No more typing reviews! Try our Samantha, our new voice AI agent.

Google Cloud Security Command Center vs Tenable Security Center comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Google Cloud Security Comma...
Ranking in Cloud Security Posture Management (CSPM)
24th
Average Rating
7.6
Reviews Sentiment
5.0
Number of Reviews
4
Ranking in other categories
Cloud-Native Application Protection Platforms (CNAPP) (20th)
Tenable Security Center
Ranking in Cloud Security Posture Management (CSPM)
12th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
56
Ranking in other categories
Vulnerability Management (7th), Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of June 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Qualys TotalCloud is 1.6%, up from 1.2% compared to the previous year. The mindshare of Google Cloud Security Command Center is 1.5%, down from 2.0% compared to the previous year. The mindshare of Tenable Security Center is 1.7%, down from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.6%
Tenable Security Center1.7%
Google Cloud Security Command Center1.5%
Other95.2%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
RaviUpadhyay - PeerSpot reviewer
Security Consultant at HCLSoftware
Security posture has improved with automated insights but reporting and integrations still need work
The best feature of Google Cloud Security Command Center is that it is flexible to integrate with several third-party tools or services, and it is more customized. For example, it is already giving a misconfiguration and the vulnerability, and if somebody wants to do some in-depth analysis for patterns such as metrics, they can export the continuous log on the spot with that tool. From an integration point of view, I would say it is more customized with different tools. The asset discovery feature of Google Cloud Security Command Center enhances my security strategy because, nowadays, data sensitivity and data privacy are very important, and using some DLP utility, I can classify and set up rules to generate reports based on the classification in their asset discovery. This can also include data classification on Google storage buckets, and overall, Google Cloud Security Command Center has that information, which can be used for various analyses or alerts. It is very important for compliance assessment because every business is global and connects with different geographical locations, meaning each country has its own regulatory systems and internal compliance policies. Google Cloud Security Command Center has the feature to set up security postures based on which resources or assets inside Google Cloud can be marked as compliant or non-compliant, giving a risk score for immediate reporting to higher management or CISO, making it very helpful in terms of security, risk, and compliance.
reviewer1534134 - PeerSpot reviewer
Head of Information Security at a consultancy with 1,001-5,000 employees
Centralized analytics have strengthened patch visibility and support efficient regulatory reporting
From my experience, I assess the product's analytics capabilities as successful. It helped us significantly with patching and managing the risk of the patching process across all our environments, including network devices with Windows and Unix systems. The product covered several environments and gave us exactly what we needed in our environment. Tenable Security Center's centralized platform helped with risk assessment and management across our IT environments. It covered the patching process, and we previously faced many issues regarding how to patch different environments, how to monitor the patching process, and whether it was successful or not. We obtained good reports showing when patches were closed and the details of each patch, including who executed it and everything related to the patching process until it was closed. This gave us good details about the process which helped us significantly in our reporting and even in audits, whether internal or external. We learned how to close audit issues safely and successfully. We used the dashboards for real-time threat insights and extracted several dashboards from Tenable Security Center. We use these dashboards in our cybersecurity dashboard and committees that we have. These dashboards are part of our committees, especially the cybersecurity committee and other committees that we attend.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"TotalCloud provides the easiest and the best approach for cloud infrastructure management."
"CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"The scalability is good as well. I would rate it ten out of ten."
"The best part I like is the on-demand scans."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"I would definitely recommend Google Cloud Security Command Center to others."
"Most people use the threat detection dashboard."
"It simplifies compliance efforts."
"The compliance reporting feature helped us maintain a baseline of compliance within the information security policies."
"The scans are the most valuable aspect of this solution."
"Tenable.sc is user-friendly."
"Has a great advanced scanning feature."
"The tool gives us fewer false positives. Compared to its competitors, the solution’s reports are more accurate."
"The solution is completely stable and operation is user-friendly."
"The most effective feature of Tenable Security Center for detecting vulnerabilities is its capability for critical mapping."
"The customer service and support team at Tenable were extremely helpful."
"It is a much better solution than other competitors and provides almost everything that is required in terms of vulnerability management."
 

Cons

"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"The price is very expensive, actually."
"The cost of Qualys TotalCloud is high and could be more competitive."
"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"I think Qualys TotalCloud needs to improve its handling of zero-day vulnerabilities and supply chain management because modern ransomware attacks not only target prime critical infrastructures but also the supply chain system."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"The AI capabilities have been heavily promoted, but I haven't seen a significant impact."
"There is definitely room for improvement in Google Cloud Security Command Center. While the functionality is very native, compared to third-party tools that offer a variety of features for easy integrations and custom KPIs, Google Cloud Security Command Center lacks some of these functionalities, requiring complex workarounds for custom reporting, and given that customers often use hybrid environments, having a broader perspective is necessary for integration."
"Visibility can be improved along with automation."
"Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."
"The reports and plugins for reports and scans could benefit from enhancements."
"Tenable's technical support has declined in quality over time. While they used to be excellent, achieving ratings of eight or nine, they now rate around six or seven due to longer response times and less thorough assistance."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."
"Though reasonable, the main competitor of Tenable SC, Rapid7, offers a more aggressive and better priced product."
"One of the challenges that we may have experienced with that platform would be the flexibility of how to modify or create."
"The pricing is reasonable, but this could be brought down more aggressively, such as we see with Rapid7, Tenable SC's main competitor."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"The cost is high, but it meets our organizational needs."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"TotalCloud's price is about right where I would expect it to be."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Initially, it used to be relatively expensive, starting at around four or five hundred dollars."
"Tenable SC is priced per asset, with the basic solution starting around US$12,000 for 500 assets."
"The licensing costs for this solution are approximately $100,000 US, and I think that covers everything."
"My company needs to make yearly payments towards the licensing costs. The pricing of the solution falls in the mid-range level, so it is not too expensive"
"The price of Tenable SC is expensive, we pay approximately €70,000 for the license annually. We have to pay for each IP test. The cost of other solutions is far less, such as Nessus Professional, which is €3,000 annually."
"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."
"It is a bit expensive. Everything is included in the license."
"We pay around 60,000 on a yearly basis."
"We're happy with the licensing cost and find it affordable."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
18%
Financial Services Firm
14%
Construction Company
7%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
13%
Comms Service Provider
7%
Hospitality Company
6%
Financial Services Firm
12%
Manufacturing Company
11%
Government
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business22
Midsize Enterprise12
Large Enterprise27
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your primary use case for Google Cloud Security Command Center?
I am primarily working with Google Cloud Security Command Center, which is their CSPM, and also with the next-generat...
What advice do you have for others considering Google Cloud Security Command Center?
I rate Google Cloud Security Command Center a seven and a half out of ten. While it is a ten from a security perspect...
What is your experience regarding pricing and costs for Tenable SC?
The price of Tenable Security Center is not so high; it's relatively a cheaper solution.
What needs improvement with Tenable SC?
We did conduct a long implementation which relates to what I think can be improved about Tenable Security Center. In ...
What is your primary use case for Tenable SC?
The typical use case for Tenable Security Center is that it is an on-premise solution, and it can use the agent and a...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Tenable.sc, Tenable Unified Security, Tenable SecurityCenter
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
Find out what your peers are saying about Google Cloud Security Command Center vs. Tenable Security Center and other solutions. Updated: April 2026.
900,644 professionals have used our research since 2012.