Try our new research platform with insights from 80,000+ expert users

AWS GuardDuty vs Qualys TotalCloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Container Security (3rd), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
3rd
Average Rating
8.2
Reviews Sentiment
7.9
Number of Reviews
22
Ranking in other categories
No ranking in other categories
Qualys TotalCloud
Ranking in Cloud Workload Protection Platforms (CWPP)
10th
Average Rating
8.8
Reviews Sentiment
7.7
Number of Reviews
29
Ranking in other categories
Vulnerability Management (13th), Container Security (9th), Cloud Security Posture Management (CSPM) (10th), SaaS Security Posture Management (SSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (9th)
 

Mindshare comparison

As of April 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.5%, up from 0.9% compared to the previous year. The mindshare of AWS GuardDuty is 11.9%, down from 13.4% compared to the previous year. The mindshare of Qualys TotalCloud is 1.1%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Terence Dube - PeerSpot reviewer
Comprehensive threat detection simplifies security management
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be useful, including more granular details in findings, such as specific user actions or historical comparisons, would be beneficial. Furthermore, managing global AWS environments requires setting up additional tools for viewing GuardDuty findings across multiple regions. A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.
Sushant Samantara - PeerSpot reviewer
Helps us minimize attack surfaces by identifying root accounts and encryption issues
TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management. Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent. TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management. We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently. A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment. TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks. With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk. TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The UI is very good."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"We use the infrastructure as code scanning, which is good."
"Overall, I would rate SentinelOne Singularity Cloud Security a ten out of ten."
"My favorite feature is Storyline."
"It integrates very well. We sell different products from different vendors. We know that the SentinelOne Singularity platform can be integrated with several different solutions from different vendors."
"Cloud Native Security is a tool that has good monitoring features."
"Overall, GuardDuty is a very easy-to-use tool, and I would recommend it even to those who are not tech-savvy."
"The way it monitors accounts is definitely a very important feature."
"AWS GuardDuty helps by providing continuous threat detection and signaling potential threats. Its most valuable feature is continuous monitoring. The tool's integration with other AWS services has improved security. It provides continuous monitoring and intelligent threat detection, quickly signaling any issues. I would rate this improvement a seven out of ten."
"The most valuable features are the single system for data collection and the alert mechanisms."
"The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware."
"It helps us detect brute-force attacks based on machine learning."
"The correlation back end is the solution's most valuable feature."
"It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Qualys TotalCloud fulfills all these needs."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"The platform's unified view of the organization proves particularly valuable for leadership team meetings."
"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
 

Cons

"It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background."
"For SentinelOne, improvements could be made in managing Internet dependency as cloud-based operations can pose challenges in environments with limited connectivity."
"Customized queries should be made easier to improve PingSafe."
"The areas with room for improvement include the cost, which is higher compared to other security platforms. The dashboard can also be laggy."
"They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding."
"It would be really helpful if the solution improves its agent deployment process."
"The cloud-based operations might pose challenges in areas with limited or unavailable internet connectivity. Desktop features might be useful for smaller organizations with less complex security needs."
"While it is good, I think the solution's console could be improved."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"GuardDuty is limited to AWS environments."
"The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA."
"I would like to see more integration with other AWS provided services."
"It would be great if the solution had some automation capabilities."
"While sending the alerts to the email, they are not being patched. we have to do the patching and mapping manually. If GuardDuty could include a feature to do this automatically, it will make our job easier. That is something I believe can be improved."
"Amazon GuardDuty could be better enriched in threat intelligence data."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"The support is not up to the mark and seems to be overburdened."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"Their customer support needs improvement."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
 

Pricing and Cost Advice

"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"PingSafe is priced reasonably for our workload."
"The features included in PingSafe justify its price point."
"PingSafe is fairly priced."
"PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price."
"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."
"While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses."
"The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"
"The platform is inexpensive."
"The tool has no subscription charges."
"I prefer to have something on demand for myself. That's why I haven't been paying for GuardDuty specifically. AWS provides a wide range of offerings, especially in the security area."
"Pricing is determined by the number of events sent."
"I don't have all the details in terms of licensing for Amazon GuardDuty, but my organization does have a license set up for it."
"On a scale of one to ten, where one is a high price, and ten is a low price, I rate the pricing a four or five, which is somewhere in the middle."
"The price of the solution is exactly right."
"In terms of the costs associated with Amazon GuardDuty, it was $1 per GB from what I recall. Pricing was based on per gigabyte. For example, for the first five hundred gigabytes per month, it'll be $1 per GB, so it'll be $500. If your usage was greater, there's another bracket, for example, the next two thousand GB, then there's an add-on cost of 50 cents per GB. That's how Amazon GuardDuty pricing slowly goes up. I can't remember if there was any kind of additional cost apart from standard licensing for the solution. Nothing else that at least comes to mind. What the service was charging was worth it. That was one good thing when using Amazon GuardDuty because my company could be in a certain tier for a certain period. My company wasn't under a licensing model where it could overestimate its usage and under-utilize its usage and pay much more. This was what made the pricing model for Amazon GuardDuty better."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
8%
Government
6%
Computer Software Company
20%
Financial Services Firm
16%
Government
14%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
What do you like most about Amazon GuardDuty?
With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavi...
What is your experience regarding pricing and costs for Amazon GuardDuty?
GuardDuty is very cheap and operates on a pay-as-you-go basis. It's priced around a dollar per million requests, maki...
What needs improvement with Amazon GuardDuty?
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be usef...
What is your experience regarding pricing and costs for Qualys TotalCloud?
It is not cheap. For smaller businesses, people running businesses with a small number of users cannot afford Qualys,...
What needs improvement with Qualys TotalCloud?
While I am still learning TotalCloud, which has the latest features introduced, I attended a Qualys event this year. ...
What is your primary use case for Qualys TotalCloud?
Sometimes I lack the details of misconfigured devices, such as cloud servers and cloud machines, which are hosted in ...
 

Also Known As

PingSafe
No data available
Qualys TotalCloud with FlexScan
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Information Not Available
Find out what your peers are saying about AWS GuardDuty vs. Qualys TotalCloud and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.