Zscaler Zero Trust Exchange Platform and Qualys TotalCloud are competitive solutions in the cybersecurity category. Zscaler tends to have an edge in seamless user access via its Zero Trust architecture, while Qualys is preferable for its robust vulnerability detection and risk insights.
Features: Zscaler Zero Trust Exchange Platform highlights a fully integrated VPN, CASB solutions, and scalable cloud architecture, focusing on secure and seamless access without requiring constant reauthentication. Qualys TotalCloud stands out with comprehensive asset inventory management, vulnerability detection, and API integration for strong security posture and risk insights.
Room for Improvement: Zscaler Zero Trust Exchange Platform needs to enhance its performance in terms of speed and bandwidth, improve SCMP support for monitoring third-party suppliers, and address pricing and multi-tenancy challenges. Qualys TotalCloud could improve support, add deeper scanning capabilities, and better integrate with traditional on-prem solutions. Issues with AI-related risk management and customer-specific compliance reporting are noted.
Ease of Deployment and Customer Service: Zscaler excels in deployment flexibility across hybrid, private, and public cloud environments, though some customer support aspects need improvement. Qualys TotalCloud offers a consistent hybrid and public cloud deployment experience with positive support feedback, though pricing and dashboard complexities need attention. Zscaler provides specific cloud segmentation, while Qualys focuses on smooth integration across multiple environments.
Pricing and ROI: Zscaler Zero Trust Exchange Platform is expensive but provides a compelling ROI, particularly for large organizations reducing reliance on legacy systems. It requires additional licenses for specific features, but users report high satisfaction with its value. Qualys TotalCloud is also costly but offers flexible pricing suited to its comprehensive feature sets, delivering significant ROI in vulnerability management and compliance, especially valued in larger enterprises for its automation capabilities.
The detailed information PingSafe gives about how to fix vulnerabilities reduces the time spent on remediation by about 70 to 80 percent.
After implementing SentinelOne, it takes about five to seven minutes.
Cloud Native Security does offer ROI.
It has saved about 90% of our time.
TotalCloud has generated overall savings of 30 to 40 percent across various departments.
CallStream helps us integrate and automate tasks.
We don't have to purchase many components such as load balancers and proxy servers that were necessary in traditional setups.
When we send an email, they respond quickly and proactively provide solutions.
They took direct responsibility for the system and could solve queries quickly.
Having a reliable team ready and willing to assist with any issues is essential.
They are helpful, respond to my queries, and can answer any question.
Qualys's tech support is highly responsive, providing multiple ways to interact with them.
Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA.
Sometimes, support takes time since the solution has some bugs that need fixing.
I would rate it a 10 out of 10 for scalability.
Scalability is no longer a concern because Cloud Native Security is a fully cloud-based resource.
I would rate the scalability of PingSafe 10 out of 10.
We started our organization about nine months back. We started with about 30 users, and we now have more than 100 users.
Our organization currently uses it to manage over 1200 web applications.
It is absolutely scalable, and I would rate its scalability as nine out of ten.
It's a reliable solution that the organization is increasingly adopting for its robust features and security.
We contacted Cloud Native Security, and they addressed it in a day.
The only downtime we had was when switching from V1 to V2 but it was smooth.
Overall, the support provided has been excellent.
It is a stable solution, which is why we chose it.
Continuous monitoring is crucial to ensure system stability and avoid vulnerabilities or threats.
If they can merge Kubernetes Security with other modules related to Kubernetes, that would help us to get more modules in the current subscription.
As organizations move to the cloud, a cloud posture management tool that offers complete cloud visibility becomes crucial for maintaining compliance.
I would also like to see Cloud Native Security offer APIs that allow us to directly build dashboards within the platform.
Ideally, the scanner should automatically detect and scan all subdomains, even if not explicitly defined, ensuring comprehensive vulnerability assessment.
Ideally, updates should be more immediate, enabling quicker implementation of solutions.
Our goal is to integrate all these functions into Qualys, creating a single dashboard for comprehensive security monitoring and management.
They might be able to identify if something is missing with Zscaler.
I believe the enterprise version costs around $55 per user per year.
There are some tools that are double the cost of Cloud Native Security.
I recall Cloud Native Security charging a slightly higher premium previously.
Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive.
Pricing is managed by our finance team; however, Qualys TotalCloud offers cost-effective licensing flexibility.
Qualys TotalCloud is expensive, but it offers a premier solution with no headaches.
This helps visualize potential attack paths and even suggests attack paths a malicious actor might take.
The infrastructure-as-code feature is helpful for discovering open ports in some of the modules.
This tool has been helpful for us. It allows us to search for vulnerabilities and provides evidence directly on the screen.
This view of risk helps reduce the work we would have to do to combine multiple sources to prioritize risk.
It will help cybersecurity professionals monitor the cloud and find vulnerabilities.
We are enjoying the new feature, FlexScan, which is valuable for Internet-facing VMs.
The solution is cloud-based with the latest inspection engines, which I find to be amazing.
| Product | Market Share (%) |
|---|---|
| Qualys TotalCloud | 1.6% |
| Wiz | 23.4% |
| Prisma Cloud by Palo Alto Networks | 14.5% |
| Other | 60.5% |
| Product | Market Share (%) |
|---|---|
| Zscaler Zero Trust Exchange Platform | 17.4% |
| Prisma Access by Palo Alto Networks | 13.7% |
| Cato SASE Cloud Platform | 12.5% |
| Other | 56.400000000000006% |
| Company Size | Count |
|---|---|
| Small Business | 45 |
| Midsize Enterprise | 20 |
| Large Enterprise | 54 |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 2 |
| Large Enterprise | 22 |
| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 11 |
| Large Enterprise | 41 |
SentinelOne Singularity Cloud Security offers a streamlined approach to cloud security with intuitive operation and strong integration capabilities for heightened threat detection and remediation efficiency.
Singularity Cloud Security stands out for its real-time detection and response, effectively minimizing detection and remediation timelines. Its automated remediation integrates smoothly with third-party tools enhancing operational efficiency. The comprehensive console ensures visibility and support for forensic investigations. Seamless platform integration and robust support for innovation are notable advantages. Areas for development include improved search functionality, affordability, better firewall capabilities for remote users, stable agents, comprehensive reporting, and efficient third-party integrations. Clarity in the interface, responsive support, and real-time alerting need enhancement, with a call for more automation and customization. Better scalability and cost-effective integration without compromising capabilities are desired.
What are SentinelOne Singularity Cloud Security's standout features?SentinelOne Singularity Cloud Security is deployed in industries needing robust cloud security posture management, endpoint protection, and threat hunting. Utilized frequently across AWS and Azure, it assists in monitoring, threat detection, and maintaining compliance in diverse environments while providing real-time alerts and recommendations for proactive threat management.
TotalCloud is the Qualys approach to Cloud Native Application Protection Platform (CNAPP) for cloud infrastructure and SaaS environments. With TotalCloud, customers extend TruRisk insights (transparent cyber risk scoring methodology) from the Qualys Enterprise TruRisk Platform to their cloud environments allowing for a seamless unified view of cyber risk across on-prem, hybrid, and multi-cloud environments.
Features and capabilities of Qualys TotalCloud include, but are not limited to:
Discover: Complete visibility and insights into cyber-risk exposure across multi-cloud. Continuously discover and monitor all your workloads across a multi-cloud environment for a 360-degree view of your cloud footprint. Identify known and previously unknown internet-facing assets for 100% visibility and tracking of risks.
Assess: Comprehensive cloud-native assessments with FlexScanTM. Extensive scanning capabilities with Qualys FlexScan, including no-touch, agentless, API- and snapshot-based scanning, along with agent- and network-based scanning for in-depth assessment. Use these multiple scanning methods to scan a workload to get a unified and comprehensive view of vulnerabilities and misconfigurations.
Prioritize: Unified security view to prioritize cloud risk with TruRiskTM. Experience a unified risk-based view of cloud security with insights across workloads, services, and resources. Qualys TruRisk quantifies security risk by workload criticality and vulnerabilities; it correlates with ransomware, malware, and exploitation threat intelligence to prioritize, trace, and reduce risk.
Defend: Real-time protection against evolving and unknown threats with InstaProtectTM. Qualys enables continuous monitoring of all cloud assets to ensure they are protected against threats and attacks at runtime. Qualys keeps your cloud runtime safe by detecting known and unknown threats across the entire kill chain in near real-time across a multi-cloud environment.
Remediate: Fast remediation with QFlow – no code, drag-and-drop workflows. The integration of QFlow technology into Qualys TotalCloud saves security and DevOps teams valuable time and resources. Automation and no-code, drag-and-drop workflows help simplify the time-consuming operational tasks of assessing vulnerabilities on ephemeral cloud assets, alerting on high-priority threats, remediating misconfigurations, and quarantining high-risk assets.
Zscaler Zero Trust Exchange enhances security with seamless cloud-based connectivity and VPN-less operation, offering integration with multiple identity providers and advanced security features, suitable for remote work environments.
Zscaler Zero Trust Exchange provides secure, adaptive connectivity without traditional VPNs, allowing organizations to replace legacy systems and bolster remote work security. The platform offers cloud-based protection, single sign-on, dynamic URL categorization, and scalable solutions. While advanced security features like DLP and threat protection enhance data protection, users may face issues with speed, connectivity, and some customization options. Integration challenges, latency due to multi-tenant hosting, reporting delays, and licensing costs require consideration. It supports secure internet access and private application security, ensuring traffic control and data compliance.
What are the key features of Zscaler Zero Trust Exchange?Zscaler Zero Trust Exchange is deployed across industries to secure remote access and enforce zero trust principles. Organizations in finance, healthcare, and technology sectors utilize it for secure internet access and visibility into cloud applications, enhancing performance and compliance in dynamic environments.
We monitor all Cloud-Native Application Protection Platforms (CNAPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
