Bitsight vs Zscaler Internet Access comparison

The compared BitSight and Zscaler solutions aren't in the same category. BitSight is ranked #4 in IVRM , with an average rating of 8.8, and holds a 10.9% mindshare in the category. Zscaler is ranked #2 in WSG , with an average rating of 8.2, and holds a 15.6% mindshare. Additionally, 100% of BitSight users are willing to recommend the solution, compared to 98% of Zscaler users who would recommend it.

Bitsight

Read 6 Bitsight reviews

1,601 Views
1,143 Comparison Views

100% willing to recommend

Zscaler Internet Access

Read 52 Zscaler Internet Access reviews

10,416 Views
6,741 Comparison Views

98% willing to recommend

Bitsight

Zscaler Internet Access

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Bitsight and Zscaler Internet Access based on real PeerSpot user reviews.

Find out what your peers are saying about OneTrust, RSA, SecurityScorecard and others in IT Vendor Risk Management.

To learn more, read our detailed IT Vendor Risk Management Report (Updated: March 2025).

Buyer's Guide

IT Vendor Risk Management

March 2025

Download the complete report

Helped 842,767 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Bitsight

Average Rating

8.6

Reviews Sentiment

7.8

Number of Reviews

Ranking in other categories

IT Vendor Risk Management (4th), Attack Surface Management (ASM) (13th)

Zscaler Internet Access

Average Rating

8.2

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Secure Web Gateways (SWG) (2nd), Internet Security (2nd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Bitsight is designed for IT Vendor Risk Management and holds a mindshare of 10.9%, down 14.8% compared to last year.
Zscaler Internet Access, on the other hand, focuses on Secure Web Gateways (SWG), holds 15.6% mindshare, down 17.2% since last year.

IT Vendor Risk Management

Secure Web Gateways (SWG)

Featured Reviews

Marc Chapel

Chief Security Officer at Cetelem

Stable product with efficient features for listing vulnerabilities

I recommend BitSight because it is very convenient to use. It has become a standard tool used in many companies. It is easy to share a few components of an algorithm for users. It is not ideal as it only reflects some of the reality of Internet-facing applications. However, it is the best solution at the moment. I rate it an eight out of ten.

Read full review

ShanavasVK

Consultant at Essentra PIC

Helps maintain a consistent posture of internet security while getting rid of VPN and hovering into zero trust

There could be a better way for the tool to categorize the traffic. For example, the tool does exceptions and everything overall. If I want to give guest access or provide access to guest users or any other internet access and if it does not go through the SSL inspection because, in our company, we can't have the root certificate on a device that we don't manage, which can be called out as an exception or an exclusion, but that doesn't provide a proper reflection of the picture of what is happening in the environment. There are granularities bringing it down. The tool I used or still have is Zscaler Cloud Connector to protect the cloud environment, which can have a bit more user-friendly installation and setup, and it would help a lot. The deployment process of Zscaler Cloud Connector needs to be more user-friendly. Improvements are required in the exception category. For example, suppose I report on a monthly basis what the breaches and traffic violating the SSL inspection area are coming from. In that case, I may find that half of them may be coming through some guest network, meaning the tool doesn't differentiate between the guest or normal networks or the corporate networks. Having options to differentiate different networks would be ideal so that it can show a true picture of things to users, as half of the things in the tool are not in our control and are not of our concern.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."

"Offers open ports from an external point of view."

"Its customer service team responds quickly."

"The best thing about BitSight is the comprehensive list of risk vectors, covering compromised systems, diligence failures, and behavioral anomalies."

"The product helps us identify the vulnerabilities of internet-facing applications."

"The solution is user-friendly."

"The product's initial setup phase is a bit easy, as one doesn't need high technical expertise."

"It is easy to set up the solution."

"The VPN is valuable, as the whole technology is very different from a traditional VPN."

"The most valuable features of Zscaler Internet Access are it's on the cloud, high network performance, and the interception of users is very easy."

"Zscaler Web Security protects our users in remote locations from internet threats - even if they are not connected to our network."

"The best thing about Zscaler Internet Access is the website filtering. In the UAE it's quite an important feature because most of the malware comes through the SQL injection and through downloads from websites. Zscaler helps protect against that."

"The solution is scalable and stable."

"The most valuable feature for me is the ability to see how my network and traffic looks with modules like analytics and insights."

More Zscaler Internet Access pros

Cons

"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."

"BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating."

"Its factor analysis feature could be better."

"Data enrichment is the major issue."

"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."

"The solution’s benchmarking should be improved."

"One thing that needs to be improved is their presence in China. I'm not sure if that's a Zscaler thing or if it's a problem with all vendors in this space, but it would be nice to have better coverage in China. This concern is a common one for vendors across the board when dealing with the Chinese market."

"There are a few features that are not compatible with the Azure cloud."

"The solution's pricing is on the higher side. It would be better if it could be lower."

"Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage."

"I would like to see more training and video documentation."

"It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work."

"In terms of user experience, it could be better."

"Zscaler Internet Access can improve by adding traffic filtering based on the DNS."

More Zscaler Internet Access cons

Pricing and Cost Advice

"The product has a reasonable price."

"The solution's price is average."

"ZIA follows a subscription model pricing and charges you based on the number of users. I would say its price is good."

"Because it's a cloud solution, we pay on a yearly basis. It is affordable and includes tech support and all features."

"Licenses are available on a per-host basis. Some features like sandboxing require an additional fee, but most standard features are included in the license."

"Our monthly fee is around R3000."

"Roughly, we might spend $70,000 a month on the solution. We don't pay for anything beyond the standard licensing fee."

"Price-wise, the tool is reasonable compared to the other products in the market but it is not a very low-priced tool. The solution does provide value for money."

"It is a few pounds per user per month."

"The solution is a little bit expensive. On a scale of one to five, I would rate it as a three."

More Zscaler Internet Access pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which IT Vendor Risk Management solutions are best for your needs.

See recommendations

842,767 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

18%

Computer Software Company

14%

Manufacturing Company

Insurance Company

Educational Organization

24%

Computer Software Company

13%

Financial Services Firm

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about BitSight?

The solution is user-friendly.

See all answers

What is your experience regarding pricing and costs for BitSight?

The product is a little expensive and very oriented to large companies.

See all answers

What needs improvement with BitSight?

BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating. They could evolve to be a more powerful scanner of cyber hygiene...

See all answers

Which is the better security solution - Cisco Umbrella or Zscaler?

Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried. Zscaler Internet Access is a good option for carrying out multiple security functi...

See all answers

Which is better, Zscaler internet access or Netsckope CASB?

We researched Netskope but ultimately chose Zscaler. Netskope is a cloud access security broker that helps identify and manage cloud applications, protecting your sensitive data from exfiltration....

See all answers

What do you like most about Zscaler Internet Access?

The solution has reduced cyberattacks.

See all answers

Comparisons

SecurityScorecard vs Bitsight

Compared 28% of the time

RiskRecon vs Bitsight

Compared 11% of the time

Black Kite vs Bitsight

Compared 10% of the time

Tenable Lumin vs Bitsight

Compared 7% of the time

Trend Vision One vs Bitsight

Compared 3% of the time

More Bitsight Competitors

Cisco Umbrella vs Zscaler Internet Access

Compared 23% of the time

Netskope vs Zscaler Internet Access

Compared 14% of the time

Microsoft Defender for Cloud Apps vs Zscaler Internet Access

Compared 11% of the time

Prisma Access by Palo Alto Networks vs Zscaler Internet Access

Compared 8% of the time

FortiSASE vs Zscaler Internet Access

Compared 7% of the time

More Zscaler Internet Access Competitors

Product Reports

Buyer's Guide

IT Vendor Risk Management

March 2025

Download Bitsight product report

Buyer's Guide

Zscaler Internet Access

March 2025

Download Zscaler Internet Access product report

Also Known As

No data available

ZIA

Overview

BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter.

BitSight

Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.

Zscaler Internet Access Features

Zscaler Internet Access has many valuable key features. Some of the most useful ones include:

Proxy (native SSL)
IPS and advanced protection
Cloud sandbox
DNS security
Cloud firewall
URL filtering
Bandwidth control
DNS filtering
Cloud DLP w/EDM and IDM
Cloud access security broker (CASB)
Cloud security posture management (CSPM)
CloudBrowser isolation
Cloud secure web gateway (SWG)
Zero trust network access (ZTNA)
Digital experience monitoring

Zscaler Internet Access Benefits

There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:

Fast access with zero infrastructure: Zscaler Internet Access creates a fast, seamless user experience because of its direct-to-cloud architecture. With no infrastructure, Zscaler Internet Access helps you eliminate backhauling, which improves performance and simplifies network administration.

Threat intelligence: By using threat intelligence, Zscaler Internet Access can stop ransomware, zero-day malware, and advanced attacks via Inline inspection of all internet traffic, including SSL decryption, and a suite of AI-powered cloud security services.

Consistent security: With Zscaler Internet Access, your security policy goes everywhere your users go. When you move security to the cloud, all users, applications, devices, and locations remain protected and secure based on identity and context.

Hybrid workforce: Zscaler Internet Access enables secure access to all external and internal apps from anywhere, so remote work is not an issue. You can also enforce business policies that follow the user, making security identical regardless of location.

Reviews from Real Users

Below are some reviews and helpful feedback written by Zscaler Internet Access users.

A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."

Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”

An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”

Zscaler

Sample Customers

Fannie Mae, Cabela's, BNP Paribas, PWC, AIR Worldwide, Con Edison, The Container Store, OshKosh, Steris, University of South Florida, Emblem Health, Lloyds Bank

Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group

Buyer's Guide

IT Vendor Risk Management

March 2025

Download Free Report

Find out what your peers are saying about OneTrust, RSA, SecurityScorecard and others in IT Vendor Risk Management. Updated: March 2025.

DOWNLOAD NOW

842,767 professionals have used our research since 2012.

We monitor all IT Vendor Risk Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.