Try our new research platform with insights from 80,000+ expert users

Qualys TotalCloud pros and cons

Vendor: Qualys

4.3 out of 5

35 reviews
100% willing to recommend

Pros & Cons summary

Qualys TotalCloud enhances security posture with features like vulnerability management, risk assessment, and FlexScan for easier data collection. It provides a comprehensive suite for cloud security, including Kubernetes and container security, and allows seamless asset integration across infrastructures. However, challenges include cloud licensing units, accuracy for non-Windows systems, policy compliance, patching prerequisites, and integrating with other management tools, indicating areas needing improvement for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Qualys TotalCloud significantly improves security posture with features like vulnerability management, risk assessment, and remediation capabilities.

The FlexScan feature for internet-facing VMs simplifies data collection and scanning, making it highly valuable in automating the vulnerability management process.

With capabilities like Cloud Security Posture Management, Kubernetes, and container security, Qualys TotalCloud provides a robust suite for comprehensive cloud security.

It offers extensive agent versatility, allowing seamless asset integration and continuous monitoring across cloud and on-prem infrastructures.

Qualys TotalCloud's blended approach to risk and threat detection coupled with advanced categorization and policy management greatly reduces the workload involved in security management.

CONS

Qualys TotalCloud has challenges with its cloud licensing unit system, as units are not well-defined.

There are significant concerns about the accuracy of vulnerability scanning for non-Windows operating systems and PaaS environments.

The platform needs enhancement in its policy compliance module, particularly in reducing manual work related to remediation controls.

The patching process does not cover installing necessary prerequisites on servers or workstations, requiring reliance on external tools like SCCM.

Integration capabilities with existing vulnerability management tools and hybrid infrastructure management need improvement.

Qualys TotalCloud Pros review quotes

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

While automatic inventory detection upon connection is a helpful feature, a truly valuable capability would be assessing an environment's security posture against Azure and CIS best practices.

Read full review

reviewer2540010

IT Engineer at a consultancy with 501-1,000 employees

Sep 2, 2024

Its excellent graphical interface makes the scanning process simple.

Read full review

RG

Information Technology Security Analyst at a financial services firm with 10,001+ employees

Oct 15, 2024

The most valuable feature is extensibility.

Read full review

Qualys TotalCloud

Free Report: Qualys TotalCloud Reviews and More

Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,082 professionals have used our research since 2012.

MR

CIO at a venture capital & private equity firm with 11-50 employees

Oct 24, 2024

One of the features I appreciate is the ability to generate daily reports without relying on anyone else.

Read full review

Works at a consultancy with 10,001+ employees

Oct 25, 2024

The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities.

Read full review

Analyst, Information Security at Infosys

Oct 28, 2024

The platform's unified view of the organization proves particularly valuable for leadership team meetings.

Read full review

BP

Bhaskar Praveen

Developer at a consultancy with 10,001+ employees

Oct 28, 2024

I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily

Read full review

Vishvanath Mulgund

IT Risk Manager at a consultancy with 10,001+ employees

Oct 29, 2024

One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us.

Read full review

Jignesh Baleshwaria

Senior Consultant at a consultancy with 10,001+ employees

Oct 29, 2024

CSPM is currently the most used feature, and we are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs.

Read full review

reviewer2589771

Senior Information Security Analyst at a tech vendor with 5,001-10,000 employees

Oct 29, 2024

Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities.

Read full review

Show 10 more reviews (out of 35)

Qualys TotalCloud Cons review quotes

Employee-Owner, Senior Consultant, Information Security at Keller Schroeder

Jun 10, 2024

The cloud licensing unit system is unclear, especially since "units" aren't well-defined.

Read full review

reviewer2540010

IT Engineer at a consultancy with 501-1,000 employees

Sep 2, 2024

Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names.

Read full review

RG

Information Technology Security Analyst at a financial services firm with 10,001+ employees

Oct 15, 2024

I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one.

Read full review

Qualys TotalCloud

Free Report: Qualys TotalCloud Reviews and More

Learn what your peers think about Qualys TotalCloud. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,082 professionals have used our research since 2012.

MR

CIO at a venture capital & private equity firm with 11-50 employees

Oct 24, 2024

It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w

Read full review

Works at a consultancy with 10,001+ employees

Oct 25, 2024

The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements.

Read full review

Analyst, Information Security at Infosys

Oct 28, 2024

To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution.

Read full review

BP

Bhaskar Praveen

Developer at a consultancy with 10,001+ employees

Oct 28, 2024

TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these.

Read full review

Vishvanath Mulgund

IT Risk Manager at a consultancy with 10,001+ employees

Oct 29, 2024

An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage.

Read full review

Jignesh Baleshwaria

Senior Consultant at a consultancy with 10,001+ employees

Oct 29, 2024

Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released.

Read full review

reviewer2589771

Senior Information Security Analyst at a tech vendor with 5,001-10,000 employees

Oct 29, 2024

We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments.

Read full review

Show 10 more reviews (out of 35)

Product Categories

Product Categories

Cloud-Native Application Protection Platforms (CNAPP)

Vulnerability Management

Container Security

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

SaaS Security Posture Management (SSPM)

Popular Comparisons

Popular Comparisons

Wiz vs Qualys TotalCloud

Datadog vs Qualys TotalCloud

Snyk vs Qualys TotalCloud

Microsoft Defender for Cloud vs Qualys TotalCloud

SentinelOne Singularity Cloud Security vs Qualys TotalCloud

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Qualys VMDR vs Qualys TotalCloud

Varonis Platform vs Qualys TotalCloud

AWS GuardDuty vs Qualys TotalCloud

AWS Security Hub vs Qualys TotalCloud

JFrog Xray vs Qualys TotalCloud

Orca Security vs Qualys TotalCloud

Claroty Platform vs Qualys TotalCloud

Check Point CloudGuard CNAPP vs Qualys TotalCloud

Aqua Cloud Security Platform vs Qualys TotalCloud

See all alternatives

Product Categories

Product Categories

Cloud-Native Application Protection Platforms (CNAPP)

Vulnerability Management

Container Security

Cloud Workload Protection Platforms (CWPP)

Cloud Security Posture Management (CSPM)

SaaS Security Posture Management (SSPM)

Popular Comparisons

Popular Comparisons

Wiz vs Qualys TotalCloud

Datadog vs Qualys TotalCloud

Snyk vs Qualys TotalCloud

Microsoft Defender for Cloud vs Qualys TotalCloud

SentinelOne Singularity Cloud Security vs Qualys TotalCloud

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Qualys VMDR vs Qualys TotalCloud

Varonis Platform vs Qualys TotalCloud

AWS GuardDuty vs Qualys TotalCloud

AWS Security Hub vs Qualys TotalCloud

JFrog Xray vs Qualys TotalCloud

Orca Security vs Qualys TotalCloud

Claroty Platform vs Qualys TotalCloud

Check Point CloudGuard CNAPP vs Qualys TotalCloud

Aqua Cloud Security Platform vs Qualys TotalCloud

See all alternatives

Related questions

34

When evaluating Cloud-Native Application Protection Platforms (CNAPP), what aspect do you think is the most important to look for?

46

Why is a CNAPP (Cloud-Native Application Protection Platform) important?

39

What CNAPP solution do you recommend for a hybrid cloud?

60

Why are Cloud-Native Application Protection Platforms (CNAPP) tools important for companies?

48

When evaluating Cloud-Native Application Protection Platforms (CNAPP) solutions, what aspect do you think is the most important to look for?

193

Why is Cloud-Native Application Protection Platforms (CNAPP) important for companies?

24

What Cloud-Native Application Protection Platform do you recommend?