No more typing reviews! Try our Samantha, our new voice AI agent.

Runecast vs Vicarius vRx comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Runecast
Ranking in Vulnerability Management
69th
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
1
Ranking in other categories
GRC (51st), Container Security (48th), Cloud Workload Protection Platforms (CWPP) (39th), Cloud Security Posture Management (CSPM) (46th), Cloud-Native Application Protection Platforms (CNAPP) (32nd), Compliance Management (23rd)
Vicarius vRx
Ranking in Vulnerability Management
16th
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
21
Ranking in other categories
Patch Management (6th), Risk-Based Vulnerability Management (10th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Runecast is 0.6%, up from 0.1% compared to the previous year. The mindshare of Vicarius vRx is 0.9%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Vicarius vRx0.9%
Runecast0.6%
Other97.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Burak AKCAGUN - PeerSpot reviewer
Business Development Manager at Axoft Ukraine
Helps with risk assessments for containers, assessing security, and ensuring container compliance
I rate the overall product a nine out of ten. Customers can conveniently view all companies in a single dashboard if they have different companies. This feature eliminates the need for different solutions and separate installations. Moreover, the solution extends beyond servers, encompassing various platforms such as VMware and Kubernetes. Additionally, end-users can install the solution from their client's perspective.
OrenBen Shalom - PeerSpot reviewer
Information Security Manager at Pango
Consolidates vulnerability discovery, prioritization, and remediation in a single platform
Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching. The platform helps prioritize patch installation by identifying high-risk vulnerabilities, allowing IT teams to focus on critical threats first. This prioritization is crucial because it prevents IT teams from being overwhelmed by the constant influx of patches, enabling them to create a manageable plan and allocate resources effectively. By distinguishing between critical, high-risk, and medium-risk vulnerabilities, Vicarius vRx empowers IT teams to address the most urgent threats promptly and schedule less critical patches for later. Both native operating system updates and Vicarius vRx offer vulnerability remediation. Native OS updates allow for the patching of system vulnerabilities on Windows, macOS, and Linux. However, Vicarius vRx provides a single solution for installing both operating system and application updates by also discovering application vulnerabilities. Another valuable feature is virtual patching, which allows us to protect an asset from a specific vulnerability without installing a patch. Sometimes, installing a patch alone is insufficient and requires restarting the asset. However, production servers often cannot be restarted during the day, restricting restarts to specific timeslots. Virtual patching creates a network-based protection layer that prevents exploitation of a vulnerability, offering a temporary safeguard. While not a foolproof solution for long-term use, it's a valuable tool that reduces tension between IT and security teams by providing time to properly install patches.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."
"Qualys TotalCloud fulfills all these needs."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"Runecast is a good partner for VMware. Once we have installed it, we can see all the problems and issues. It also has VMware knowledge-based articles."
"Vicarius vRx consolidates vulnerability discovery, prioritization, and remediation in a single platform."
"I also like how easy it is to use. We instructed some companies on how to use it, provided them with an account, and gave them the ability to deploy and patch. They could quickly figure it out. We can spend an hour in the office showing someone how everything works, and they're good to go. It's the same with our customers."
"Vicarius vRx's automation feature is its most valuable, allowing us to automate manual tasks, receive automated reports, and easily check device update status."
"The prioritization of the vulnerabilities and patches that we must apply immediately is valuable. The automation of the tasks allows us to spend less time in that area."
"Third-party software patching is the most valuable feature."
"Vicarius vRx has reduced meantime to remediate by 90 percent."
"Vicarius vRx offers several advantages, especially for organizations with diverse operating systems and applications requiring frequent patching."
"The strongest advantage of Vicarius vRx is its intuitive interface, which requires minimal explanation or support, even for first-time users."
 

Cons

"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"Their customer support needs improvement."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"There is a lack of data segregation according to criticality or inventory."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"The product lacks network assessment capabilities. We cannot view our network assets or scan switches, routers, or IPs for vulnerabilities and issues."
"While I appreciate the automation of vulnerability management, Vicarius vRx's current manual patchless application is a point for improvement."
"Vicarius vRx's application management capabilities could be improved by allowing users to manage and uninstall applications directly within the GUI, eliminating the need for scripting and streamlining the process."
"The patchless protection feature is currently difficult to understand and could be made more user-friendly."
"I would like to see a way to build a virtual environment where we can test patches in real-time before we deploy."
"In the past, Vicarius vRx was cheap, but now they have adjusted their pricing policy, resulting in higher renewal costs."
"We did some automation. We kicked off scheduled updates to update our systems, but it did not work. When we attempted to scale the product and update multiple systems, we ran into a lot of issues. We also ran into the issue of it creating double assets."
"I don't like logging in. The portal could be a better process. You could use some third-party push notification rather than sending an email, waiting for the link to generate, and clicking on it. That would be good. It's somewhat frustrating when I need to log in."
"We are now in the process of trying to get our money back because the tool does not work."
 

Pricing and Cost Advice

"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"TotalCloud's price is about right where I would expect it to be."
"Runecast's pricing is cheaper than that of its competitors."
"Vicarius' pricing was reasonable compared to the other systems we evaluated."
"Vicarius vRx is priced competitively within the market."
"Vicarius vRx offers a competitive price point for the features it provides."
"It is in the middle. It is not the cheapest solution, but it is also not terribly expensive. We found it to be a good fit. It is fairly priced."
"The price of vRx seems fair. None of our clients complained about the pricing. They all thought it was reasonable. Once people understood what it does, it didn't take much to get them to sign up."
"The pricing is great because we are a reseller of the product. It is really up to us and Vicarius, and they are very easy to work with."
"I am not sure how much it costs, but it would have saved us some costs."
"Vicarius vRx's per-asset pricing makes it easy for me to market to clients as it scales with their needs."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
903,996 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Construction Company
8%
Comms Service Provider
7%
Construction Company
24%
Comms Service Provider
12%
Educational Organization
12%
Government
7%
Computer Software Company
11%
Non Profit
10%
Media Company
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise7
Large Enterprise3
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Vicarius vRx?
I do not use other solutions, so I cannot compare its pricing to others, but its price seems okay.
What needs improvement with Vicarius vRx?
I would be happy if the patch update could be downloaded to the Vicarius server and then implemented on the client. C...
What is your primary use case for Vicarius vRx?
We use Vicarius vRx to manage all third-party software updates. Previously, we could manage Windows updates, but thir...
 

Also Known As

Qualys TotalCloud with FlexScan
Runecast Analyzer
No data available
 

Overview

 

Sample Customers

Information Not Available
Our customers tell us regularly how Runecast benefits CIOs, CISOs, and both Security and Operations teams across verticals with a proactive approach that results in major time and cost savings, increased uptime and security standards complianceSuccess Highlight 75-85% troubleshooting time savings – Kiel Municipal Hospital90% time savings on reactive troubleshooting – Near East Bank90% time savings in upgrade planning– FLEXdata80% reduction in monthly incidents and issues – University of St Andrews78,000 EUR/year minimum annual cost savings – Notino100s of hours saved on security compliance with remediation scripts alone – Kiel Municipal Hospital75% time saved on troubleshooting and root cause analysis – de Volksbank
Information Not Available
Find out what your peers are saying about Wiz, Qualys, Tenable and others in Vulnerability Management. Updated: June 2026.
903,996 professionals have used our research since 2012.