Try our new research platform with insights from 80,000+ expert users

Amazon Inspector vs Qualys TotalCloud comparison

Amazon Web Services (AWS) and Qualys are both solutions in the Vulnerability Management category. Amazon Web Services (AWS) is ranked #25 with an average rating of 8.0, while Qualys is ranked #13 with an average rating of 8.9. Additionally, 85% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.
Amazon Inspector
Read 5 Amazon Inspector reviews
  • 1,623 Views
  • 1,408 Comparison Views
85% willing to recommend
Qualys TotalCloud
Read 24 Qualys TotalCloud reviews
  • 475 Views
  • 350 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Amazon Inspector and Qualys TotalCloud compete in the cloud security solutions category. Based on comparisons, Qualys TotalCloud seems to hold an upper hand with its feature-rich platform providing better value despite Amazon Inspector's favorable pricing.

Features: Amazon Inspector provides automated security assessments for AWS workloads, integration with AWS services, and prioritization of findings. Qualys TotalCloud offers vulnerability management, policy compliance, multi-cloud support, extensive asset discovery, and integration capabilities.

Room for Improvement: Amazon Inspector could enhance multi-cloud support, expand asset discovery capabilities, and improve customer support. Qualys TotalCloud may simplify deployment processes, optimize AWS integration, and improve cost management for smaller businesses.

Ease of Deployment and Customer Service: Amazon Inspector benefits from seamless integration within AWS environments enabling quick deployment for AWS-centric businesses. Qualys TotalCloud, with its multi-cloud support, involves a more intricate deployment but offers robust customer service.

Pricing and ROI: Amazon Inspector is competitively priced for AWS-invested users offering attractive ROI with lower setup costs. Qualys TotalCloud might be costlier upfront but offers a broader feature set justifying its investment for long-term savings and benefits.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Amazon Inspector vs. Qualys TotalCloud Report (Updated: December 2024).
Buyer's Guide
Amazon Inspector vs. Qualys TotalCloud
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

Amazon Inspector
Ranking in Vulnerability Management
25th
Average Rating
8.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
IT Vendor Risk Management (7th)
Qualys TotalCloud
Ranking in Vulnerability Management
13th
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
24
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (10th), Cloud Security Posture Management (CSPM) (10th), SaaS Security Posture Management (SSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (9th)
 

Featured Reviews

Nikhil Sehgal - PeerSpot reviewer
Primarily focuses on security of EC2 instances, provides point-in-time assessments rather than real time protection but provides automated vulnerability detection
It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents. So other is dependency on agents, like, Inspector relies on agents installed on instances for deeper assessment. So managing these agents can be additional overhead. So these kinds of things. It does not even provide real-time protection. So, Inspector provides point-in-time assessment rather than continuous monitoring. So these are all cons. When it comes to false positives, it is there for most security tools as of now. I would not consider false positives a major concern. So, these are the major concerns that I found: dependency on agents, limited scope, and no real-time protection.
Read full review
Sushant Samantara - PeerSpot reviewer
Helps us minimize attack surfaces by identifying root accounts and encryption issues
TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management. Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent. TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management. We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently. A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment. TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks. With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk. TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Amazon Inspector is the categorization of findings, which filters vulnerabilities by instance, container image, container repository, and Lambda function."
"The vulnerability discovery is valuable, and they also rank those vulnerabilities for you. So, you could rapidly attack some of the higher, severe vulnerabilities as they pop up, if they do pop up."
"The automated vulnerability detection aspect is most valuable."
"The findings dashboards are neat and easy to understand, offering clear demarcations for different types of findings and detailed insights into specific vulnerabilities and their associated instances. It is not a place where everything is dumped together. It offers an easy-to-understand layout."
"The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integrate third-party tools as well. It is just a single-click option."
"Amazon Inspector is highly stable, rated ten out of ten, and this stability impacts business security and administration positively."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"I appreciate TotalCloud's real-time protection and remediation features. The remediation options include automated one-click remedies and custom changes that help manage vulnerabilities efficiently."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
More Qualys TotalCloud pros
 

Cons

"One area for improvement in Amazon Inspector is the automation aspect."
"It has a limited scope. So, AWS Inspector primarily focuses on the security of the EC2 instance. So, if your architecture includes other AWS services, then you may need to use additional tools for your comprehensive security assessment. So that is one con. Another is, like, we have a dependency on agents."
"One major area for improvement is remediation. My team works on remediating findings over time, likely using available patches. However, easier integration with Amazon's patching services would be very helpful."
"There isn't too much to improve right now. Scanning on demand or as a part of the pipeline versus a post pipeline solution would be good, but it is not a deal breaker by any means."
"There is room for improvement in the scanning capabilities. I'd like to see broader coverage in terms of the vulnerabilities detected."
"The cost of Qualys TotalCloud is high and could be more competitive."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"Their customer support needs improvement."
More Qualys TotalCloud cons
 

Pricing and Cost Advice

"The pricing is very transparent and clear."
"It is scaled as you go. There are probably a certain number of scans per month, and there are tiers. If you're under a certain tier, it is free. The second level is pennies, and then all the way up to like a million. So, it has a tiered pricing program. They're pretty good with your initial scanning, and there is room to scale based on being affordable, but it is fairly cheap. There are no additional costs. They pretty much think about it as a pay-per-scan type model."
"It's priced according to market standards for its services."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"TotalCloud's price is about right where I would expect it to be."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"I would rate the price of Qualys TotalCloud eight out of ten with ten being the most expensive."
More Qualys TotalCloud pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
12%
Government
8%
Manufacturing Company
6%
Computer Software Company
21%
Financial Services Firm
13%
Government
12%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Inspector?
The integration of Amazon Inspector with other AWS services has enhanced our security. Security Hub is a major asset because it allows us to centralize data from various AWS services. We can integ...
See all answers
What is your experience regarding pricing and costs for Amazon Inspector?
The pricing for Amazon Inspector is very fair, and I would rate it as two out of ten, with ten being the most expensive. It's on the cheaper side.
See all answers
What needs improvement with Amazon Inspector?
One area for improvement in Amazon Inspector is the automation aspect. Automation for scheduling 'turn on' and 'turn off' operations and better integration with CloudWatch for alarms could enhance ...
See all answers
What is your experience regarding pricing and costs for Qualys TotalCloud?
Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform.
See all answers
What needs improvement with Qualys TotalCloud?
Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems. Specifically, it should refine its policies and enhance support for Linux and Mac platforms.
See all answers
What is your primary use case for Qualys TotalCloud?
Our primary use case for Qualys TotalCloud is its multi-cloud capabilities. The platform's cloud-based architecture allows us to utilize agents across various hosts and domains, eliminating the nee...
See all answers
 

Comparisons

Tenable Vulnerability Management vs Amazon Inspector Logo
Tenable Vulnerability Management vs Amazon Inspector
Compared 27% of the time
Tenable Nessus vs Amazon Inspector Logo
Tenable Nessus vs Amazon Inspector
Compared 18% of the time
Microsoft Defender for Cloud vs Amazon Inspector Logo
Microsoft Defender for Cloud vs Amazon Inspector
Compared 12% of the time
Wiz vs Amazon Inspector Logo
Wiz vs Amazon Inspector
Compared 7% of the time
Tenable Cloud Security vs Amazon Inspector Logo
Tenable Cloud Security vs Amazon Inspector
Compared 3% of the time
More Amazon Inspector Competitors
Wiz vs Qualys TotalCloud Logo
Wiz vs Qualys TotalCloud
Compared 38% of the time
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud Logo
Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud
Compared 11% of the time
AWS GuardDuty vs Qualys TotalCloud Logo
AWS GuardDuty vs Qualys TotalCloud
Compared 11% of the time
AWS Security Hub vs Qualys TotalCloud Logo
AWS Security Hub vs Qualys TotalCloud
Compared 9% of the time
Qualys VMDR vs Qualys TotalCloud Logo
Qualys VMDR vs Qualys TotalCloud
Compared 8% of the time
More Qualys TotalCloud Competitors
 

Product Reports

Buyer's Guide
Amazon Inspector
December 2024
Amazon Inspector reportDownload Amazon Inspector product report
Buyer's Guide
Qualys TotalCloud
December 2024
Qualys TotalCloud reportDownload Qualys TotalCloud product report
 

Also Known As

No data available
Qualys TotalCloud with FlexScan
 

Learn More

Amazon Web Services (AWS)
Qualys
 

Overview

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API.

Amazon Inspector security assessments help you check for unintended network accessibility of your Amazon EC2 instances and for vulnerabilities on those EC2 instances. Amazon Inspector assessments are offered to you as pre-defined rules packages mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for access to your EC2 instances from the internet, remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers.

TotalCloud is the Qualys approach to Cloud Native Application Protection Platform (CNAPP) for cloud infrastructure and SaaS environments. With TotalCloud, customers extend TruRisk insights (transparent cyber risk scoring methodology) from the Qualys Enterprise TruRisk Platform to their cloud environments allowing for a seamless unified view of cyber risk across on-prem, hybrid, and multi-cloud environments. 

Features and capabilities of Qualys TotalCloud include, but are not limited to: 

Discover: Complete visibility and insights into cyber-risk exposure across multi-cloud. Continuously discover and monitor all your workloads across a multi-cloud environment for a 360-degree view of your cloud footprint. Identify known and previously unknown internet-facing assets for 100% visibility and tracking of risks.

Assess: Comprehensive cloud-native assessments with FlexScanTM. Extensive scanning capabilities with Qualys FlexScan, including no-touch, agentless, API- and snapshot-based scanning, along with agent- and network-based scanning for in-depth assessment. Use these multiple scanning methods to scan a workload to get a unified and comprehensive view of vulnerabilities and misconfigurations.

Prioritize: Unified security view to prioritize cloud risk with TruRiskTM. Experience a unified risk-based view of cloud security with insights across workloads, services, and resources. Qualys TruRisk quantifies security risk by workload criticality and vulnerabilities; it correlates with ransomware, malware, and exploitation threat intelligence to prioritize, trace, and reduce risk.

Defend: Real-time protection against evolving and unknown threats with InstaProtectTM. Qualys enables continuous monitoring of all cloud assets to ensure they are protected against threats and attacks at runtime. Qualys keeps your cloud runtime safe by detecting known and unknown threats across the entire kill chain in near real-time across a multi-cloud environment.

Remediate: Fast remediation with QFlow – no code, drag-and-drop workflows. The integration of QFlow technology into Qualys TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-priority threats, remediating misconfigurations, and quarantining high-risk assets.

 

Sample Customers

betterment, caplinked, flatiron, university of nutri dame
Information Not Available
Buyer's Guide
Amazon Inspector vs. Qualys TotalCloud
December 2024
Free Report: Amazon Inspector vs. Qualys TotalCloud
Find out what your peers are saying about Amazon Inspector vs. Qualys TotalCloud and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our Amazon Inspector vs. Qualys TotalCloud report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.