Get Started with TotalCloud

Qualys TotalCloud is your all-in-one cloud-native infrastructure and application security solution. Once your TotalCloud Inventory is ready, the application gives you deep visibility into your cloud network. From there, choose among the many cloud security features like performing a zero-touch assessment to analyze cloud posture, prioritize high-risk assets, and secure cloud-native workloads.

Get started by setting up your cloud inventory so TotalCloud can give you visibility and continuous security across all your cloud environments. We'll help you get started quickly!

 Configure a Connector 

The only prerequisite to start with TotalCloud is configuring a CSPM connector for your cloud account. 

A connector links your cloud provider account with Qualys so that Qualys applications can fetch the necessary data from your environment. 

Click on your respective cloud provider to learn how to create their CSPM connector.

You can directly create connectors for AssetView and CSPM by navigating to the Connectors application. Read more.


Configure a CSPM connector:  AWS  |  Azure  |  GCP | OCI

 The TotalCloud Journey

Congratulations! Your connectors are ready, and you might have also managed their access. Now, you are prepared to take the journey to complete cloud security with a single application.

Click any components in the image below to learn about the cloud security pillars covered in the TotalCloud journey.


You can also continue reading to learn more about the same.



Get centralized visibility of services/resources across your multiple cloud accounts.

List of Supported Resources: AWS | Azure | GCP

Resource Misconfigurations | Vulnerability Details


The Posture tab shows a complete picture of your cloud security posture. Your cloud resources are tested against configuration checks known as controls to assess your overall security posture. 

Control Evaluations | Cloud Posture | IaC Posture

Policies and Controls

TotalCloud continuously discovers resources and ensures resources are compliant with respective industry Benchmarks & Best Practices policies provided out-of-box.

Compliance Policies  | Customize Controls | Create Policies | Exceptions  


You can generate reports to view the compliance posture of your cloud resources. Run reports to learn whether your resources are compliant with mandates and compliance policies. Just configure your report settings and the reports can be generated.

Assessment Reports | Mandate Reports | Policy Reports

Configuring Alerts

Create rules to get alerts to monitor changes or significant findings on control evaluations for your attention and intervention.

Configure Rule-based Alerts


Qualys TotalCloud provides FlexScan, a comprehensive cloud-native assessment solution that allows organizations to combine multiple cloud scanning options for the most accurate security assessment of their cloud environment.

Security teams can have multiple hybrid assessment capabilities to secure the entire cloud attack surface, including:

  • Zero-touch, agent-less, cloud service provider API-based scanning for fast analysis.

  • Virtual appliance-based scanning to assess unknown workloads over the network for open ports and remotely exploitable vulnerability detection.

  • Snapshot assessment that mounts the workload snapshot for periodic offline scanning including vulnerabilities and OSS scanning.

  • Qualys Cloud Agents in the workload for comprehensive, real-time vulnerability, configuration and security assessment.

Learn more about FlexScan here.


Prioritize cloud misconfigurations, vulnerabilities and assets based on their business criticality and risk, leveraging Qualys TruRisk prioritization and insights. Using a single cloud platform, discover, assess, prioritize, and fix critical cloud infrastructure and cloud-native workload exposures.

TruRisk Insights | Insight Widget


Qualys utilizes the power of Deep Learning AI to provide deep visibility into your workloads and secure them against advanced threats, in cases where you are faced with an attacker trying to compromise your network.

Cloud Detection and Response


Enabling Remediation

Enable remediation for your connectors and fix the resource misconfigurations by triggering remediation of cloud resources.

Remediating Cloud Misconfigurations

Analyze with the Unified Dashboard

TotalCloud Dashboard Menu with TruRisk Inisghts Data

Dashboards help you visualize your cloud resources, evaluate your cloud resources, see your threat exposure, leverage saved searches, and fix resource misconfigurations quickly.

We have integrated Unified Dashboard (UD) with TotalCloud. UD brings information from all Qualys applications into a single place for visualization. UD provides a powerful new dashboarding framework and platform service that will be consumed and used by all other products to enhance the existing dashboard capabilities.

You can use the default TotalCloud dashboard provided by Qualys or easily configure widgets to pull information from other modules/applications and add them to your dashboard. You can add as many dashboards as possible to customize your TotalCloud view.

Quickly get custom views

Related Topics

Role-Based Access for User

Concepts and Terminologies

Looking for something else?

Search Query Samples

Download Datalist

Choose Date Range