No more typing reviews! Try our Samantha, our new voice AI agent.

Qualys Enterprise TruRisk Platform vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st)
Qualys Enterprise TruRisk P...
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
16th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
7
Ranking in other categories
Cloud and Data Center Security (10th)
Wiz
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
1st
Average Rating
8.8
Reviews Sentiment
7.0
Number of Reviews
49
Ranking in other categories
Vulnerability Management (1st), Container Security (1st), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (1st), Data Security Posture Management (DSPM) (1st), Compliance Management (1st), Cloud Detection and Response (CDR) (1st), AI Security (4th)
 

Mindshare comparison

As of July 2026, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of Qualys TotalCloud is 2.1%, up from 1.4% compared to the previous year. The mindshare of Qualys Enterprise TruRisk Platform is 0.8%, up from 0.1% compared to the previous year. The mindshare of Wiz is 12.7%, down from 26.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
ProductMindshare (%)
Wiz12.7%
Qualys TotalCloud2.1%
Qualys Enterprise TruRisk Platform0.8%
Other84.4%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
PK
VP – Head PM O at Vodafone Idea Ltd.
Governance dashboards have improved risk visibility but still need smarter automated decisions
The governance part is the most prominent area for improvement. We want to have a dashboard with just one click where the KPIs are pre-configured as per the business requirement and those things are monitored on a regular basis to check how things are moving. Governance and high-level management or board level visibility matter the most. We are trying to incorporate artificial models which can take care of many things that are currently taken care of manually or through certain jobs so that they can be automated with the help of AI models or agents. We will progress as the AI model matures with pattern learning and all those things. We want self-decision capabilities. Not just analysis and giving alerts, but even taking decisions of actions and performing those actions. The first step would be to not only alert that there is an issue or threat, but to evaluate the threat itself in generality and suggest something. The second step is where those suggestions will definitely have some good minds working on them, but only if they are suitable will we make it as a learning model. Otherwise, we will discard and modify those things. The second level would be to let the learning model learn and then gradually figure out whether we can delegate the decision in the sense of the action that they can perform, see it and then evaluate whether it is falling in line as per the expectation. This is how we will progress on a use case basis only.
Peter Whelan - PeerSpot reviewer
CISO at a computer software company with 1,001-5,000 employees
Improved our security posture thanks to comprehensive visibility
I have contacted Wiz technical support frequently. The support is excellent. We contact via an in-application portal. We can see the support cases we personally open, and also the cases that other people have opened from our company. I appreciate that feature. Generally, support gets back to us within a few days with a good answer. There was one fellow in particular who has been knocking it out of the park. He is a great support person to deal with. We are happy with the support experience. If I were to put Wiz support on a scale from one to ten, I would give them a ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I appreciate TotalCloud's real-time protection and remediation features. The remediation options include automated one-click remedies and custom changes that help manage vulnerabilities efficiently."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"I found the initial setup user-friendly."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"The best part I like is the on-demand scans."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"Qualys Enterprise TruRisk Platform is considered a good leader in its field."
"Qualys offers versatility. It can function both with and without agents, offering flexibility in deployment. Furthermore, it provides comprehensive support for various systems such as Windows Server, Unix servers, and databases, including SQL, Oracle, and others for development."
"Qualys Enterprise TruRisk Platform was helpful with threat prioritization features for resource allocation, and it played a good role in our analysis and day-to-day monitoring."
"Qualys Enterprise TruRisk Platform is on the cusp of a lot of new advances that they bring to the table, which is what we also appreciate."
"The favorite feature of Qualys Enterprise TruRisk Platform is that it provides the whole information of a particular vulnerability, including a comprehensive summary, related CVEs and CVSS score, which helps understand potential risks and allows the output to be exported in various formats like CSV, PDF, or JSON."
"Qualys Enterprise TruRisk Platform has impacted my organization positively by helping us prioritize risks and mitigate them one after the other, classifying risks based on critical, high, and medium so we can look at them effectively."
"Qualys Enterprise TruRisk Platform is a fantastic tool; it is kind of expensive, but it is indispensable, and it is not something that we can do away with."
"Wiz distinguished itself immediately in the PoC, surfacing important issues that were entirely missed by both the products we were already using and other CNAPP's that we tested."
"The security baseline and vulnerability assessments is the valuable feature."
"The biggest impact Wiz has had on our organization is improved visibility and better prioritization, as previously mentioned."
"Wiz can accomplish this and easily provide the total inventory in the cloud, which is crucial when managing large cloud databases or environments such as AWS, Azure, or Google environments, where it's difficult to have one view for all cloud components."
"Wiz has helped my organization by allowing us to analyze the critical issues and providing the best way to mitigate these issues with step-by-step guidance."
"One of the things that Wiz has done well is that there are no agents for the CSPM, at least from what we are doing, and it is very easy to roll out, easy to configure, maintain, and generally it does what it says it does with few issues."
"Wiz has positively impacted my organization by stopping security incidents, giving us full visibility in our cloud environments, and providing us with the confidence that we can use the tool not just for security but also for operations tooling, DevOps, code scanning, and all of the above."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
 

Cons

"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"Their customer support needs improvement."
"I think Qualys TotalCloud needs to improve its handling of zero-day vulnerabilities and supply chain management because modern ransomware attacks not only target prime critical infrastructures but also the supply chain system."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"The experience with pricing, setup cost, and licensing for Qualys Enterprise TruRisk Platform is expensive."
"Compared to Microsoft, there were already advanced tools, so I had seen some drawbacks compared to licensing or technical side."
"The report sometimes inaccurately identifies the corresponding operating system version."
"There are areas for improvement in their support structure."
"Once we supplied 130 URLs to it for scanning one by one, and it crashed in between. We did not have any clue what happened, so we had to reach out to support."
"The only thing that needs to be improved is the number of scans per day."
"More or less, Wiz is doing well, but the false alerts at random times would be another area for improvement."
"The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that."
"Sometimes it is a very big concern and a big headache for the customer because it finds a lot of findings that could be false positives."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories for vulnerabilities and issues sometimes duplicate issues across resources, which can be hectic."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"As an extensive user of Wiz, I have noticed that one critical area Wiz is missing is context."
 

Pricing and Cost Advice

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Qualys TotalCloud is expensive."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
Information not available
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"The cost of the other solutions is comparable to Wiz."
"I wish the pricing was more transparent."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"Based on the features and capabilities, the product pricing seems reasonable."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Manufacturing Company
23%
Comms Service Provider
10%
Financial Services Firm
10%
Construction Company
8%
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
10%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise3
Large Enterprise3
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise10
Large Enterprise30
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Qualys Enterprise TruRisk Platform?
The experience with pricing, setup cost, and licensing for Qualys Enterprise TruRisk Platform is expensive. It is def...
What needs improvement with Qualys Enterprise TruRisk Platform?
I think the CTEM part of Qualys Enterprise TruRisk Platform can get better, not that anyone else is doing, but contin...
What is your primary use case for Qualys Enterprise TruRisk Platform?
The major use cases from my side for Qualys Enterprise TruRisk Platform integrate with our VMDR, Qualys VMDR. Basical...
What is your experience regarding pricing and costs for Wiz?
Wiz is fairly priced compared to competitors and fits well within a low budget. Wiz is less expensive than Microsoft ...
What needs improvement with Wiz?
An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories f...
What is your primary use case for Wiz?
I basically use it for vulnerability management, so from an admin's perspective, I am using it as an actual user of W...
 

Also Known As

Qualys TotalCloud with FlexScan
Qualys Cloud Platform
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about Qualys Enterprise TruRisk Platform vs. Wiz and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.