No more typing reviews! Try our Samantha, our new voice AI agent.

CloudPassage vs Tenable Security Center comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
CloudPassage
Ranking in Cloud Security Posture Management (CSPM)
41st
Average Rating
8.0
Number of Reviews
2
Ranking in other categories
Cloud Workload Protection Platforms (CWPP) (26th)
Tenable Security Center
Ranking in Cloud Security Posture Management (CSPM)
12th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
56
Ranking in other categories
Vulnerability Management (7th), Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of June 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Qualys TotalCloud is 1.6%, up from 1.2% compared to the previous year. The mindshare of CloudPassage is 0.7%, up from 0.1% compared to the previous year. The mindshare of Tenable Security Center is 1.7%, down from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.6%
Tenable Security Center1.7%
CloudPassage0.7%
Other96.0%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
it_user854058 - PeerSpot reviewer
Lead Information Security Engineer
It helped us be more aware of what our security posture is, but not all of the features work in my environment
I would say CloudPassage is very useful for certain things. If you just want a few modules then focus on what you need and negotiate the price based on the individual module, rather than looking at the whole thing, because I didn't find all the modules very useful. Also, use Splunk in combination with it if you want reporting. I would give CloudPassage at least a seven out of 10. I rate it on the high-end because of the customer support - I've never seen any support that is comparable to that, it's very good, excellent. The support staff actually care, they actually follow up; it's very nice. And CloudPassage really listens to its customers. The product itself is very nice if you're only looking to check off your compliance requirements, but if you're looking for more of dashboarding and things like that, CloudPassage is improving but it's not quite there.
reviewer1534134 - PeerSpot reviewer
Head of Information Security at a consultancy with 1,001-5,000 employees
Centralized analytics have strengthened patch visibility and support efficient regulatory reporting
From my experience, I assess the product's analytics capabilities as successful. It helped us significantly with patching and managing the risk of the patching process across all our environments, including network devices with Windows and Unix systems. The product covered several environments and gave us exactly what we needed in our environment. Tenable Security Center's centralized platform helped with risk assessment and management across our IT environments. It covered the patching process, and we previously faced many issues regarding how to patch different environments, how to monitor the patching process, and whether it was successful or not. We obtained good reports showing when patches were closed and the details of each patch, including who executed it and everything related to the patching process until it was closed. This gave us good details about the process which helped us significantly in our reporting and even in audits, whether internal or external. We learned how to close audit issues safely and successfully. We used the dashboards for real-time threat insights and extracted several dashboards from Tenable Security Center. We use these dashboards in our cybersecurity dashboard and committees that we have. These dashboards are part of our committees, especially the cybersecurity committee and other committees that we attend.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We were able to realize its benefits within 24 to 48 hours."
"TruRisk Insights is the most important innovation they've released this year."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"In my opinion, this is the best tool."
"I highly recommend Qualys TotalCloud to other users."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"CloudPassage allowed us to implement changes that affected hundred of servers within our environments in seconds."
"Key features are the Software Vulnerability Assessment and the CSM, which is the configuration check."
"Policies are very easy to manage on a day-to-day basis."
"Our scores let us know when to trigger workflow to go out in a patch, it has reduced the amount of time we had to take to manually verify software and check our updates, and it helped us be more aware of what our security posture is."
"The most valuable features of Tenable SC are scanning, reporting, dashboards, and automation."
"Technical support is excellent. They are extremely responsive and very helpful."
"Support is knowledgeable."
"Has a great advanced scanning feature."
"The usability is really good; it's very intuitive and any person can use it, you do not have to be an expert in vulnerability analysis."
"I think that this is a good solution for evaluating vulnerability in the network."
"Compliance and vulnerability scans are most valuable; compliance scan helps in validating how our teams are complying, and vulnerability scan helps in future-proofing, and its vulnerability detection is accurate."
"The solution is completely stable and operation is user-friendly."
 

Cons

"There is room for improvement in the support."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"In the CSM module the policies are really hard to work with it. It is not very flexible at all. I would suggest that they change that. Right now, the scan is based on the group that the server is in. What happens if the server is in multiple groups?"
"Anything outside of the software vulnerability management and the CSM, things like the GhostPort, need some improvement. The dashboard is in beta. It looks really good, I wish it would come out of beta."
"The reports and graphs are unintuitive."
"Of all the advertised functions, I only find two things that really work in my environment, even though I wanted to use all of them. They're not flexible enough to be used."
"Their tier-one, initial tech support is pretty bad."
"Its reporting can be improved. It is not easy to generate a scan report the way we want. The data is okay, but we can't easily change the template to make it look the way we want."
"Deploying Tenable.sc is highly complex because it's an on-prem solution, whereas Tenable.io is cloud-based, so you can go live as soon as you log in. Tenable.sc involves significant integration with other on-prem solutions, and the deployment takes about two to three weeks with the help of a system integrator"
"The solution is expensive."
"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."
"It's important for Tenable to catch up on testing capabilities that are present in solutions like Qualys."
"A good plugin editor would be a good additional option for the Security Center."
"The GUI could be improved to have all concerns and priorities use the same GUI, allowing them to see all tickets, assign vulnerabilities, and assign variation failures to each member of their team."
 

Pricing and Cost Advice

"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"The cost is high, but it meets our organizational needs."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"We also evaluated VMware NSX, but the pricing and features available in a CloudPassage implementation were decisive in deciding to go with CP."
"CloudPassage is a little bit on the expensive side. So my suggestion is that the company lower its price point a wee bit or sell modules, separate them in modules, because I only find two things that are useful to me, yet I pay for four or five modules. It didn't seem like it was a fair deal."
"The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."
"Tenable SC is priced per asset, with the basic solution starting around US$12,000 for 500 assets."
"The tool costs around 15,000 Saudi riyals monthly."
"This solution's price is quite high."
"The licensing costs for this solution are approximately $100,000 US, and I think that covers everything."
"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."
"Compared to other companies or other products it could maybe be a little bit less, but the price is okay. I would say it's not very expensive."
"The price can start at €10,000 ($13,000 USD) for between 500 and 1,000 assets, and the price can climb into the millions as more assets are added."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
900,747 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
18%
Financial Services Firm
14%
Construction Company
7%
Comms Service Provider
7%
Comms Service Provider
14%
Manufacturing Company
14%
Financial Services Firm
10%
Construction Company
8%
Financial Services Firm
12%
Manufacturing Company
11%
Government
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business22
Midsize Enterprise12
Large Enterprise27
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Tenable SC?
The price of Tenable Security Center is not so high; it's relatively a cheaper solution.
What needs improvement with Tenable SC?
We did conduct a long implementation which relates to what I think can be improved about Tenable Security Center. In ...
What is your primary use case for Tenable SC?
The typical use case for Tenable Security Center is that it is an on-premise solution, and it can use the agent and a...
 

Also Known As

Qualys TotalCloud with FlexScan
CloudPassage Halo
Tenable.sc, Tenable Unified Security, Tenable SecurityCenter
 

Overview

 

Sample Customers

Information Not Available
Citrix
IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
Find out what your peers are saying about CloudPassage vs. Tenable Security Center and other solutions. Updated: April 2026.
900,747 professionals have used our research since 2012.