Try our new research platform with insights from 80,000+ expert users

Amazon Inspector vs Qualys TotalCloud comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

Sentiment score
8.5
Amazon Inspector offers reliable customer service, with varying response times based on subscription tier, ensuring user satisfaction.
Sentiment score
8.2
Qualys TotalCloud customer service is praised for responsiveness and knowledge but criticized for inconsistency and long response times.
I have not needed to use AWS support for Inspector, which indicates that the service is almost perfect.
They are helpful, respond to my queries, and can answer any question.
Qualys's tech support is highly responsive, providing multiple ways to interact with them.
Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA.
 

Room For Improvement

Sentiment score
5.6
Amazon Inspector needs better integration, expanded vulnerability coverage, real-time protection, automation, and improved guidance for comprehensive security.
Sentiment score
5.6
Qualys TotalCloud needs simplified licensing, better dashboard reporting, Windows support, enhanced UI, and improved cost-effectiveness for wider appeal.
Automation for scheduling 'turn on' and 'turn off' operations and better integration with CloudWatch for alarms could enhance the service's functionality.
Ideally, the scanner should automatically detect and scan all subdomains, even if not explicitly defined, ensuring comprehensive vulnerability assessment.
An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage.
The response part of the Cloud Detection and Response (CDR) module can be improved.
 

Scalability Issues

Sentiment score
7.6
Amazon Inspector offers scalable vulnerability monitoring with ECR integration, popular among security teams but sometimes limited for developers.
Sentiment score
8.8
Qualys TotalCloud is highly scalable, supporting diverse businesses and locations, with consistently high ratings for handling expanding workloads.
Scalability is not an issue with Amazon Inspector as it is scalable to the maximum, covering any business scale effectively.
Qualys TotalCloud receives a perfect ten out of ten for scalability due to its effortless setup of new instances.
We started our organization about nine months back. We started with about 30 users, and we now have more than 100 users.
Our organization currently uses it to manage over 1200 web applications.
 

Setup Cost

No sentiment score available
Amazon Inspector offers a cost-effective, tiered pricing model with transparent, low-cost scans suitable for diverse organizational needs.
Sentiment score
7.7
Qualys TotalCloud offers high but justified pricing, seen as competitive and valuable with flexible licensing and comprehensive features.
The pricing for Amazon Inspector is very fair, and I would rate it as two out of ten, with ten being the most expensive.
I would rate the price of Qualys TotalCloud eight out of ten with ten being the most expensive.
Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive.
Pricing is managed by our finance team; however, Qualys TotalCloud offers cost-effective licensing flexibility.
 

Stability Issues

Sentiment score
9.5
Amazon Inspector is highly stable and reliable, receiving excellent user support and impacting business security positively.
Sentiment score
8.6
Qualys TotalCloud is highly rated for stability and reliability, ensuring smooth, consistent performance with prompt support for any issues.
Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively.
Overall, the support provided has been excellent.
It is a stable solution, which is why we chose it.
Continuous monitoring is crucial to ensure system stability and avoid vulnerabilities or threats.
 

Valuable Features

Sentiment score
8.2
Amazon Inspector offers automated vulnerability detection, categorization, and Security Hub integration for enhanced AWS security assessment across resources.
Sentiment score
8.3
Qualys TotalCloud enhances security with automatic vulnerability detection, seamless integration, comprehensive risk management, and advanced monitoring capabilities.
The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function.
This view of risk helps reduce the work we would have to do to combine multiple sources to prioritize risk.
It will help cybersecurity professionals monitor the cloud and find vulnerabilities.
We are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs.
 

Categories and Ranking

Amazon Inspector
Ranking in Vulnerability Management
24th
Average Rating
8.0
Reviews Sentiment
8.0
Number of Reviews
5
Ranking in other categories
IT Vendor Risk Management (9th)
Qualys TotalCloud
Ranking in Vulnerability Management
30th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
22
Ranking in other categories
Container Security (25th), Cloud Workload Protection Platforms (CWPP) (20th), Cloud Security Posture Management (CSPM) (22nd), SaaS Security Posture Management (SSPM) (5th), Cloud-Native Application Protection Platforms (CNAPP) (17th)
 

Featured Reviews

Nikhil Sehgal - PeerSpot reviewer
Primarily focuses on security of EC2 instances, provides point-in-time assessments rather than real time protection but provides automated vulnerability detection
It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents. So other is dependency on agents, like, Inspector relies on agents installed on instances for deeper assessment. So managing these agents can be additional overhead. So these kinds of things. It does not even provide real-time protection. So, Inspector provides point-in-time assessment rather than continuous monitoring. So these are all cons. When it comes to false positives, it is there for most security tools as of now. I would not consider false positives a major concern. So, these are the major concerns that I found: dependency on agents, limited scope, and no real-time protection.
Sushant Samantara - PeerSpot reviewer
Helps us minimize attack surfaces by identifying root accounts and encryption issues
TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management. Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent. TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management. We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently. A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment. TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks. With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk. TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Government
7%
Manufacturing Company
6%
Computer Software Company
21%
Financial Services Firm
13%
Government
12%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Inspector?
The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integ...
What is your experience regarding pricing and costs for Amazon Inspector?
The pricing is very transparent and clear, so I don't have any challenges with it. It's good.
What needs improvement with Amazon Inspector?
There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected. Right now, it's not as comprehensive as some of the third-part...
What is your experience regarding pricing and costs for Qualys TotalCloud?
The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription.
What needs improvement with Qualys TotalCloud?
I have already put in a few feature requests. There are features that I would like to have. I would like the ability to disable certain default built-in policies as they can be misleading when crea...
What is your primary use case for Qualys TotalCloud?
We use Qualys TotalCloud for compliance monitoring and compliance checking.
 

Also Known As

No data available
Qualys TotalCloud with FlexScan
 

Overview

 

Sample Customers

betterment, caplinked, flatiron, university of nutri dame
Information Not Available
Find out what your peers are saying about Amazon Inspector vs. Qualys TotalCloud and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.