yield."
"I would like to see an improvement in the notification management."
"If we have had problems, that is with the actual licensing style they are using."
"Sometimes even their support doesn't know why we're seeing certain issues."
"When it comes to the stability of The NodeZero Platform by Horizon3.ai, I would rate it around seven to eight because the stability is not that high initially due to the need for daily updates and modifications as new vulnerabilities appear."
"I encountered challenges with patch management, as we struggled to test and implement patches due to time constraints. This led to our patch management process being ineffective."
"The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually starting the test, as the deployment of the underlying infrastructure can take several minutes, sometimes over 10 minutes."
"I think The NodeZero Platform could improve by leveraging GPUs for password cracking, which would be pretty good."
 

Pricing and Cost Advice

"Qualys TotalCloud offers cost-effective licensing flexibility."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
Information not available
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Construction Company
8%
Comms Service Provider
7%
Computer Software Company
13%
Financial Services Firm
13%
Construction Company
8%
Manufacturing Company
7%
Comms Service Provider
9%
Manufacturing Company
8%
Government
8%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise4
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Nucleus Security?
I have a good experience with that, so we don't have much problem dealing with pricing, setup, and licensing.
What needs improvement with Nucleus Security?
Nucleus Security needs a better view into exposure management, as exposure management and attack path management are ...
What is your primary use case for Nucleus Security?
My main use case for Nucleus Security is unifying the vulnerability management landscape, providing a single source o...
What needs improvement with Horizon3.ai?
The NodeZero Platform by Horizon3.ai could be improved by speeding up the time from initializing a test to actually s...
What is your primary use case for Horizon3.ai?
My main use case for The NodeZero Platform by Horizon3.ai is autonomous and continuous penetration testing. A specifi...
What advice do you have for others considering Horizon3.ai?
My advice to others looking into using The NodeZero Platform by Horizon3.ai is to use it to its full potential, as it...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Horizon3.ai
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Government agencies, Defense Industrial Base organizations, and enterprises in regulated industries such as finance, healthcare, manufacturing, and criticalinfrastructure rely on NodeZero to meet rigorous security and compliance requirements with continuous, scheduled, and on-demand testing.
Find out what your peers are saying about Wiz, Qualys, Tenable and others in Vulnerability Management. Updated: June 2026.
903,933 professionals have used our research since 2012.