Qualys CyberSecurity Asset Management vs Tanium comparison

Qualys CyberSecurity Asset Management vs. Tanium

Download the complete report

Helped 900,838 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Qualys TotalCloud

Mindshare comparison

As of June 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.0%, up from 0.9% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.3%, up from 0.7% compared to the previous year. The mindshare of Tanium is 1.6%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management Mindshare Distribution
Product	Mindshare (%)
Qualys CyberSecurity Asset Management	1.3%
Qualys TotalCloud	1.0%
Tanium	1.6%
Other	96.1%

Vulnerability Management

Featured Reviews

Robert Orłowski

IT Security Expert at Alior Bank S.A.

Unified risk scoring has improved our cloud visibility and simplifies remediation priorities

Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.

Read full review

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

Enables automation and quick access to necessary information

One of the significant challenges Qualys is discovery, which I know Microsoft excels at. I can't recall how well Qualys performs this function; it seems I might be missing some details. However, if there's one key aspect to focus on, it's discovery—the ability to identify assets that you are not aware of, even when you can see they are present. Understanding what those assets are is crucial. With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system. The features within Qualys are limited to what they have developed. Sometimes a complete overview is needed to push to a Power BI dashboard, Splunk, ServiceNow, or other platforms. The export process is incredibly challenging. We needed a developer to write a hundred-line Python script that would loop over certain assets due to export limitations. Qualys CyberSecurity Asset Management could improve its integration capabilities. While it generates substantial data, correlating it with other data sources can be challenging. The export process is difficult, and pre-built integrations with other tools could be enhanced for better process implementation.

Read full review

Mairajuddin Ahmed

Division Manager, Information Technology at a legal firm with 51-200 employees

Centralized policies have improved remote endpoint control and have simplified data visibility

The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."

"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."

"The most valuable feature is extensibility."

"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."

"I found the initial setup user-friendly."

"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."

"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."

"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."

More Qualys TotalCloud pros

"The main thing I appreciate about Qualys CyberSecurity Asset Management is the cloud environment while tracking software and zero-day vulnerability risk, alongside asset discovery and tagging, as well as attack surface management."

"I mainly appreciate Qualys CyberSecurity Asset Management for its patch management capabilities, which are essential in my job for deploying patches and remediating vulnerabilities."

"Qualys CyberSecurity Asset Management offers valuable features such as continuous vendor support, rapid response times, dedicated vendor partnerships, and advanced technical capabilities for risk identification."

"Overall, I would give Qualys CyberSecurity Asset Management a nine out of ten."

"I would rate Qualys CyberSecurity Asset Management ten out of ten."

"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."

"The most valuable feature is the Management sensor, which helps identify gaps in policy agent availability, thereby improving agent utilization."

"When you implement a dynamic tag using a query, you do not need to manually tag all the servers. It categorizes all the servers that come under that query. The tagging part is automatically done within a few minutes. It reduces the effort."

More Qualys CyberSecurity Asset Management pros

"The security features are very valuable."

"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."

"The product is granular and can build complex roles compared to other EDR vendors."

"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."

"Tanium is a very good product and I would rate it eight or nine out of ten."

"Tanium's most valuable features are patch management, inventory, and distribution software."

"Tanium is used for endpoint management, specifically patching and configuration management."

"I would say Tanium is the best tool for vulnerability management."

More Tanium pros

Cons

"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."

"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."

"The support process is inefficient due to the excessive number of replies required when submitting tickets."

"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."

"Although TotalCloud is a helpful tool, some of its advanced features are still under development."

"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."

"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."

"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."

More Qualys TotalCloud cons

"I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating process."

"The UI and menu navigation has improved significantly, however, the menus could still be clunky, making navigation within the assets challenging."

"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."

"We have had challenges modifying the agent configuration. Particularly, when we want to change the tenant that the agent is pointing to, we have had difficulties making that reliable and working properly."

"With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system."

"One downside of Qualys CyberSecurity Asset Management is that I would prefer to see a more interactive dashboard."

"The only minor issue is occasionally being redirected to multiple teams, causing slight delays."

"Integration of Qualys CyberSecurity Asset Management, particularly with ServiceNow, takes a very long time, and it needs prioritization of patch rules based on vulnerability risk."

More Qualys CyberSecurity Asset Management cons

"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."

"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."

"The most painful thing is the interface. It's a bit unclear sometimes."

"The solution can give a lot of false positives."

"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."

"Our biggest issue with the solution is its lack of mobility."

"They could improve the UI."

"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."

More Tanium cons

Pricing and Cost Advice

"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."

"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."

"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."

"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."

More Qualys TotalCloud pricing and cost advice

"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."

"Qualys offers excellent value for money."

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."

"The pricing is market-competitive."

"The cost for Qualys CyberSecurity Asset Management is high."

"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."

"The pricing for Qualys CSAM is nominal."

"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."

More Qualys CyberSecurity Asset Management pricing and cost advice

"It's an expensive solution. It would be nice if the cost were lower."

"It is higher than some competitors in the market."

"The product's pricing differs from region to region depending on negotiations and the number of endpoints."

"The solution offers value for money."

"There is an annual license required to use this solution."

"The solution is expensive but it's a good investment."

"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

900,838 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

17%

Financial Services Firm

14%

Construction Company

Comms Service Provider

Financial Services Firm

15%

Computer Software Company

Manufacturing Company

Comms Service Provider

Financial Services Firm

14%

Government

10%

Manufacturing Company

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	3
Large Enterprise	29

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	2
Large Enterprise	23

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	3
Large Enterprise	12

Questions from the Community

What is your experience regarding pricing and costs for Qualys TotalCloud?

The price is very expensive, actually.

What needs improvement with Qualys TotalCloud?

Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...

What is your primary use case for Qualys TotalCloud?

Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...

What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?

I'm not entirely sure about the pricing; I don't know.

What needs improvement with Qualys CyberSecurity Asset Management?

I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating ...

What is your primary use case for Qualys CyberSecurity Asset Management?

I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection...

What needs improvement with Tanium?

While there is always room for improvement, I am pleased with Tanium.

What is your primary use case for Tanium?

The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...

What advice do you have for others considering Tanium?

For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...

Microsoft Defender for Cloud vs Qualys TotalCloud

Comparisons

Wiz vs Qualys TotalCloud

Compared 12% of the time

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Compared 6% of the time

JupiterOne vs Qualys TotalCloud

Compared 5% of the time

Nucleus Security vs Qualys TotalCloud

Compared 5% of the time

More Qualys TotalCloud Competitors

Axonius vs Qualys CyberSecurity Asset Management

Compared 6% of the time

Armis vs Qualys CyberSecurity Asset Management

Compared 5% of the time

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Compared 4% of the time

Bitsight vs Qualys CyberSecurity Asset Management

Compared 4% of the time

Rapid7 Metasploit vs Qualys CyberSecurity Asset Management

Compared 4% of the time

More Qualys CyberSecurity Asset Management Competitors

CrowdStrike Falcon vs Tanium

Compared 6% of the time

Microsoft Defender for Endpoint vs Tanium

Compared 4% of the time

BigFix vs Tanium

Compared 4% of the time

NinjaOne vs Tanium

Compared 3% of the time

Microsoft Configuration Manager vs Tanium

Compared 3% of the time

More Tanium Competitors

Product Reports

Qualys TotalCloud

Download Qualys TotalCloud product report

Qualys CyberSecurity Asset Management

Download Qualys CyberSecurity Asset Management product report

Qualys CyberSecurity Asset Management report

Download Tanium product report

Tanium

May 2026

Also Known As

Qualys TotalCloud with FlexScan

No data available

Tanium Inc Cloud, Tanium XEM

Overview

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?

Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.

What benefits and ROI should users look for?

Improved Security Posture: Enhances threat detection and response across clouds.
Time Savings: Automation reduces time spent on manual vulnerability management.
Resource Efficiency: Better allocation of resources through streamlined workflows.
Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys

Qualys CyberSecurity Asset Management provides key features including asset inventory management, end-of-life tracking, dynamic tagging, and integration with CMDB, offering extensive visibility and support for proactive threat response.

Qualys offers comprehensive visibility across hardware and software assets, aiding in tracking unauthorized applications and facilitating automated vulnerability remediation. Its user-friendly interface and dynamic risk scoring enhance security posture management. Users leverage it for vulnerability management and compliance, benefiting from real-time risk identification and efficient operations in cloud and on-premises environments.

What are the key features of Qualys CyberSecurity Asset Management?

Asset Inventory Management: Provides detailed visibility over hardware and software assets.
End-of-Life Tracking: Helps identify technical debt by pinpointing outdated hardware and software.
Dynamic Tagging: Allows flexible classification and categorization of assets.
Real-Time Risk Identification: Detects risks as they arise, enhancing threat response capabilities.
CMDB Integration: Streamlines data integration for comprehensive asset insights.

What benefits should users look for in Qualys reviews?

Improved Security Posture: Enables proactive threat management and streamlined operations.
Efficient Remediation: Automates vulnerability management and patch deployment.
User-Friendly Operations: Simplifies cybersecurity operations with an intuitive interface.
Comprehensive Asset Visibility: Offers unparalleled insight into organizational assets.
Scalable Solutions: Facilitates asset tracking across cloud and on-premises environments.

Cybersecurity teams in various industries, such as financial services, healthcare, and manufacturing, utilize Qualys to manage technical debt through end-of-life tracking and facilitate robust patch management. It supports compliance and visibility initiatives, essential for maintaining data integrity and operational security in dynamic environments.

Qualys

Tanium offers robust endpoint protection, patching, and inventory management, consolidating the functions of tools like BigFix with capabilities in incident response, network security, and cloud or on-premise deployments.

Known for real-time capabilities, Tanium provides detailed analytics, security features, and device management. Users benefit from quick implementation, real-time updates, and patching campaigns. Despite its strengths, integration and custom plugin expansion remain areas to improve, along with data visualization and network optimization. Reporting enhancements and user training could advance its usability, and some UI elements may require updates for clarity and security.

What are the essential features of Tanium?

Detailed Analytics: Provides actionable insights for better decision-making.
Security Capabilities: Offers strong defense measures against threats.
Real-Time Queries: Facilitates immediate information access.
Patch Management: Streamlines software updates across devices.
Device Management: Efficiently handles comprehensive inventory and monitoring tasks.

What benefits should users expect?

Ease of Use: Simplifies complex IT tasks.
Scalability: Adapts to growing IT infrastructure needs.
Integration Flexibility: Merges with existing systems effortlessly.
Real-Time Updates: Ensures current data availability for informed actions.

Tanium's deployment spans industries focusing on endpoint protection and compliance, ensuring reliable device and server management in settings where safety and quick adaptation are critical. Organizations use it for application deployment, compliance checks, and integrating it as an EDR solution, enhancing overall security and operational efficiencies.

Tanium

Sample Customers

Information Not Available

JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life

Qualys CyberSecurity Asset Management vs. Tanium