No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Guardium Vulnerability Assessment vs Skybox Security Suite comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 15, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
IBM Guardium Vulnerability ...
Ranking in Vulnerability Management
53rd
Average Rating
6.0
Reviews Sentiment
8.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Skybox Security Suite
Ranking in Vulnerability Management
51st
Average Rating
7.6
Reviews Sentiment
6.2
Number of Reviews
38
Ranking in other categories
Firewall Security Management (8th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of IBM Guardium Vulnerability Assessment is 0.8%, up from 0.5% compared to the previous year. The mindshare of Skybox Security Suite is 0.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Skybox Security Suite0.7%
IBM Guardium Vulnerability Assessment0.8%
Other97.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
SL
Guardium Administrator at Interactive Group
Improvements sought in database optimization while benefiting from robust security monitoring
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible because it does not include the application user ID. It only includes the database user ID. To identify risky users, it does not support end users, so IBM must incorporate this feature into the built-in analytical engine of the Guardium. There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible. When you make a query in a MySQL database, it takes too much time to respond. IBM should replace this MySQL database with a more powerful internal database for the logging mechanism so that Guardium can collect logging data flexibly and ensure optimization. My overall experience with Guardium is good. The only problem is that IBM must replace the internal DB, MySQL, with a more powerful enterprise-level database because enterprises use it at an enterprise level, and MySQL does not support optimally.
AnoopBhat - PeerSpot reviewer
Security Architect at a tech vendor with 5,001-10,000 employees
Firewall policy management has improved access control but still needs simpler setup and upgrades
The features that I appreciated the most in Skybox Security Suite were not comparable with Tufin, as Tufin was far ahead in terms of the technology and the user interface. The effectiveness of the vulnerability management in Skybox Security Suite is an area I have not used that much. The firewall management feature has streamlined rule configuration and compliance in Skybox Security Suite and has evolved over time, but Tufin is far better. In terms of comparison between both tools, only the licensing part of Skybox had an edge. We were not renewing the licenses of Skybox every year, but in the case of other tools, we would have to renew if we wanted to use those tools. The disadvantages and weaknesses of Skybox Security Suite include the interface, complexity with setup, and upgrading. There are some smaller issues as well that would take more time to discuss, but there are ways around them. We use this tool to implement a new policy on the firewall by going to Skybox, creating a flow there, and then using an approval mechanism in place. There are two different levels of approvals which we have to go through, and once both approvers approve the request, we are ready to implement it. A specific challenge is that if we have to create a new object group and place ten different objects in that and use that object group in two different rules, we have to create the object group in the first rule and add the ten new objects. Then if we have to create another rule, we do not get an option to recall or reuse that same group which we created in the previous rule. We have to create a new object group again and then add the objects into it again. If we had created an object group once, we should have gotten an option to recall that or call that object group in the new rule, and that should have made the process easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable feature is its agent versatility."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"The most valuable feature is the consolidated information that it provides from various platforms."
"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."
"TotalCloud provides the easiest and the best approach for cloud infrastructure management."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"The best feature is that you can see the activity in your data environment and have the ability to get the vulnerability assessments done quickly with scores that can be compared."
"The Vulnerability Assessment feature is quite stable and helps identify numerous vulnerabilities in databases."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"It helped with some of the regulatory requirements, and it also helped with some of the security analytics and analysis, making it worthwhile from that perspective."
"The reporting features are good and there are many built-in reports that can be quickly configured."
"What we have done is found a lot of misconfigured stuff on firewalls."
"I am impressed with the tool's change management, firewall and network assurance."
"Network path analysis is the most valuable feature."
"The most impressive feature is optimization and clean-up."
"I really like the product."
"Aside from Firewall Assurance, we are using Network Assurance and Change Manager for an overview of the whole network and for documenting requests and the recertification of the ruleset."
"I would definitely recommend this solution; if you have a complex network with more than 20 firewalls, or you are managing a data center with a lot of security challenges, it is better to go with this solution."
"The solution is very good at dealing with firewall changes and firewall compliance."
 

Cons

"To improve the user experience, reporting could be simplified for better comprehension by end users and project managers, facilitating issue resolution."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"Their support could be improved."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"There is only one problem I experienced while using Guardium: the internal database of the collector is MySQL, which is not so powerful or flexible."
"The only problem is that some of the reports come up with blanks and missing data."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment."
"I wouldn't use it. That would be my advice to others looking into implementing IBM Guardium Vulnerability Assessment."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"The stability is something that is questionable. I don't know whether it is because of the kind of infrastructure we have or because of the product in itself. We're running it on a virtual machine right now. Maybe once a month, or once in every 45 days, it requires a restart because the application fails to connect. So I have to restart the whole Skybox Manager itself, the Skybox server itself, and then connect to it from our Skybox Manager."
"The solution needs to move and improve its interface to a full web browser version that is more accessible and doesn't require installation for use."
"The solution was quite technical. It would be easier to manage if the solution was more specific about aspects of the solution and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything."
"It's expensive."
"Technical support is not something which I would rate very high. Support is available but they need to ensure that they bring in their local team to give us support."
"Skybox should improve their UX features by making them easier to use."
"Due to the cost of the solution, I've decided to switch products."
"The initial setup isn't so easy because many of our customers have issues getting all the configurations right; it's very complex."
 

Pricing and Cost Advice

"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"TotalCloud's price is about right where I would expect it to be."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud is expensive."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"One thing not advantageous for it was that it was a little bit more expensive. I would rate it one out of five in terms of pricing."
"The licensing fee is paid yearly and is approximately $100,000."
"Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly."
"Licensing is normally on a yearly basis. There may also be a perpetual license. Normally, the customers ask for a lower price. If you want to sell more, you have to think about it."
"Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."
"Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment."
"The pricing is high, and the licensing model needs more flexibility."
"The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product."
"The software is expensive. I rate its pricing an eight out of ten."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
29%
Comms Service Provider
6%
Construction Company
6%
Government
6%
Financial Services Firm
17%
Manufacturing Company
11%
Computer Software Company
9%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise4
Large Enterprise21
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What needs improvement with IBM Guardium Vulnerability Assessment?
We use the analytical functionality of Guardium, but the analytical functionality is not so powerful or flexible beca...
What is your primary use case for IBM Guardium Vulnerability Assessment?
We are still using IBM Guardium Vulnerability Assessment. We only use IBM Guardium Data Protection and monitoring, da...
What advice do you have for others considering IBM Guardium Vulnerability Assessment?
We do not use IBM Guardium Vulnerability Assessment for data encryption or any other tool for analytics, or identity ...
What is your experience regarding pricing and costs for Skybox Security Suite?
From a commercial perspective, AlgoSec is more expensive compared to Skybox Security Suite. Skybox Security Suite is ...
What needs improvement with Skybox Security Suite?
The features that I appreciated the most in Skybox Security Suite were not comparable with Tufin, as Tufin was far ah...
What is your primary use case for Skybox Security Suite?
Skybox Security Suite is primarily used for allowing access on firewalls and getting the access to allow some connect...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
Find out what your peers are saying about IBM Guardium Vulnerability Assessment vs. Skybox Security Suite and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.