Try our new research platform with insights from 80,000+ expert users

Qualys TotalCloud pros and cons

Vendor: Qualys

4.3 out of 5

35 reviews
100% willing to recommend

Pros & Cons summary

Qualys TotalCloud offers features like FlexScan for agentless scanning and integrates with cloud platforms to manage policies efficiently. This tool provides a comprehensive overview of risk, supporting vulnerability prioritization. However, gaps exist in policy compliance and PaaS scanning. Automated reporting enhances efficiency, but limitations include cloud licensing clarity and patching prerequisites. Expanding scanning capabilities for niche devices like Wi-Fi dongles could further improve TotalCloud's effectiveness.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys TotalCloud offers agentless and on-demand scanning features like FlexScan, simplifying traditional scanning approaches.

Its ability to integrate with various cloud platforms and easily manage policies makes it a robust tool for cloud infrastructure management.

Qualys TotalCloud provides a comprehensive view of risk and security posture, helping organizations prioritize vulnerabilities with features like vulnerability and threat detection.

TotalCloud's unified platform, offering features like CSPM, EDR, XDR, and TruRisk Insights, allows for effective management of security risks.

Organizations benefit from automated reporting processes, significantly reducing time spent on creating reports and enhancing efficiency.

CONS

Qualys TotalCloud's cloud licensing unit system is unclear, as "units" are not well-defined.

Qualys TotalCloud needs improvement in its policy compliance module which involves manual work, especially in the remediation of controls.

Qualys TotalCloud can enhance its vulnerability scanning for PaaS environments due to limited access to these instances.

Patching in Qualys TotalCloud does not cover certain prerequisites on servers or workstations, requiring reliance on external tools for updates.

Qualys TotalCloud could improve scanning capabilities for niche devices like Wi-Fi dongles and USB modems, which are often untested.

Qualys TotalCloud Pros review quotes

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices.

Read full review

reviewer2540010

IT Engineer at a consultancy with 501-1,000 employees

Sep 2, 2024

Its excellent graphical interface makes the scanning process simple.

Read full review

RG

Information Technology Security Analyst at a financial services firm with 10,001+ employees

Oct 15, 2024

The most valuable feature is extensibility.

Read full review

Qualys TotalCloud

Free Report: Qualys TotalCloud Reviews and More

Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

880,685 professionals have used our research since 2012.

MR

CIO at a venture capital & private equity firm with 11-50 employees

Oct 24, 2024

One of the features I appreciate is the ability to generate daily reports without relying on anyone else.

Read full review

Works at a consultancy with 10,001+ employees

Oct 25, 2024

The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities.

Read full review

Analyst, Information Security at Infosys

Oct 28, 2024

The platform's unified view of the organization proves particularly valuable for leadership team meetings.

Read full review

BP

Bhaskar Praveen

Developer at a consultancy with 10,001+ employees

Oct 28, 2024

I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily

Read full review

Vishvanath Mulgund

IT Risk Manager at a consultancy with 10,001+ employees

Oct 29, 2024

One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us.

Read full review

Jignesh Baleshwaria

Senior Consultant at a consultancy with 10,001+ employees

Oct 29, 2024

CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs.

Read full review

reviewer2589771

Senior Information Security Analyst at a tech vendor with 5,001-10,000 employees

Oct 29, 2024

Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities.

Read full review

Show 10 more reviews (out of 35)

Qualys TotalCloud Cons review quotes

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

The cloud licensing unit system is unclear, especially since "units" aren't well-defined.

Read full review

reviewer2540010

IT Engineer at a consultancy with 501-1,000 employees

Sep 2, 2024

Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names.

Read full review

RG

Information Technology Security Analyst at a financial services firm with 10,001+ employees

Oct 15, 2024

I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one.

Read full review

Qualys TotalCloud

Free Report: Qualys TotalCloud Reviews and More

Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

880,685 professionals have used our research since 2012.

MR

CIO at a venture capital & private equity firm with 11-50 employees

Oct 24, 2024

It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w

Read full review

Works at a consultancy with 10,001+ employees

Oct 25, 2024

The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements.

Read full review

Analyst, Information Security at Infosys

Oct 28, 2024

To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution.

Read full review

BP

Bhaskar Praveen

Developer at a consultancy with 10,001+ employees

Oct 28, 2024

TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these.

Read full review

Vishvanath Mulgund

IT Risk Manager at a consultancy with 10,001+ employees

Oct 29, 2024

An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage.

Read full review

Jignesh Baleshwaria

Senior Consultant at a consultancy with 10,001+ employees

Oct 29, 2024

Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released.

Read full review

reviewer2589771

Senior Information Security Analyst at a tech vendor with 5,001-10,000 employees

Oct 29, 2024

We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments.

Read full review

Show 10 more reviews (out of 35)

Product Categories

Product Categories

Cloud-Native Application Protection Platforms (CNAPP)

Vulnerability Management

Container Security

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

SaaS Security Posture Management (SSPM)

Popular Comparisons

Popular Comparisons

Wiz vs Qualys TotalCloud

Datadog vs Qualys TotalCloud

Snyk vs Qualys TotalCloud

Microsoft Defender for Cloud vs Qualys TotalCloud

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Qualys VMDR vs Qualys TotalCloud

Varonis Platform vs Qualys TotalCloud

AWS GuardDuty vs Qualys TotalCloud

JFrog Xray vs Qualys TotalCloud

AWS Security Hub vs Qualys TotalCloud

Orca Security vs Qualys TotalCloud

Claroty Platform vs Qualys TotalCloud

Check Point CloudGuard CNAPP vs Qualys TotalCloud

Aqua Cloud Security Platform vs Qualys TotalCloud

FortiCNAPP vs Qualys TotalCloud

See all alternatives

Product Categories

Product Categories

Cloud-Native Application Protection Platforms (CNAPP)

Vulnerability Management

Container Security

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

SaaS Security Posture Management (SSPM)

Popular Comparisons

Popular Comparisons

Wiz vs Qualys TotalCloud

Datadog vs Qualys TotalCloud

Snyk vs Qualys TotalCloud

Microsoft Defender for Cloud vs Qualys TotalCloud

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Qualys VMDR vs Qualys TotalCloud

Varonis Platform vs Qualys TotalCloud

AWS GuardDuty vs Qualys TotalCloud

JFrog Xray vs Qualys TotalCloud

AWS Security Hub vs Qualys TotalCloud

Orca Security vs Qualys TotalCloud

Claroty Platform vs Qualys TotalCloud

Check Point CloudGuard CNAPP vs Qualys TotalCloud

Aqua Cloud Security Platform vs Qualys TotalCloud

FortiCNAPP vs Qualys TotalCloud

See all alternatives

Related questions

34

When evaluating Cloud-Native Application Protection Platforms (CNAPP), what aspect do you think is the most important to look for?

46

Why is a CNAPP (Cloud-Native Application Protection Platform) important?

39

What CNAPP solution do you recommend for a hybrid cloud?

59

Why are Cloud-Native Application Protection Platforms (CNAPP) tools important for companies?

47

When evaluating Cloud-Native Application Protection Platforms (CNAPP) solutions, what aspect do you think is the most important to look for?

192

Why is Cloud-Native Application Protection Platforms (CNAPP) important for companies?

23

What Cloud-Native Application Protection Platform do you recommend?