Try our new research platform with insights from 80,000+ expert users

AWS GuardDuty vs Qualys TotalCloud comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
4th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Container Security (3rd), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
AWS GuardDuty
Ranking in Cloud Workload Protection Platforms (CWPP)
3rd
Average Rating
8.2
Reviews Sentiment
7.9
Number of Reviews
22
Ranking in other categories
No ranking in other categories
Qualys TotalCloud
Ranking in Cloud Workload Protection Platforms (CWPP)
10th
Average Rating
8.8
Reviews Sentiment
7.7
Number of Reviews
29
Ranking in other categories
Vulnerability Management (13th), Container Security (9th), Cloud Security Posture Management (CSPM) (10th), SaaS Security Posture Management (SSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (9th)
 

Mindshare comparison

As of April 2025, in the Cloud Workload Protection Platforms (CWPP) category, the mindshare of SentinelOne Singularity Cloud Security is 2.5%, up from 0.9% compared to the previous year. The mindshare of AWS GuardDuty is 11.9%, down from 13.4% compared to the previous year. The mindshare of Qualys TotalCloud is 1.1%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Workload Protection Platforms (CWPP)
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Terence Dube - PeerSpot reviewer
Comprehensive threat detection simplifies security management
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be useful, including more granular details in findings, such as specific user actions or historical comparisons, would be beneficial. Furthermore, managing global AWS environments requires setting up additional tools for viewing GuardDuty findings across multiple regions. A unified dashboard that aggregates findings across all regions without requiring manual aggregation could enhance convenience for users.
Sushant Samantara - PeerSpot reviewer
Helps us minimize attack surfaces by identifying root accounts and encryption issues
TotalCloud provides written explanations to guide remediation and eliminate cyber risks. While all cloud platforms offer security features, it's challenging to consolidate them into a single dashboard. Qualys TotalCloud effectively addresses this by consolidating multiple cloud platforms and subscriptions onto one dashboard. This allows users to quickly identify and mitigate misconfigurations and risks, simplifying security management. Before implementing TotalCloud, our compliance rate was approximately 50 to 60 percent. However, after adopting the platform, it has increased to 80 to 90 percent. TotalCloud also helps us minimize attack surfaces by identifying root accounts and encryption issues, thereby enhancing our overall security by 40 percent. TotalCloud offers a unified platform for assessing vulnerabilities and threats across both IaaS and PaaS environments. This unified view has improved our cloud security posture management. We gain a single, prioritized view of risks through TotalCloud's TruRisk Insights feature. This feature considers not only the QDA score but also factors in cost and other relevant elements to provide a comprehensive risk assessment. From a potentially overwhelming list of findings, TruRisk Insights prioritizes the most critical risks, allowing us to focus our efforts and resources on addressing these high-priority tasks efficiently. A single, prioritized view of risk streamlines the risk assessment process by eliminating the need to consolidate multiple sources. This comprehensive view is instrumental in communicating with other business customers who may be unaware of potential risks or misconfigurations within their resources. By identifying and informing them of these issues, we can guide them towards compliance and ensure a more secure environment. TruRisk Insights provides valuable findings by identifying vulnerabilities and misconfigurations, displaying them on a dashboard, and offering deeper insights into the attack surface. It analyzes not only internet-facing devices but also those indirectly connected, providing a comprehensive understanding of potential risks. This is crucial because even devices not directly connected to the internet can be vulnerable if they have an attack surface. TruRisk Insights also offers mitigation strategies, making it a highly useful tool for managing security risks. With the VMDR feature enabled and the Qualys Agent installed on various assets, we can identify existing vulnerabilities. TruRisk Insights then calculates risk scores, prioritizes tasks, and presents the number of findings. This allows us to focus on mitigating high-priority vulnerabilities while deferring those with lower priority, ultimately reducing overall risk. TruRisk Insights provides device details, allowing for containerization of misconfigured devices. This process involves isolating problematic devices and rectifying misconfigurations, ultimately enhancing our security posture.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would rate this solution a nine out of ten."
"The UI is very good."
"Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively."
"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."
"It saves time, makes your environment more secure, and improves compliance. PingSafe helps with audits, ensuring that you are following best practices for cloud security. You don't need to be an expert to use it and improve your security."
"I recommend SentinelOne due to its high-security capabilities, which are essential to safeguard data and systems from potential threats."
"The user-friendliness is the most valuable feature."
"We're monitoring several cloud accounts with Singularity. It is convenient to identify issues or security failures in any account. It's nice to have all the details we need to solve these issues."
"Overall, GuardDuty is a very easy-to-use tool, and I would recommend it even to those who are not tech-savvy."
"The product has automated protection powered by AI/ML, which is now far more powerful than before. It uses AI/ML in its detection algorithm, providing fast and quick results."
"What we found most valuable in Amazon GuardDuty is its threat detection feature, especially because we were monitoring a huge number of AWS accounts, so we needed a solution that would monitor for any kind of malicious activity. The monitoring aspect of the solution was great because it gave us timely notifications if and when anything happened, and Amazon GuardDuty helped keep us on our toes to make sure we took action right away."
"The correlation back end is the solution's most valuable feature."
"What I like most about Amazon GuardDuty is that you can monitor your AWS accounts across, but you don't have to pay the additional cost. You can get all your CloudTrail VPC flow logs and DNS logs all in one, and then you get the monitoring with that. A lot of times, if you had a separate tool on-premise, you would have to set up your DNS logs, so usually, Amazon GuardDuty helps with all your additional networking requirements, so I utilize it for continuous monitoring because you can't detect anything if you're not monitoring, and the solution fills that gap. If you don't do anything else first, you can deploy your firewall, and then you've got your Route 53 DNS and DNSSEC, but then Amazon GuardDuty fills that, and then you have audit requirements in AU that says, "Hey, what are your additional logs?", so you can just say, "Hey, we utilize Amazon GuardDuty." You're getting your CloudTrail, your VPC flow logs, and all your DNS logs, and those are your additional logs right there, so the solution meets a lot of requirements. Now, everything comes with a cost, but I also like that the solution also provides threat response and remediation. It's a pretty good product. I've just used it more for log analysis and that's where the value is at, the niche value. Once you do threat detection, it goes into a lot of other integrations you need to implement, so threat detection is only good as the integration, as the user that knows the tools itself, and the architecture and how it's all set up and the rules that you set within that."
"It kinda just gives us another layer of security. So it does provide some sort of comfort that we do have something that is monitoring for abnormal behavior."
"The out-of-band malware detection from the EBS volumes. It's really cool. No agents or anything needed, it automatically finds and correlates based on malware."
"GuardDuty is extensive in terms of configuration and security compliance."
"Qualys TotalCloud fulfills all these needs."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"The scalability is good as well. I would rate it ten out of ten."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."
"I appreciate TotalCloud's real-time protection and remediation features. The remediation options include automated one-click remedies and custom changes that help manage vulnerabilities efficiently."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
 

Cons

"There is room for improvement in the current active licensing model for PingSafe."
"They need more experienced support personnel."
"The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."
"It took us a while to configure the software to work well in this type of environment, as the support documents were not always clear."
"I would like additional integrations."
"PingSafe's current documentation could be improved to better assist customers during the cluster onboarding process."
"Some of the pain points in Amazon GuardDuty was the cost. When compared to some of the other services, depending on how many we had to monitor, if we had a huge range of accounts, as our accounts increased, we had a cost factor that came into play. Sometimes there were issues, for example, with findings that came up, we wanted to add notes and there were issues back then where notes couldn't be entered properly. If we wanted to leave a note such as "Okay, we have assessed this and this is how we feel", or "This is a false positive", Amazon GuardDuty wasn't allowing us to do that. Even with the suppression of certain findings, there was some issue that we had faced at one time. Those were some of the pain points of the solution."
"Improvement-wise, Amazon GuardDuty should have an overall dashboard analytics function so we could see what's in the current environment, and then in addition to that, provide best practices and recommendations, particularly to provide some type of observability, and then figure out the login side of it, based on our current environment, in terms of what we're not monitoring and what we should monitor. The solution should also give us a sample code configuration to implement that added feature or feature request. What I'd like to see in the next release of Amazon GuardDuty are more security analytics, reporting, and monitoring. They should provide recommendations and additional options that answer questions such as "Hey, what can we see in our environment?", "What should we implement within the environment?", What's recommended?" We know that cost will always be associated with that, but Amazon GuardDuty should show us the increased costs or decreased costs if we implement it or don't implement it, and that would be a good feature request, particularly with all products within AWS, just for cloud products in general because there are times features are implemented, but once they're deployed, they don't tell you about costs that would be generated along with those features. After features are deployed, there should a summary of the costs that would be generated, and projected based on current usage, so they would give us the option to figure out how long we're going to use those features and the option to keep those on or turn those off. If more services were like that, a lot more people would use those on the cloud."
"I would like to see more integration with other AWS provided services."
"Because it's a threat detection service, they need to keep up with the various threat factors because new threat factors and attack factors come up all the time."
"Cost changes. It's very expensive. If you turn on every feature, it's more than most commercial vendors. For smaller orgs, that doesn't make sense."
"An improvement would be to have a mobile version where remote workers can log in and monitor and fix issues."
"We currently find Lacework to be much better at detecting vulnerabilities than AWS GuardDuty. The engines of AWS GuardDuty have to be improved."
"The solution has to be integrated with new services that AWS adds like QuickSight, Managed Airflow, AppFlow and MWAA."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"There should be improvement from a dashboard perspective when collecting and showcasing data to lead management."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"There is room for improvement in the support."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
 

Pricing and Cost Advice

"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."
"While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses."
"I am not involved in the pricing, but it is cost-effective."
"PingSafe falls somewhere in the middle price range, neither particularly cheap nor expensive."
"It's a fair price for what you get. We are happy with the price as it stands."
"It was reasonable pricing for me."
"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."
"SentinelOne Singularity Cloud Security is costly."
"I prefer to have something on demand for myself. That's why I haven't been paying for GuardDuty specifically. AWS provides a wide range of offerings, especially in the security area."
"Pricing is determined by the number of events sent."
"The tool's licensing model is pay-as-you-go."
"We use a pay-as-you-use license, which is competitively priced in the market."
"The pricing model is pay as you go and is based on the number of events per month."
"The platform is inexpensive."
"The tool has no subscription charges."
"It can get very expensive. If you turn on every feature, it can turn into hundreds of thousands of dollars."
"TotalCloud's price is about right where I would expect it to be."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Financial Services Firm
17%
Computer Software Company
15%
Manufacturing Company
8%
Government
6%
Computer Software Company
20%
Financial Services Firm
16%
Government
13%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
What do you like most about Amazon GuardDuty?
With anomaly detection, active threat monitoring, and set correlation, GuardDuty alerts me to any unusual user behavi...
What is your experience regarding pricing and costs for Amazon GuardDuty?
GuardDuty is very cheap and operates on a pay-as-you-go basis. It's priced around a dollar per million requests, maki...
What needs improvement with Amazon GuardDuty?
GuardDuty is limited to AWS environments. While incorporating Amazon Detective for detailed investigation can be usef...
What is your experience regarding pricing and costs for Qualys TotalCloud?
It is not cheap. For smaller businesses, people running businesses with a small number of users cannot afford Qualys,...
What needs improvement with Qualys TotalCloud?
While I am still learning TotalCloud, which has the latest features introduced, I attended a Qualys event this year. ...
What is your primary use case for Qualys TotalCloud?
Sometimes I lack the details of misconfigured devices, such as cloud servers and cloud machines, which are hosted in ...
 

Also Known As

PingSafe
No data available
Qualys TotalCloud with FlexScan
 

Overview

 

Sample Customers

Information Not Available
autodesk, mapbox, fico, webroot
Information Not Available
Find out what your peers are saying about AWS GuardDuty vs. Qualys TotalCloud and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.