Tenable Cloud Security vs Veza comparison

The compared Tenable and Veza solutions aren't in the same category. Tenable is ranked #12 in CNAP , with an average rating of 8.4, and holds a 3.2% mindshare in the category. Veza is ranked #3 in ITDR , with an average rating of 7.5, and holds a 20.4% mindshare. Additionally, 77% of Tenable users are willing to recommend the solution, compared to 100% of Veza users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Tenable Cloud Security and Veza based on real PeerSpot user reviews.

Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud-Native Application Protection Platforms (CNAPP).

To learn more, read our detailed Cloud-Native Application Protection Platforms (CNAPP) Report (Updated: June 2026).

Buyer's Guide

Cloud-Native Application Protection Platforms (CNAPP)

June 2026

Download the complete report

Helped 899,204 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Qualys TotalCloud

Mindshare comparison

Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
Product	Mindshare (%)
Tenable Cloud Security	3.2%
Wiz	13.1%
Prisma Cloud by Palo Alto Networks	10.7%
Other	73.0%

Cloud-Native Application Protection Platforms (CNAPP)

Identity Security and Posture Management (ISPM) Mindshare Distribution
Product	Mindshare (%)
Veza	20.4%
Saviynt Identity Cloud	24.4%
Silverfort	12.3%
Other	42.900000000000006%

Identity Security and Posture Management (ISPM)

Featured Reviews

Robert Orłowski

IT Security Expert at Alior Bank S.A.

Unified risk scoring has improved our cloud visibility and simplifies remediation priorities

Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.

Read full review

DragosCernat

Information Security Architect at WSP

Has significantly improved proactive monitoring through automated asset discovery and seamless integration with cloud environments

Making the system smarter would be beneficial. Adding modules for integration with AWS and Azure would be helpful. Adding capabilities for the scanner to automatically pick up changes and add assets automatically would be valuable. When discussing a big company, it is mandatory to have tools that will assist us rather than waiting for manual input to add hosts. Adding assets manually is prone to mistakes. Humans might forget to add an asset or make errors when adding multiple assets. Taking the human element out of the context and making it more streamlined is the future for security. The human should be involved where expertise is needed, such as analysis and decision-making. Currently, with resource constraints, we need tools to collect and aggregate data, eliminate false positives as much as possible, and present relevant information to employees for action.

Read full review

HarshalJethwa

Cloud Operations Engineer at a tech vendor with 51-200 employees

Centralized access control has strengthened least privilege and streamlined audit compliance

The best features Veza offers in my experience are access visibility to see who can access what and which parts, relationship mapping of a user to roles, policies and resources, and risk detection such as over-permission and unused permission privileges. I can perform audit compliance using those features and the platform supports multiple platforms. Out of those features, I find risk detection to be the most valuable in my day-to-day work because I can check who has over-permission or unused permissions and understand relationship mapping and access visibility. Veza has positively impacted my organization by improving access for our users, allowing us to check the user and perform auditing for our system or organization. We are now able to implement least privilege practices, which has made our organization and system more secure.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."

"The most valuable feature is extensibility."

"Its dashboards are brilliant. It provides in-depth insights."

"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."

"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."

"Its excellent graphical interface makes the scanning process simple."

"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."

"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."

More Qualys TotalCloud pros

"Element is precisely what we needed for close to real-time external surface monitoring, and the automatic integration capabilities, particularly with DNS, Azure, and AWS, are extremely valuable."

"The key benefit lies in having the largest and most up-to-date database. When it comes to using any Tenable product, it excels in finding vulnerabilities and providing analytics."

"The solution’s vulnerability management feature has helped us identify and mitigate risks well."

"Tenable Cloud Security has positively impacted my organization with risk reduction and compliance."

"Scanning and reporting are the most valuable features of Tenable Cloud Security"

"Ermetic can provide super visibility for our cloud environment (we are using AWS), the dashboard is simple to use, the findings provide all of the information you require, it provides detection and remediation, and creating a Jira ticket from a finding is just one click away."

"Tenable Cloud Security excels in vulnerability detection, one of its strongest features. Another valuable feature is software composition analysis, which highlights and automates the detection of security flaws. Additionally, their knowledge base is excellent; if anything goes wrong, they provide clear guidance on what needs to be done to address specific vulnerabilities."

"The tool alerts us on depreciating performance or deficiencies of our web application. It helps us react on time."

More Tenable Cloud Security pros

"It's the only current GRC vendor with licensing rights for HITRUST 11.3 framework, and I've avoided expensive HITRUST licensing costs through a custom control framework."

"Veza has positively impacted my organization by improving access for our users, allowing us to check the user and perform auditing for our system or organization, and we are now able to implement least privilege practices, which has made our organization and system more secure."

Cons

"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."

"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."

"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."

"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."

"Their customer support needs improvement."

"The price is very expensive, actually."

"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."

"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."

More Qualys TotalCloud cons

"I didn't find anything that wasn't useful or needed to be added."

"I have faced several bug incidents with the solution"

"If Tenable Cloud Security offers a complete Cnapp solution with CWP, CIEM, and Waap security, it will be able to compete with other competitors."

"Ermetic needs to improve its security scanning. I would like to see more dynamic graphical forms."

"The product must provide more features."

"Tenable needs to offer a patch-based solution since it is an area where the tool lacks a bit."

"There is a need for the support team to improve their response time since it is one of the areas where the product's technical team has certain shortcomings."

"Due to its robust nature, the platform's adoption can be overwhelming initially. However, once organizations start using it, they tend to get used to it. I haven't had much direct interaction with the support team, but some partners have reported a desire for better support for the product."

More Tenable Cloud Security cons

"Veza can be improved as it is currently not suitable for small projects due to its high cost, complex setup, and requirement for more integration with multiple systems."

"The support experience could be better."

Pricing and Cost Advice

"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."

"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."

"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."

"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."

More Qualys TotalCloud pricing and cost advice

"The tool's price is good compared to other brands. The tool's subscription is for a year."

"The tool's pricing is fair."

"There is a need to opt for a subscription-based pricing model to use Tenable Cloud Security. I rate the product price an eight on a scale of one to ten, where one is low price and ten is high price."

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.

See recommendations

899,204 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

19%

Financial Services Firm

14%

Construction Company

Comms Service Provider

Government

11%

Financial Services Firm

10%

Manufacturing Company

Construction Company

Financial Services Firm

14%

Manufacturing Company

Healthcare Company

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	3
Large Enterprise	28

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	2
Large Enterprise	5

No data available

Questions from the Community

What is your experience regarding pricing and costs for Qualys TotalCloud?

The price is very expensive, actually.

See all answers

What needs improvement with Qualys TotalCloud?

Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...

See all answers

What is your primary use case for Qualys TotalCloud?

Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...

See all answers

What needs improvement with Tenable Cloud Security?

Making the system smarter would be beneficial. Adding modules for integration with AWS and Azure would be helpful. Ad...

See all answers

What is your primary use case for Tenable Cloud Security?

We had other solutions that we used. One solution was that we did not have something exactly similar to what Element ...

See all answers

What is your experience regarding pricing and costs for Ermetic CSPM?

I wasn't involved with the pricing, setup cost and licensing for Tenable Cloud Security.

See all answers

What is your experience regarding pricing and costs for Veza?

My experience with pricing, setup cost, and licensing is that the pricing is much higher and the setup is very complex.

See all answers

What needs improvement with Veza?

Veza can be improved as it is currently not suitable for small projects due to its high cost, complex setup, and requ...

See all answers

What is your primary use case for Veza?

My main use case for Veza is to use it for authentication and to determine who can access what and what can be access...

See all answers

Comparisons

Wiz vs Qualys TotalCloud

Compared 12% of the time

Microsoft Defender for Cloud vs Qualys TotalCloud

Compared 9% of the time

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Compared 6% of the time

JupiterOne vs Qualys TotalCloud

Compared 5% of the time

Nucleus Security vs Qualys TotalCloud

Compared 5% of the time

More Qualys TotalCloud Competitors

Wiz vs Tenable Cloud Security

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs Tenable Cloud Security

Compared 6% of the time

Orca Security vs Tenable Cloud Security

Compared 5% of the time

FortiCNAPP vs Tenable Cloud Security

Compared 5% of the time

Plerion vs Tenable Cloud Security

Compared 5% of the time

More Tenable Cloud Security Competitors

Lumos vs Veza

Compared 14% of the time

SailPoint Identity Security Cloud vs Veza

Compared 8% of the time

Saviynt Identity Cloud vs Veza

Compared 6% of the time

Idira IGA vs Veza

Compared 6% of the time

Okta Platform vs Veza

Compared 5% of the time

More Veza Competitors

Product Reports

Buyer's Guide

Qualys TotalCloud

May 2026

Download Qualys TotalCloud product report

Buyer's Guide

Tenable Cloud Security

May 2026

Download Tenable Cloud Security product report

Buyer's Guide

Saviynt Identity Cloud vs. Veza

April 2026

Download Veza product report

Also Known As

Qualys TotalCloud with FlexScan

Ermetic, Ermetic Identity Governance for AWS

No data available

Overview

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?

Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.

What benefits and ROI should users look for?

Improved Security Posture: Enhances threat detection and response across clouds.
Time Savings: Automation reduces time spent on manual vulnerability management.
Resource Efficiency: Better allocation of resources through streamlined workflows.
Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys

Tenable Cloud Security is a comprehensive solution designed to help organizations secure their cloud environments across various platforms, including AWS, Azure, and Google Cloud. It offers continuous visibility, compliance management, and threat detection to ensure that cloud infrastructure and applications are protected from vulnerabilities and misconfigurations.

Tenable Cloud Security exemplifies a comprehensive Cloud-Native Application Protection Platform (CNAPP) by providing a unified solution that covers the entire cloud security lifecycle, from development to runtime. This platform is designed to address vulnerabilities, misconfigurations, threats, and compliance risks across multi-cloud environments, making it an essential tool for organizations adopting cloud-native architectures. In practice, Tenable Cloud Security integrates security into the development process through its shift-left approach, particularly with Infrastructure as Code (IaC) security. This ensures that security measures are embedded early in the development lifecycle, allowing teams to identify and mitigate vulnerabilities before they reach production. Once in production, the platform continues to provide real-time visibility into cloud environments, enabling continuous monitoring and proactive threat detection.

The solution's comprehensive protection spans various aspects of cloud security, including the identification and remediation of misconfigurations, automated compliance management, and advanced threat intelligence. By automating these processes, Tenable Cloud Security reduces the manual effort required to manage cloud security, freeing up resources for more strategic initiatives.

What are the key features of Tenable Cloud Security?

Unified Platform: Covers the entire cloud security lifecycle, from development to runtime, providing comprehensive protection.
Shift-Left Approach with IaC Security: Integrates security early in the development process, ensuring that vulnerabilities are caught and remediated before deployment.
Continuous Monitoring: Offers real-time visibility and monitoring of cloud environments, enabling proactive threat detection and response.
Automation: Streamlines security operations, reducing the need for manual intervention and increasing operational efficiency.
Comprehensive Threat and Compliance Management: Identifies and mitigates vulnerabilities, misconfigurations, and compliance risks across multi-cloud environments.

What are the benefits of using Tenable Cloud Security?

Improved Security Posture: Early detection and remediation of vulnerabilities lead to a stronger overall security posture.
Operational Efficiency: Automation reduces the workload on security teams, allowing them to focus on higher-priority tasks.
Risk Reduction: Proactively identifies and addresses risks before they impact production environments.
Simplified Compliance: Helps organizations meet and maintain compliance with industry standards, reducing the complexity and cost of audits.

Tenable Cloud Security is particularly valuable in industries with stringent regulatory requirements, such as finance, healthcare, and retail. For example, in the financial sector, it helps organizations ensure compliance with regulations like PCI-DSS while safeguarding sensitive data across cloud environments.

In summary, Tenable Cloud Security is a robust CNAPP solution that integrates security throughout the cloud lifecycle, providing comprehensive protection and operational efficiency for cloud-native environments.

Tenable

Veza Core Authorization Platform enhances data access visibility, centralizes control, and simplifies user permissions management. Its robust security through zero-trust principles, seamless integration, and automated compliance reporting boost organizational efficiency, productivity, and security, while streamlining workflows and minimizing vulnerabilities.

Veza

Sample Customers

Information Not Available

Tyler Technologies, Bilfinger, BarkBox, MongoDB, airSlate, Adama, Latch, Cloudinary, Riskified, AppsFlyer, IntelyCare, Aidoc, 42Dot, and more.

Information Not Available

Buyer's Guide

Cloud-Native Application Protection Platforms (CNAPP)

June 2026

Download Free Report

Find out what your peers are saying about Wiz, Palo Alto Networks, SentinelOne and others in Cloud-Native Application Protection Platforms (CNAPP). Updated: June 2026.

DOWNLOAD NOW

899,204 professionals have used our research since 2012.

We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.