No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs Skybox Security Suite comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 15, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Morphisec
Ranking in Vulnerability Management
57th
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (48th), Advanced Threat Protection (ATP) (30th), Endpoint Detection and Response (EDR) (61st), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
Skybox Security Suite
Ranking in Vulnerability Management
51st
Average Rating
7.6
Reviews Sentiment
6.2
Number of Reviews
38
Ranking in other categories
Firewall Security Management (8th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Morphisec is 0.7%, up from 0.3% compared to the previous year. The mindshare of Skybox Security Suite is 0.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Skybox Security Suite0.7%
Morphisec0.7%
Other97.5%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
AnoopBhat - PeerSpot reviewer
Security Architect at a tech vendor with 5,001-10,000 employees
Firewall policy management has improved access control but still needs simpler setup and upgrades
The features that I appreciated the most in Skybox Security Suite were not comparable with Tufin, as Tufin was far ahead in terms of the technology and the user interface. The effectiveness of the vulnerability management in Skybox Security Suite is an area I have not used that much. The firewall management feature has streamlined rule configuration and compliance in Skybox Security Suite and has evolved over time, but Tufin is far better. In terms of comparison between both tools, only the licensing part of Skybox had an edge. We were not renewing the licenses of Skybox every year, but in the case of other tools, we would have to renew if we wanted to use those tools. The disadvantages and weaknesses of Skybox Security Suite include the interface, complexity with setup, and upgrading. There are some smaller issues as well that would take more time to discuss, but there are ways around them. We use this tool to implement a new policy on the firewall by going to Skybox, creating a flow there, and then using an approval mechanism in place. There are two different levels of approvals which we have to go through, and once both approvers approve the request, we are ready to implement it. A specific challenge is that if we have to create a new object group and place ten different objects in that and use that object group in two different rules, we have to create the object group in the first rule and add the ten new objects. Then if we have to create another rule, we do not get an option to recall or reuse that same group which we created in the previous rule. We have to create a new object group again and then add the objects into it again. If we had created an object group once, we should have gotten an option to recall that or call that object group in the new rule, and that should have made the process easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I found the initial setup user-friendly."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"TotalCloud provides the easiest and the best approach for cloud infrastructure management."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"The best part I like is the on-demand scans."
"Its excellent graphical interface makes the scanning process simple."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."
"It's simple, it's easy, and it works."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"Since we started using Morphisec, that hasn't happened even once."
"With Morphisec, at least when it does happen, I feel confident that we have in place solutions that will not only prevent it, but also let us know when something has happened."
"Morphisec has been a real lifesaver."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"We use Network Assurance for network visualisation and troubleshooting."
"Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration is easy, and I have integrated it with Fortinet firewalls."
"The implementation of Skybox is straightforward and you can integrate and get the logs and compliance reporting."
"The firewall management feature in Skybox Security Suite was quite good and was what we primarily used."
"It has a good policy management feature and can provide customers with good quality outputs."
"The solution is very good at dealing with firewall changes and firewall compliance."
"I really like the product."
"The way that it's built with three-tier architecture, it makes it very horizontally scalable, so I can have multiple fallbacks. If one machine does fall offline, there are four other machines that are doing the exact same job to pick it up"
 

Cons

"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"It has been working very well, but it would be helpful if the dashboard could generate reports tailored to specific compliance needs. For example, in India, we have to comply with RBI and SEBI guidelines. It w"
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"TotalCloud could improve its scanning of niche devices like Wi-Fi dongles and USB modems because they are often untested. It covers everything else, like laptops, mobile devices, and Bluetooth IoT devices. They can improve on the small IoT devices because hackers and testers use these."
"The price is very expensive, actually."
"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."
"It would be useful for them if they had some kind of network discovery."
"Right now, it's just their auto-update feature. I know they are currently working on that."
"In the Windows Defender integration, they have put in a report of computers that need Windows Defender updates. If those updates could be kicked off directly from the dashboard, instead of having to go to another system entirely, that would be good."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools."
"Right now, it's just their auto-update feature. I know they are currently working on that. When they release a new version of the threat prevention platform, I do have to update that, rolling out to every computer. They have said, "From version 5, you would be able to do an auto-update." While this is very minor, that is the only thing that I would say needs to be upgraded. It would just make life a lot easier for other IT teams. However, I have simplified the process, so all I need to do is just download one file."
"Overall, I don't know 100% if it's increasing our security posture, but it does give us a nice peace of mind."
"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"As a reseller, I feel the marketing of this product could be better."
"There is room for improvement in device policy provisioning. However, modifications and the deletion of existing policies are currently unavailable or under enhancement."
"I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been."
"The solution does not support certain devices or vendors in some regions or countries due to regulations."
"The tool does not offer options for customization."
"The solution needs to move and improve its interface to a full web browser version that is more accessible and doesn't require installation for use."
"Due to the cost of the solution, I've decided to switch products."
"The only place where Skybox has room for improvement, and they're working on releasing this, it's just a slow-go, is the UI. The user interface has historically been via a locally installed thick client. They are moving to a web-based console and it's slowly coming out."
 

Pricing and Cost Advice

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"TotalCloud's price is about right where I would expect it to be."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"The pricing is definitely fair for what it does."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"The price of the Skybox Security Suite can be expensive."
"The price is not expensive."
"Licensing is normally on a yearly basis. There may also be a perpetual license. Normally, the customers ask for a lower price. If you want to sell more, you have to think about it."
"The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products."
"Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."
"Skybox comes with extra licenses and has a change management license. The licenses are expensive, but they come with extra value."
"Currently, the licensing costs me about $300 USD for the year. This is a huge amount for my environment."
"I think the price is fair."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
Financial Services Firm
17%
Manufacturing Company
11%
Computer Software Company
9%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise4
Large Enterprise21
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Skybox Security Suite?
From a commercial perspective, AlgoSec is more expensive compared to Skybox Security Suite. Skybox Security Suite is ...
What needs improvement with Skybox Security Suite?
The features that I appreciated the most in Skybox Security Suite were not comparable with Tufin, as Tufin was far ah...
What is your primary use case for Skybox Security Suite?
Skybox Security Suite is primarily used for allowing access on firewalls and getting the access to allow some connect...
 

Also Known As

Qualys TotalCloud with FlexScan
Morphisec, Morphisec Moving Target Defense
No data available
 

Overview

 

Sample Customers

Information Not Available
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
Find out what your peers are saying about Morphisec vs. Skybox Security Suite and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.