Try our new research platform with insights from 80,000+ expert users

Qualys TotalCloud vs Vicarius vRx comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Qualys TotalCloud
Ranking in Vulnerability Management
30th
Average Rating
9.0
Number of Reviews
2
Ranking in other categories
Container Security (24th), Cloud Workload Protection Platforms (CWPP) (19th), Cloud Security Posture Management (CSPM) (20th), SaaS Security Posture Management (SSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (16th)
Vicarius vRx
Ranking in Vulnerability Management
18th
Average Rating
8.8
Number of Reviews
11
Ranking in other categories
Patch Management (11th), Risk-Based Vulnerability Management (7th)
 

Featured Reviews

Brad Mathis - PeerSpot reviewer
Jun 10, 2024
Offers easy-to-follow instructions, enhanced posture management, and improved visibility
TotalCloud offers written explanations to guide us through fixing security vulnerabilities and reducing cyber risks. For instance, if we click on a finding like "ensure public access level is set to private for block containers" a CIS Microsoft Azure Foundations benchmark, TotalCloud will not only tell us which specific container is failing but also provide remediation steps. These steps include a clear, step-by-step guide to fix the issue directly from the Azure console or command line, making it easy to address security risks. After deploying TotalCloud and configuring the connectors for Azure, we quickly gained visibility into our cloud security posture. While the initial setup gathers data, the overall process is swift and delivers immediate insights. TotalCloud offers a unified way to assess vulnerabilities and threats across both Asset-as-a-service and software-as-a-service applications. While an additional module, Software Detection Response, is required for the same level of detail in SaaS assessments, it integrates seamlessly with TotalCloud and gathers information through the Azure connector. Similarly, the SDR component is used for Microsoft 365 environments, consolidating all threat data into a single report. It has significantly enhanced our posture management insight and awareness. It provides a valuable third-party perspective, highlighting potential security issues we might have missed with Microsoft's built-in settings. This independent view offers a more objective assessment, similar to having a security expert unaffiliated with Microsoft or any specific platform. TotalCloud summarizes our cloud security risks in a single view, prioritizing the most important ones. It allows us to generate reports based on severity levels (critical, high, medium) and offers pre-built dashboards like the Azure one, which highlights the most critical control failures along with the number of affected resources. This way, we can focus on addressing the most urgent issues first. We can use TruRisk in TotalCloud to view a risk score for our virtual machines. This score indicates the overall security posture of the machine, along with details on identified vulnerabilities confirmed and potential. While the TruRisk score is a valuable integration, I haven't had the chance to fully explore its functionalities in our environment yet.
Navdeep Saini - PeerSpot reviewer
Jul 15, 2024
It protects applications against zero-day threats
We use vRx to do the patch management, vulnerability assessment, and remediation Vicarius vRx helps consolidate multiple tools for patching and remediation. It's critical that Vicarius combines vulnerability discovery, prioritization, and remediation in a single platform. We selected it for that…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices."
"Its excellent graphical interface makes the scanning process simple."
"Patchless Protection helps protect us from vulnerabilities that may not yet have patches from the manufacturer. I've used it for a piece of software that we don't have a patch for. It monitors that software, analyzes it, and makes sure nothing nefarious is going on when it's vulnerable."
"Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status."
"We can easily deploy patches for third-party applications. It automatically downloads the patches for you. You do not have to download them, upload them to the solution, and configure your own scripts or anything like that. It is all automatic."
"I like that vRx is cloud-based. It protects the health of applications against zero-day threats."
"Vicarius vRx's ability to patch third-party software is particularly valuable for us."
"Agent-based scanning is the most valuable feature."
"Third-party software patching is the most valuable feature."
"While other vulnerability scanners overwhelm us with a huge list of problems after a scan, Vicarius vRx goes beyond that."
 

Cons

"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"I don't like logging in. The portal could be a better process. You could use some third-party push notification rather than sending an email, waiting for the link to generate, and clicking on it. That would be good. It's somewhat frustrating when I need to log in."
"While I appreciate the automation of vulnerability management, Vicarius vRx's current manual patchless application is a point for improvement."
"Another complaint we've gotten is that the portal doesn't remember your username and password. You tell them your email, and it sends an invitation. You need to click that, and it takes you to a new portal, where you can finally log in. Maybe it's a security precaution, but it seems like a lot of extra steps to log in."
"I would like to see a way to build a virtual environment where we can test patches in real-time before we deploy."
"The multi-tenant portal has room for improvement."
"There can be more scripting capability and more filtering capability. We should be able to filter more granular details in the operating system such as whether it is a service, application, executable, or something like that. For the most part, we are satisfied with what we are able to filter."
"They do have a search function for device names. They already have a list of all our devices, however, if I'm looking for something, sometimes the name does not come up at the top of the list."
"The network device vulnerability scans can be improved. It would be helpful to be able to mitigate those vulnerabilities using SSH or SNMP to get those those updates out to those devices. I don't know if that is possible because it doesn't run an agent. But at the very least, having that CPE information relative to network devices would be incredibly helpful."
 

Pricing and Cost Advice

"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is expensive."
"It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced."
"Vicarius vRx is reasonably priced."
"The pricing is fair."
"Vicarius' pricing was reasonable compared to the other systems we evaluated."
"Vicarius vRx offers a competitive price point for the features it provides."
"Vicarius vRx's per-asset pricing makes it easy for me to market to clients as it scales with their needs."
"The price of vRx seems fair. None of our clients complained about the pricing. They all thought it was reasonable. Once people understood what it does, it didn't take much to get them to sign up."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
807,508 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
23%
Financial Services Firm
12%
Manufacturing Company
12%
Government
11%
Media Company
17%
Computer Software Company
16%
Non Profit
14%
Insurance Company
12%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names.
What is your primary use case for Qualys TotalCloud?
We utilize Qualys TotalCloud to conduct DNS, IP, and WOS scans and identify system vulnerabilities.
What is your experience regarding pricing and costs for Vicarius vRx?
Vicarius vRx is slightly expensive. It could be a little lighter on the wallet.
What needs improvement with Vicarius vRx?
I don't like logging in. The portal could be a better process. You could use some third-party push notification rather than sending an email, waiting for the link to generate, and clicking on it. T...
What is your primary use case for Vicarius vRx?
We use vRx to do the patch management, vulnerability assessment, and remediation.
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
 

Learn More

 

Overview

Find out what your peers are saying about Tenable, Qualys, Wiz and others in Vulnerability Management. Updated: September 2024.
807,508 professionals have used our research since 2012.