No more typing reviews! Try our Samantha, our new voice AI agent.

Qualys CyberSecurity Asset Management vs VulnCheck comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
6th
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
35
Ranking in other categories
Patch Management (4th), Cyber Asset Attack Surface Management (CAASM) (3rd), Attack Surface Management (ASM) (3rd), Software Supply Chain Security (2nd)
VulnCheck
Ranking in Vulnerability Management
50th
Average Rating
8.4
Reviews Sentiment
6.2
Number of Reviews
3
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.4%, up from 0.8% compared to the previous year. The mindshare of VulnCheck is 0.4%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys CyberSecurity Asset Management1.4%
Qualys TotalCloud1.1%
VulnCheck0.4%
Other97.1%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Nicki Møller - PeerSpot reviewer
Information Security Engineer at a manufacturing company with 5,001-10,000 employees
Enables automation and quick access to necessary information
One of the significant challenges Qualys is discovery, which I know Microsoft excels at. I can't recall how well Qualys performs this function; it seems I might be missing some details. However, if there's one key aspect to focus on, it's discovery—the ability to identify assets that you are not aware of, even when you can see they are present. Understanding what those assets are is crucial. With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system. The features within Qualys are limited to what they have developed. Sometimes a complete overview is needed to push to a Power BI dashboard, Splunk, ServiceNow, or other platforms. The export process is incredibly challenging. We needed a developer to write a hundred-line Python script that would loop over certain assets due to export limitations. Qualys CyberSecurity Asset Management could improve its integration capabilities. While it generates substantial data, correlating it with other data sources can be challenging. The export process is difficult, and pre-built integrations with other tools could be enhanced for better process implementation.
reviewer2805510 - PeerSpot reviewer
Partner Account Manager at a wholesaler/distributor with 51-200 employees
Proactive exploit intelligence has transformed how we prioritize real-world vulnerability risks
VulnCheck needs improvement in terms of data. It is primarily an intelligence and data layering system and not a complete vulnerability management platform. This means that it lacks native patch workflows, so you do not have asset discovery as you would with Tenable or Qualys. You will require other tools to act on the data that you find, which necessitates engineering time for API integration, data mapping, and tuning. Additionally, not all exploit signs are clear; some can be noisy or ambiguous, so teams need to apply their judgment. Finally, the time to value is not instant; it requires integration, workflow changes, and team training. I think VulnCheck is an excellent tool and valuable data resource. However, if you wish to send alerts via an API to platforms like Rapid7 or Tenable VM, you will need to integrate that with a SIEM solution to perform any kind of risk management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The best part I like is the on-demand scans."
"Qualys TotalCloud's most valuable features are its security capabilities that help identify and mitigate risk factors."
"The most valuable feature is extensibility."
"CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs."
"I would definitely recommend Qualys TotalCloud to other users."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"Its dashboards are brilliant. It provides in-depth insights."
"The comprehensive view that Qualys CyberSecurity Asset Management gives us on our assets enables us to go to a single screen and get a good idea of our holistic asset count."
"Qualys CyberSecurity Asset Management is definitely good for a big company; it really helps you keep an eye on your whole environment rather than little pieces here and there throughout your tech stack."
"The most valuable feature is the Management sensor, which helps identify gaps in policy agent availability, thereby improving agent utilization."
"There are no stability issues, and I would rate it a ten out of ten."
"The fact that it is integrated makes it very easy to understand."
"It de-duplicates findings and helps you understand what the vulnerabilities from your external scans and your external attack surface management are and how they connect to the vulnerabilities on your internal scans."
"I would rate Qualys CyberSecurity Asset Management ten out of ten."
"The best feature is asset discovery through their cloud agent or IP-based scanning."
"With VulnCheck's early exploit visibility, I can remediate vulnerabilities quickly, making timely decisions before the vulnerabilities are known to the public and hackers."
"VulnCheck has shifted the mindset within my organization and my partners from a reactive to a more proactive approach."
"The clear prioritization based on risk is probably the biggest day-to-day benefit."
 

Cons

"The price is very expensive, actually."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"The support process is inefficient due to the excessive number of replies required when submitting tickets."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"There is a lack of data segregation according to criticality or inventory."
"Currently, in the EASM module, the scan frequency is limited to once daily, but allowing end users control over scan scheduling would be advantageous."
"With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system."
"We encountered some false positives, which required coordination with the IT team for verification."
"In my opinion, the area that needs improvement is the role-based access control (RBAC). The access privilege management needs to be more robust and streamlined to enhance user access management. Additionally, improvements to the user interface could be beneficial."
"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."
"The deployment is somewhat complicated and could be made more user-friendly for most users. It is currently not user-friendly for all users. It is good but can be improved. It is a new product, and they are working on it."
"They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that."
"The UI needs improvement as it can become overwhelming after prolonged use."
"VulnCheck needs improvement in terms of data."
"VulnCheck's UI and reporting can be improved for better visibility."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The cost for Qualys CyberSecurity Asset Management is high."
"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
"Qualys offers excellent value for money."
"The pricing is market-competitive."
"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."
"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
15%
Computer Software Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
Outsourcing Company
31%
Construction Company
16%
Computer Software Company
7%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise2
Large Enterprise23
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with Qualys CyberSecurity Asset Management?
I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating ...
What is your primary use case for Qualys CyberSecurity Asset Management?
I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection...
What needs improvement with VulnCheck?
VulnCheck needs improvement in terms of data. It is primarily an intelligence and data layering system and not a comp...
What is your primary use case for VulnCheck?
Over the year and a half that I have been dealing with VulnCheck, I have also worked with numerous similar solutions....
What advice do you have for others considering VulnCheck?
VulnCheck has shifted the mindset within my organization and my partners from a reactive to a more proactive approach...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

Find out what your peers are saying about Qualys CyberSecurity Asset Management vs. VulnCheck and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.