Qualys TotalCloud Reviews

Name: Qualys TotalCloud
Brand: Qualys
Rating: 4.3 (39 reviews)

Vendor: Qualys

4.3 out of 5

39 reviews
100% willing to recommend

Leave a review

What is Qualys TotalCloud?

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Get the Qualys TotalCloud Buyer's Guide and find out what your peers are saying about Qualys TotalCloud, Datadog, SentinelOne Singularity Cloud Security and more!

Qualys TotalCloud is the #2 ranked solution in top SaaS Security Posture Management (SSPM) solutions, #8 ranked solution in top Cloud Security Posture Management (CSPM) solutions, #8 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, #9 ranked solution in Cloud Workload Protection Platforms, #11 ranked solution in top Vulnerability Management solutions, and #13 ranked solution in Container Security Solutions. PeerSpot users give Qualys TotalCloud an average rating of 8.6 out of 10. Qualys TotalCloud is most commonly compared to Datadog: Qualys TotalCloud vs Datadog. Qualys TotalCloud is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.

Helped 892,383 peers since 2012

Featured Qualys TotalCloud reviews

Robert Orłowski

IT Security Expert at Alior Bank S.A.

Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.

Read full review

reviewer2584311

Senior Cyber Security Analyst at a financial services firm with 10,001+ employees

One of the valuable features of Qualys TotalCloud is its recurring scanning patterns, which detect misconfigurations, risky configurations, and weak IAM policies. The tool automates the maintenance of CIS benchmarks at scale, which is very useful. Qualys TotalCloud serves as a single-point tool integrating various modules such as VM and policy compliance and security, providing a holistic view of my security posture. Qualys TotalCloud provides threat intelligence feeds or threat integration, enabling me to mix data with other modules to identify recurring vulnerabilities or threats I face in my organization.

Read full review

reviewer2706300

Cyber Security Specialist at a financial services firm with 10,001+ employees

Qualys TotalCloud provides written explanations to help guide the remediation paths and eliminate cyber risk. We are using TruRisk for the remediations. The TruRisk shows anything critical, and we can then focus on that. We also assess manually whether an asset is a critical target or not. Qualys TotalCloud provides a single, prioritized view of risk. We are using CIS-CAT standards to harden our clouds, such as AWS, Google Cloud, and Azure. We are able to analyze the scans and identify which policies have failed and how we can remediate them. We can customize policies as per our organization's requirements. That is very helpful for us. With the TruRisk Insights feature, security has significantly improved. In six months of using it, we see that everything is under control. We've solved many problems related to asset management, cloud configuration, and the new asset identification. If an application team has onboarded any cloud asset, we can see that. We have that information now.

Read full review

Qualys TotalCloud mindshare

Product category:

As of April 2026, the mindshare of Qualys TotalCloud in the Cloud-Native Application Protection Platforms (CNAPP) category stands at 1.7%, up from 1.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
Product	Mindshare (%)
Qualys TotalCloud	1.7%
Wiz	15.4%
Prisma Cloud by Palo Alto Networks	11.4%
Other	71.5%

Cloud-Native Application Protection Platforms (CNAPP)

PeerResearch reports based on Qualys TotalCloud reviews

Type	Title	Date
Category	Cloud-Native Application Protection Platforms (CNAPP)	Apr 30, 2026	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2026	Download
Comparison	Qualys TotalCloud vs Wiz	Apr 30, 2026	Download
Comparison	Qualys TotalCloud vs Prisma Cloud by Palo Alto Networks	Apr 30, 2026	Download
Comparison	Qualys TotalCloud vs SentinelOne Singularity Cloud Security	Apr 30, 2026	Download

Valuable Features

Qualys TotalCloud's valuable features include accurate reporting, zero-day attack detection, unified vulnerability and threat assessment, continuous monitoring, and automated remediation. Its cloud security capabilities, agent versatility, single prioritized risk view, and integration with cloud accounts improve security posture management and efficiency. Features like TruRisk Insights, FlexScan, and customizable dashboards enhance vulnerability detection. The platform automates processes, offers comprehensive visibility, and provides clear attack path visualizations, reducing manual intervention. Its intuitive interface and API integration simplify complex security operations.

"Qualys TotalCloud is an excellent platform, and the beauty of the platform is that we can get all the vulnerabilities, see all the reports in a single dashboard, view them segregated, and easily learn about critical, high, and medium findings with appropriately provided remediation steps."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."

Room for Improvement

Qualys TotalCloud requires enhanced reporting and clarity in remediation steps for vulnerabilities. Improvements in custom dashboards tailored to specific compliance needs, better integration options, and streamlined UI/UX are essential. Users face challenges with onboarding and need advancements in container security, including Windows support. The system should also address zero-day vulnerabilities proactively and improve its vulnerability detection for various environments while simplifying its complex licensing model. Pricing is also a concern among users.

"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"The price is very expensive, actually."

ROI

Qualys TotalCloud shows significant reductions in manual effort, estimates suggest savings of 10% to 40% in effort and costs. Users report that it saves time equivalent to three positions, with daily updates improving vulnerability management by over 50%. Integration features automate tasks, improving efficiency, with resource savings up to 90%. Strong engagement with Qualys teams enhances the system's value, though specific cost details are typically handled by financial personnel.

Pricing

Qualys TotalCloud is often perceived as expensive, but many enterprises consider the investment justified due to its comprehensive features and centralized toolset. Its pricing is competitive for larger organizations, while smaller businesses may find it less affordable. The solution provides cost-effective licensing flexibility, with varying models for different modules. Many users appreciate the seamless integration with existing products, noting that it facilitates easier tracking, monitoring, and cost management without needing additional purchases.

"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."

Popular Use Cases

Organizations primarily use Qualys TotalCloud for vulnerability management, cloud security posture management, and compliance monitoring. Core functions include continuous monitoring, application security testing, configuration compliance, and automated patching. It supports AWS, Azure, and GCP, offering agent-based scanning for containers and cloud infrastructure. Organizations benefit from a unified dashboard displaying security compliance, automated workflows for remediation, and seamless integration with existing SecOps tools like ServiceNow for enhanced security operations.

Service and Support

Qualys TotalCloud customer service receives high marks for responsiveness and helpfulness. Users appreciate their technical support and commend the team's proactive follow-ups and level of expertise. Concerns include occasional delays and varying support quality. Average ratings range between seven to nine out of ten, indicating general satisfaction despite room for improvement. Users note good documentation support. Some report long wait times, but many value the efficient real-time resolution methods provided by Qualys.

Deployment

Users found Qualys TotalCloud's initial setup straightforward and user-friendly, often completing deployment within days or weeks. Organizations appreciated the GUI-based interface and reported minimal complexity. Deployments varied depending on resources and permissions, but many completed integration without significant issues, even on hybrid models. Some required assistance for specific platform rights, while others faced challenges due to policy checks. Maintenance needs were generally low, with some needing to update or manage permissions and connections regularly.

Scalability

Qualys TotalCloud is widely recognized for its scalability, receiving ratings ranging from seven to ten out of ten. Users experience mostly positive results, noting improvements in scaling across environments and branches. Some challenges exist in management, yet organizations report successful expansion in user base and deployments. Different settings, from small to large enterprises, benefit from its scalable nature, effectively handling multiple users and diverse locations. Qualys TotalCloud adapts well to increasing demands across various sectors.

Stability

Users consistently rate Qualys TotalCloud's stability highly, often giving it scores between eight and ten. They experience minimal issues, with some noting occasional minor bugs quickly addressed by support. Downtime is rare and generally pre-communicated due to maintenance. Feedback highlights no significant problems with crashes or lags. Descriptions emphasize a reliable performance that maintains smooth operation and high uptime, with minimal disruption even during updates. Stability is deemed essential, requiring ongoing monitoring.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys TotalCloud Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	3
Large Enterprise	25

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	121
Midsize Enterprise	76
Large Enterprise	198

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

15%

Manufacturing Company

10%

Computer Software Company

Government

Construction Company

Comms Service Provider

Transportation Company

Insurance Company

Healthcare Company

Retailer

Media Company

University

Performing Arts

Logistics Company

Wholesaler/Distributor

Marketing Services Firm

Educational Organization

Energy/Utilities Company

Real Estate/Law Firm

Consumer Goods Company

Outsourcing Company

Non Profit

Renewables & Environment Company

Recreational Facilities/Services Company

Hospitality Company

Compare Qualys TotalCloud with alternative products

Learn more about Qualys TotalCloud

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?

Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.

What benefits and ROI should users look for?

Improved Security Posture: Enhances threat detection and response across clouds.
Time Savings: Automation reduces time spent on manual vulnerability management.
Resource Efficiency: Better allocation of resources through streamlined workflows.
Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys TotalCloud was previously known as Qualys TotalCloud with FlexScan.

Product Categories

Cloud-Native Application Protection Platforms (CNAPP)

Vulnerability Management

Container Security

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

SaaS Security Posture Management (SSPM)

Popular Comparisons

Datadog vs Qualys TotalCloud

SentinelOne Singularity Cloud Security vs Qualys TotalCloud

Wiz vs Qualys TotalCloud

Snyk vs Qualys TotalCloud

Microsoft Defender for Cloud vs Qualys TotalCloud

Darktrace vs Qualys TotalCloud

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Varonis Platform vs Qualys TotalCloud

Qualys VMDR vs Qualys TotalCloud

Tanium vs Qualys TotalCloud

AWS GuardDuty vs Qualys TotalCloud

CrowdStrike Falcon Cloud Security vs Qualys TotalCloud

Orca Security vs Qualys TotalCloud

JFrog Xray vs Qualys TotalCloud

AWS Security Hub vs Qualys TotalCloud

See all alternatives

Qualys TotalCloud Reviews Summary
Author info	Rating	Review Summary
IT Security Expert at Alior Bank S.A.	4.0	At Alior Bank, I find Qualys TotalCloud unifies cloud vulnerability assessment, providing prioritized risk scoring and cost benefits. It's stable, but support is slow, and compliance scanning is missing. Overall, it's a solid solution for us.
Senior Cyber Security Analyst at a financial services firm with 10,001+ employees	4.0	I’ve used Qualys TotalCloud for four years across organizations to manage cloud security, appreciating its automated compliance and risk insights, though I find the UI outdated, reporting difficult to customize, and pricing higher than alternatives.
Cyber Security Specialist at a financial services firm with 10,001+ employees	5.0	We use Qualys TotalCloud for managing AWS, Azure, and Google Cloud, which helps us identify vulnerabilities and misconfigurations. While its asset management and reporting features are valuable, the initial onboarding process can be challenging for newcomers.
Senior Information Security Engineer at a tech company with 10,001+ employees	4.0	I've used Qualys TotalCloud for three years to manage cloud security, benefiting from its threat intelligence, CI/CD integration, and risk insights, though its UI and AI capabilities could improve; overall, it's stable, scalable, and cost-efficient.
IT Manager at a consultancy with 10,001+ employees	5.0	We manage security compliance across Azure, GCP, and AWS using Qualys TotalCloud, which has boosted our compliance rate from 60% to 90%. While valuable, some features like Cloud Detection and Response need further development for full functionality.
Cyber Security Manager at RJ Corp Retail	4.5	I am evaluating Qualys TotalCloud for VAPT of cloud and internal assets. I find its unified dashboard, legitimate findings, and accessible reports excellent, despite concerns about remediation clarity and pricing. Its detection is strong, and I rate it 9/10.
Project Lead at Persistent Systems	4.5	We use Qualys TotalCloud for real-time security assessments of our cloud environment. Its AI-powered features facilitate vulnerability management and asset categorization. Improvements are needed in load speeds and vulnerability detection, though we've seen a 15-20% effort reduction.
Senior Technical Program /Product Manager at a transportation company with 10,001+ employees	3.5	We use Qualys VMDR and TotalCloud for vulnerability management across on-prem and cloud systems. It's effective for detection and asset monitoring, though container scanning needs maturity. Setup was smooth, support decent, and overall, I'd rate it a seven.

Title	Rating	Mindshare	Recommending
Datadog	4.3	N/A	97%	208 interviews Add to research
SentinelOne Singularity Cloud Security	4.4	6.5%	99%	123 interviews Add to research

Qualys TotalCloud Reviews

What is Qualys TotalCloud?

Featured Qualys TotalCloud reviews

Qualys TotalCloud mindshare

PeerResearch reports based on Qualys TotalCloud reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare Qualys TotalCloud with alternative products

Learn more about Qualys TotalCloud

Related questions

Product Categories

Popular Comparisons