No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point CloudGuard CNAPP vs IBM Guardium Vulnerability Assessment comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Check Point CloudGuard CNAPP
Ranking in Vulnerability Management
14th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
70
Ranking in other categories
Cloud and Data Center Security (8th), Container Security (13th), Cloud Workload Protection Platforms (CWPP) (8th), Cloud Security Posture Management (CSPM) (7th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Data Security Posture Management (DSPM) (8th), Compliance Management (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Check Point CloudGuard CNAPP is 1.3%, down from 1.3% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Check Point CloudGuard CNAPP1.3%
IBM Guardium Vulnerability Assessment0.8%
Other96.8%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
reviewer2751468 - PeerSpot reviewer
Assistant Manager at a computer software company with 201-500 employees
Boosts security and compliance in multi-cloud environments while real-time threat detection enhances risk management
Check Point CloudGuard CNAPP flagged a misconfiguration in our AWS S3 bucket that had overly permissive access settings. That configuration could have exposed our sensitive data to the public internet. The platform not only identified the issue but also provided remediation that our team was able to apply immediately. This prevented a potential data exposure. Check Point CloudGuard CNAPP offers a unified, modular platform that combines CSPM, CWPP, CIEM, code security, and cloud detection and response. The agentless workload posture, real-time threat detection and response, multi-cloud coverage and visibility, compliance automation, and one-click remediations stand out as its best features. I find myself relying on the risk management engine and prioritization the most day-to-day. In any cloud environment, you are flooded with findings, misconfigurations, vulnerabilities, and compliance gaps. Without prioritization, it is overwhelming for our team to take care of the posture. CloudGuard's risk scoring helps us cut through incidents. This makes remediation faster and focused instead of wasting time checking every alert. We get to fix the issues that pose real business risks. Check Point CloudGuard CNAPP has positively impacted our organization at a significant level. We get greater visibility and control across all our cloud environments. Some biggest benefits we have seen are faster detection and remediation of misconfigurations, improved compliance posture, reduced risk exposure, operational efficiency, and cost savings. Overall, it has made our cloud environment more secure, compliant, and easier to manage while freeing up our teams to focus on projects instead of chasing alerts.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"In my opinion, this is the best tool."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"I would definitely recommend Qualys TotalCloud to other customers."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"TruRisk Insights is the most important innovation they've released this year."
"Now, to see in a single pane of glass, all the agents, all the rules, everything that is going on in our datacenters, is quite valuable."
"My overall product rating is ten out of ten."
"The most valuable feature of Check Point CloudGuard Posture Management is the training."
"We have been able to expand our visibility and security enforcement into all of our cloud environments by leveraging Dome9."
"Check Point CloudGuard CNAPP's initial configuration is very easy. It is plug-and-play. It also gives regular updates."
"This is a product that I would recommend because it does unique things that I'm not aware any other product can solve those issues."
"The most valuable feature is the CloudBots for auto-remediation of security findings."
"Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
 

Cons

"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"There is room for improvement in the support."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"Automation and advanced threat prevention have room for improvement."
"We were demotivated by the lack of native automation modules for the Terraform and Ansible tools."
"The user interface needs work. Sometimes, it is a transition from the old tool to the new CNAPP Two that I currently have, and remnants of the old environment can still be detected."
"Currently, this solution is somewhat expensive."
"Check Point must provide a multi-cloud facility where AWS, Azure, and GCP can seamlessly work together and display posture in an integrated manner."
"There are opportunities for improvement that can be addressed through a roadmap."
"The solution could be improved with a greater analysis of its Microsoft Security score."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"The only problem is that some of the reports come up with blanks and missing data."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
 

Pricing and Cost Advice

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is expensive."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"TotalCloud's price is about right where I would expect it to be."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
"Check Point CloudGuard Posture Management is expensive."
"We have the enterprise-level license and we renew it annually because it is worth the cost."
"Check Point CloudGuard Posture Management is always known as a good solution but an expensive one. When you're using Cisco, Check Point, or Palo Alto, you know that you will pay more, but you know that it will work."
"The tool's pricing is moderate. Its licensing costs are yearly."
"CloudGuard is fairly priced."
"The pricing is extremely competitive."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
11%
Financial Services Firm
10%
Manufacturing Company
8%
Outsourcing Company
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business58
Midsize Enterprise13
Large Enterprise58
No data available
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for CloudGuard Workload Protection?
My experience with pricing, setup cost, and licensing has been reasonable for the value it delivers. The initial setu...
What needs improvement with CloudGuard for Cloud Intelligence?
One area that Check Point CloudGuard CNAPP could use improvement is the navigation when switching between modules. A ...
What is your primary use case for CloudGuard for Cloud Intelligence?
My main use case for Check Point CloudGuard CNAPP is strengthening cloud security posture, monitoring configurations,...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
 

Also Known As

Qualys TotalCloud with FlexScan
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
No data available
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Information Not Available
Find out what your peers are saying about Check Point CloudGuard CNAPP vs. IBM Guardium Vulnerability Assessment and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.