Try our new research platform with insights from 80,000+ expert users

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Qualys TotalCloud provides real-time protection and efficient vulnerability management with options for automated and custom remediation.
The platform enhances security postures by integrating with both IaaS and SaaS, making it cloud-native.
FlexScan, a feature designed for internet-facing VMs, automates data collection and scanning with minimal intervention, simplifying vulnerability management.
It offers a single, prioritized view of risks, vulnerabilities, and security postures, valuable for efficient risk management and leadership meetings.
Qualys TotalCloud includes a comprehensive suite of security features such as CSPM, Kubernetes, and container security, improving infrastructure security and compliance.

CONS

Qualys TotalCloud's cloud licensing unit system is unclear as "units" aren't well-defined.
Qualys TotalCloud needs enhancement in scanning capabilities, specifically in resolving IPs to domain names.
The default built-in policies in Qualys TotalCloud can be misleading and should be customizable when creating dashboards.
Qualys TotalCloud could improve its patching process, as it doesn't cover prerequisites on servers or workstations, requiring reliance on SCCM for additional updates.
The support process for Qualys TotalCloud lacks efficiency and could benefit from offering instant call solutions with engineers and an improved ticketing system.
 

Qualys TotalCloud Pros review quotes

Sushant Samantara - PeerSpot reviewer
Oct 31, 2024
TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA.
Vikasha Sharma - PeerSpot reviewer
Nov 1, 2024
The best part of Qualys TotalCloud is that I don't have to manage any of the infrastructure, including patching, configuration, or maintaining the solution itself.
reviewer2589771 - PeerSpot reviewer
Oct 29, 2024
Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities.
Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Eshan Kshirsagar - PeerSpot reviewer
Oct 30, 2024
It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms.
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices.
Vishvanath Mulgund - PeerSpot reviewer
Oct 29, 2024
One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us.
Himanshun Singh - PeerSpot reviewer
Nov 12, 2024
TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks.
PB
Oct 30, 2024
Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses.
AM
Nov 1, 2024
I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers.
Harshal Mahajan - PeerSpot reviewer
Oct 30, 2024
The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans.
 

Qualys TotalCloud Cons review quotes

Sushant Samantara - PeerSpot reviewer
Oct 31, 2024
Although TotalCloud is a helpful tool, some of its advanced features are still under development.
Vikasha Sharma - PeerSpot reviewer
Nov 1, 2024
To enhance risk assessment and remediation, the platform should integrate with a wider range of tools, including data from sources like Cortex or other EDRs.
reviewer2589771 - PeerSpot reviewer
Oct 29, 2024
We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments.
Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Eshan Kshirsagar - PeerSpot reviewer
Oct 30, 2024
The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed.
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
The cloud licensing unit system is unclear, especially since "units" aren't well-defined.
Vishvanath Mulgund - PeerSpot reviewer
Oct 29, 2024
An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage.
Himanshun Singh - PeerSpot reviewer
Nov 12, 2024
Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems.
PB
Oct 30, 2024
Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate.
AM
Nov 1, 2024
Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies.
Harshal Mahajan - PeerSpot reviewer
Oct 30, 2024
There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness.