Try our new research platform with insights from 80,000+ expert users

Qualys TotalCloud vs Vicarius vRx comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
16th
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (1st)
Qualys TotalCloud
Ranking in Vulnerability Management
10th
Average Rating
8.8
Reviews Sentiment
7.7
Number of Reviews
30
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), Cloud Security Posture Management (CSPM) (6th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (8th)
Vicarius vRx
Ranking in Vulnerability Management
15th
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
21
Ranking in other categories
Patch Management (7th), Risk-Based Vulnerability Management (6th)
 

Mindshare comparison

As of September 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 1.0%, up from 0.1% compared to the previous year. The mindshare of Qualys TotalCloud is 1.2%, up from 0.5% compared to the previous year. The mindshare of Vicarius vRx is 0.9%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Market Share Distribution
ProductMarket Share (%)
Qualys TotalCloud1.2%
Vicarius vRx0.9%
Zafran Security1.0%
Other96.9%
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Sushant Samantara - PeerSpot reviewer
Helps us minimize attack surfaces by identifying root accounts and encryption issues
TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management. Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent. TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management. We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently. A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment. TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks. With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk. TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.
OrenBen Shalom - PeerSpot reviewer
Consolidates vulnerability discovery, prioritization, and remediation in a single platform
Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching. The platform helps prioritize patch installation by identifying high-risk vulnerabilities, allowing IT teams to focus on critical threats first. This prioritization is crucial because it prevents IT teams from being overwhelmed by the constant influx of patches, enabling them to create a manageable plan and allocate resources effectively. By distinguishing between critical, high-risk, and medium-risk vulnerabilities, Vicarius vRx empowers IT teams to address the most urgent threats promptly and schedule less critical patches for later. Both native operating system updates and Vicarius vRx offer vulnerability remediation. Native OS updates allow for the patching of system vulnerabilities on Windows, macOS, and Linux. However, Vicarius vRx provides a single solution for installing both operating system and application updates by also discovering application vulnerabilities. Another valuable feature is virtual patching, which allows us to protect an asset from a specific vulnerability without installing a patch. Sometimes, installing a patch alone is insufficient and requires restarting the asset. However, production servers often cannot be restarted during the day, restricting restarts to specific timeslots. Virtual patching creates a network-based protection layer that prevents exploitation of a vulnerability, offering a temporary safeguard. While not a foolproof solution for long-term use, it's a valuable tool that reduces tension between IT and security teams by providing time to properly install patches.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"Its dashboards are brilliant. It provides in-depth insights."
"TotalCloud provides the easiest and the best approach for cloud infrastructure management."
"I would definitely recommend Qualys TotalCloud to other customers."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"TruRisk Insights is the most important innovation they've released this year."
"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."
"The ability to consolidate vulnerability discovery, prioritization, and remediation in one platform is crucial."
"The system prioritizes vulnerabilities, identifying high, medium, and low risks, allowing us to focus on high-risk applications. It allows us to focus on high-risk applications and do the updates."
"I liked the initial dashboard."
"Vicarius vRx's primary strength is its user-friendly interface."
"Agent-based scanning is the most valuable feature."
"Since we started using Vicarius vRx, I have not had to worry about patching the software."
"We can easily deploy patches for third-party applications. It automatically downloads the patches for you. You do not have to download them, upload them to the solution, and configure your own scripts or anything like that. It is all automatic."
"The most efficient feature of Vicarius vRx is the ability to group assets, such as by time zone, allowing for targeted patching and streamlined management."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"Their customer support needs improvement."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process."
"While I appreciate the automation of vulnerability management, Vicarius vRx's current manual patchless application is a point for improvement."
"It would be beneficial if Vicarius vRx could implement smart tagging or suggest tags to create a group for these development tools, signifying that they should not be regularly updated."
"Another complaint we've gotten is that the portal doesn't remember your username and password. You tell them your email, and it sends an invitation. You need to click that, and it takes you to a new portal, where you can finally log in. Maybe it's a security precaution, but it seems like a lot of extra steps to log in."
"The user interface for deploying patches can be improved, as it appears complicated when launching patches. We can launch it for apps or OS, but the steps to get there are a bit tedious. This is the only thing."
"I would like to see a way to build a virtual environment where we can test patches in real-time before we deploy."
"I would be happy if the patch update could be downloaded to the Vicarius server and then implemented on the client. Currently, they just send a link to the software."
"They do have a search function for device names. They already have a list of all our devices, however, if I'm looking for something, sometimes the name does not come up at the top of the list."
 

Pricing and Cost Advice

Information not available
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"The pricing is great because we are a reseller of the product. It is really up to us and Vicarius, and they are very easy to work with."
"Vicarius' pricing was reasonable compared to the other systems we evaluated."
"In the past, Vicarius vRx was cheap, but now they have adjusted their pricing policy, resulting in higher renewal costs. We have had some conversations with them regarding a smaller jump in the renewal cost."
"Vicarius vRx is reasonably priced."
"The pricing is fair."
"The pricing was very reasonable and fair compared to other products. I liked that there was no tiered system. One price gave access to everything, which is nice. It is not something you get too often with enterprise IT."
"Vicarius vRx offers a competitive price point for the features it provides."
"The price of vRx seems fair. None of our clients complained about the pricing. They all thought it was reasonable. Once people understood what it does, it didn't take much to get them to sign up."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Computer Software Company
10%
Manufacturing Company
8%
Government
6%
Financial Services Firm
16%
Computer Software Company
13%
Government
10%
Manufacturing Company
9%
Computer Software Company
14%
Non Profit
10%
Media Company
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise2
Large Enterprise22
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
What is your experience regarding pricing and costs for Qualys TotalCloud?
It isn't cheap, but it's reasonable. It helps us to manage things with very few resources.
What needs improvement with Qualys TotalCloud?
The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, wha...
What is your primary use case for Qualys TotalCloud?
We are managing AWS, Azure, as well as Google Cloud services in the cloud. We have different applications using those...
What is your experience regarding pricing and costs for Vicarius vRx?
I do not use other solutions, so I cannot compare its pricing to others, but its price seems okay.
What needs improvement with Vicarius vRx?
I would be happy if the patch update could be downloaded to the Vicarius server and then implemented on the client. C...
What is your primary use case for Vicarius vRx?
We use Vicarius vRx to manage all third-party software updates. Previously, we could manage Windows updates, but thir...
 

Also Known As

No data available
Qualys TotalCloud with FlexScan
No data available
 

Overview

Find out what your peers are saying about Qualys TotalCloud vs. Vicarius vRx and other solutions. Updated: September 2025.
867,497 professionals have used our research since 2012.