No more typing reviews! Try our Samantha, our new voice AI agent.

Google Cloud Security Command Center vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), SaaS Security Posture Management (SSPM) (1st)
Google Cloud Security Comma...
Ranking in Cloud Security Posture Management (CSPM)
24th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
20th
Average Rating
7.6
Reviews Sentiment
5.0
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Wiz
Ranking in Cloud Security Posture Management (CSPM)
1st
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
8.8
Reviews Sentiment
7.0
Number of Reviews
48
Ranking in other categories
Vulnerability Management (1st), Container Security (1st), Cloud Workload Protection Platforms (CWPP) (2nd), Data Security Posture Management (DSPM) (1st), Compliance Management (2nd), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of June 2026, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of Qualys TotalCloud is 2.0%, up from 1.4% compared to the previous year. The mindshare of Google Cloud Security Command Center is 1.8%, down from 2.3% compared to the previous year. The mindshare of Wiz is 13.1%, down from 26.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
ProductMindshare (%)
Wiz13.1%
Qualys TotalCloud2.0%
Google Cloud Security Command Center1.8%
Other83.1%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
RaviUpadhyay - PeerSpot reviewer
Security Consultant at HCLSoftware
Security posture has improved with automated insights but reporting and integrations still need work
The best feature of Google Cloud Security Command Center is that it is flexible to integrate with several third-party tools or services, and it is more customized. For example, it is already giving a misconfiguration and the vulnerability, and if somebody wants to do some in-depth analysis for patterns such as metrics, they can export the continuous log on the spot with that tool. From an integration point of view, I would say it is more customized with different tools. The asset discovery feature of Google Cloud Security Command Center enhances my security strategy because, nowadays, data sensitivity and data privacy are very important, and using some DLP utility, I can classify and set up rules to generate reports based on the classification in their asset discovery. This can also include data classification on Google storage buckets, and overall, Google Cloud Security Command Center has that information, which can be used for various analyses or alerts. It is very important for compliance assessment because every business is global and connects with different geographical locations, meaning each country has its own regulatory systems and internal compliance policies. Google Cloud Security Command Center has the feature to set up security postures based on which resources or assets inside Google Cloud can be marked as compliant or non-compliant, giving a risk score for immediate reporting to higher management or CISO, making it very helpful in terms of security, risk, and compliance.
Peter Whelan - PeerSpot reviewer
CISO at a computer software company with 1,001-5,000 employees
Improved our security posture thanks to comprehensive visibility
I have contacted Wiz technical support frequently. The support is excellent. We contact via an in-application portal. We can see the support cases we personally open, and also the cases that other people have opened from our company. I appreciate that feature. Generally, support gets back to us within a few days with a good answer. There was one fellow in particular who has been knocking it out of the park. He is a great support person to deal with. We are happy with the support experience. If I were to put Wiz support on a scale from one to ten, I would give them a ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"We were able to realize its benefits within 24 to 48 hours."
"Qualys TotalCloud has improved our security posture."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"Its excellent graphical interface makes the scanning process simple."
"While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices."
"I highly recommend Qualys TotalCloud to other users."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"I would definitely recommend Google Cloud Security Command Center to others."
"Most people use the threat detection dashboard."
"The compliance reporting feature helped us maintain a baseline of compliance within the information security policies."
"It simplifies compliance efforts."
"For any organization who want to think of moving to Wiz, the Security Graph feature is amazing and awesome, giving you deeper information than any other tools does and allowing a small security team to manage a massive complex cloud environment without hiring dozens of additional users to look into it."
"Wiz can accomplish this and easily provide the total inventory in the cloud, which is crucial when managing large cloud databases or environments such as AWS, Azure, or Google environments, where it's difficult to have one view for all cloud components."
"What I appreciate most about Wiz is that it has access to all project scopes."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI."
"Overall, I believe Wiz is doing a great job, simplifying many aspects for security professionals and enterprises."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The tool's most valuable feature is its attack path analysis."
 

Cons

"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"The AI capabilities have been heavily promoted, but I haven't seen a significant impact."
"Visibility can be improved along with automation."
"There is definitely room for improvement in Google Cloud Security Command Center. While the functionality is very native, compared to third-party tools that offer a variety of features for easy integrations and custom KPIs, Google Cloud Security Command Center lacks some of these functionalities, requiring complex workarounds for custom reporting, and given that customers often use hybrid environments, having a broader perspective is necessary for integration."
"Sometimes it is a very big concern and a big headache for the customer because it finds a lot of findings that could be false positives."
"It would be better if, when you get an alert type, you are able to view the regex or alert logic without having to dig through all the different options; it is difficult to find where the alert logic is because you have to go to the investigations and then actually find and search for the individual alert."
"I have seen some lagging or downtime a couple of times, but I am not sure why it happened."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"In Brazil, the cost is a significant issue due to the currency exchange rate."
"There is also alert noise in larger environments that generates duplicate alerts for the same issues under different categories."
"Wiz is agentless, which is a plus, but the runtime and real-time detection could be limited, as it is not its strength."
"We noticed some capabilities that were lacking, specifically ignoring some false-positive Issue findings. The good news - with the latest update, this has been resolved."
 

Pricing and Cost Advice

"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud is expensive."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"The cost is high, but it meets our organizational needs."
"TotalCloud's price is about right where I would expect it to be."
"Initially, it used to be relatively expensive, starting at around four or five hundred dollars."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"I wish the pricing was more transparent."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
"The cost of the other solutions is comparable to Wiz."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
18%
Financial Services Firm
14%
Construction Company
7%
Comms Service Provider
7%
Financial Services Firm
14%
Computer Software Company
13%
Comms Service Provider
7%
Hospitality Company
6%
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
10%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise10
Large Enterprise30
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your primary use case for Google Cloud Security Command Center?
I am primarily working with Google Cloud Security Command Center, which is their CSPM, and also with the next-generat...
What advice do you have for others considering Google Cloud Security Command Center?
I rate Google Cloud Security Command Center a seven and a half out of ten. While it is a ten from a security perspect...
What is your experience regarding pricing and costs for Wiz?
Wiz is fairly priced compared to competitors and fits well within a low budget. Wiz is less expensive than Microsoft ...
What needs improvement with Wiz?
An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories f...
What is your primary use case for Wiz?
I basically use it for vulnerability management, so from an admin's perspective, I am using it as an actual user of W...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about Google Cloud Security Command Center vs. Wiz and other solutions. Updated: April 2026.
900,644 professionals have used our research since 2012.