No more typing reviews! Try our Samantha, our new voice AI agent.

Skyhawk Security vs Zscaler Zero Trust Exchange Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Skyhawk Security
Average Rating
9.4
Reviews Sentiment
5.7
Number of Reviews
5
Ranking in other categories
Cloud Workload Protection Platforms (CWPP) (21st), Cloud Security Posture Management (CSPM) (28th)
Zscaler Zero Trust Exchange...
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
67
Ranking in other categories
Data Loss Prevention (DLP) (6th), Cloud Access Security Brokers (CASB) (9th), Application Control (4th), ZTNA as a Service (1st), Secure Access Service Edge (SASE) (2nd), Remote Browser Isolation (RBI) (1st)
 

Mindshare comparison

Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
ProductMindshare (%)
Skyhawk Security0.7%
Microsoft Defender for Cloud12.7%
AWS GuardDuty10.0%
Other76.6%
Cloud Workload Protection Platforms (CWPP)
Secure Access Service Edge (SASE) Mindshare Distribution
ProductMindshare (%)
Zscaler Zero Trust Exchange Platform8.8%
Prisma Access by Palo Alto Networks10.2%
Cato SASE Cloud Platform7.6%
Other73.4%
Secure Access Service Edge (SASE)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Abhimanyu Das - PeerSpot reviewer
Senior Cybersecurity Engineer at Kyndryl
Cloud threat validation has reduced alert fatigue and now focuses investigations on real attacks
Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more native integration with Microsoft security tools such as Sentinel and Defender, since those are what we use daily. Having deeper built-in integration instead of relying on generic SIM connections would save time. The training and documentation could also be more comprehensive, with more real-world use case examples specific to different industries. Additionally, having more general customization for the AI models to adjust what gets flagged as anomalous in our specific environment would help reduce alert noise. These are pretty minor improvements, and most of them are probably already in their roadmap based on their recent updates adding self-AI training and bulk status changes for their customers. I believe a mobile app would benefit SOC analysts who need to respond frequently while on the go, as most of the platform feels focused on desktop use. Having a robust mobile experience for approving automated responses and reviewing critical alerts would be really useful.
Vibin Thomas - PeerSpot reviewer
Technical Team Lead - Content Security at Valuepoint Systems
Zero trust access has transformed remote connectivity and now simplifies secure app usage
Zscaler Zero Trust Exchange Platform, especially Zscaler Private Access, is very strong, though there are a few areas where improvements can be made. One challenge observed is around initial troubleshooting and visibility. While Zscaler Private Access provides logs, it can sometimes take time to pinpoint the exact cause of access issues, especially in complex environments with multiple policies and identity integration. Another area is the dependency on identity and connector health. Since Zscaler Private Access is heavily reliant on app connectors and identity providers, any issues with these components can impact user access, making proper monitoring critical. During the initial setup, policy configuration and application onboarding require careful planning, especially for larger environments with many applications. These challenges are manageable with proper design and monitoring. Overall, the platform delivers strong security and user experience. I would recommend a few improvements, especially around user interface, reporting, and troubleshooting experience. From a user interface perspective, while the platform is powerful, the policy configuration and navigation can feel complex, especially for new users. A more simplified and intuitive layout for policy mapping and application access would help reduce the learning curve. In terms of reporting, Zscaler Private Access provides logs, but having more built-in customizable dashboards and analytics would be very helpful. Better visibility into user access patterns, application performance, and real-time troubleshooting insights would improve operational efficiency. From a support and troubleshooting standpoint, it would be beneficial to have more granular centralized visibility, allowing for quick end-to-end tracing of a user request from authentication to application access without switching between multiple views. These improvements would make the platform even more efficient, especially for large-scale enterprise environments.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Its excellent graphical interface makes the scanning process simple."
"The scalability is good as well. I would rate it ten out of ten."
"I found the initial setup user-friendly."
"Qualys TotalCloud has improved our security posture."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"Skyhawk Security has plenty of products and subscriptions available, and at this moment, Skyhawk Security appears to be the leading company in the cybersecurity area."
"It helps us in reaching the ISO27001 certification."
"Skyhawk Security has had a really positive impact on our organization, especially in reducing false positives and speeding up incident response times."
"The initial setup process is easy and intuitive."
"We fell in love at the first sight."
"Skyhawk Security has positively impacted my organization because we are a small security team, and Skyhawk Security allows us to prioritize our work."
"Zscaler's technical support is quite good."
"I find all Zscaler Private Access features valuable because each replaces flawed technologies, such as EPAs being replacements for VPN and PR as a replacement for PAM, so I can't mention only one valuable feature. Overall, Zscaler Private Access is a good solution."
"The most valuable features of Zscaler CASB are API integration and DLP."
"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."
"The most valuable features of Zscaler Private Access are its ability to integrate with multiple IDPs and application segmentation."
"The UI is easy to use."
"The most valuable feature of Zscaler Private Access is the categorization of the dynamic URLs which keeps the customer's environment protected. The threats and the malware are correctly categorized."
"The best feature is the ability to establish the connection between your public network and automatically connect to the intranet connection."
 

Cons

"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"I think Qualys TotalCloud needs to improve its handling of zero-day vulnerabilities and supply chain management because modern ransomware attacks not only target prime critical infrastructures but also the supply chain system."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"Overall, we are satisfied with it. However, the response part of the Cloud Detection and Response (CDR) module can be improved. It is not yet in place according to requirements; it is not completely available even though the module has been released."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"The solution needs automatic testing."
"Skyhawk Security can be improved mainly by improving the UI so it is a little bit easier to use, and the speed that it takes pages to load are the main downfalls."
"The platform’s interface needs enhancement."
"I wish there was more transparent self-service pricing information available instead of having to go through sales to get the details."
"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels."
"The stability could be improved."
"Having a Zscaler-specific device could streamline this process and provide a more consistent user experience across diverse branches."
"It has massive room for improvement. The Zscaler product itself is okay, but it doesn't give enough granularity for us as an organization to stipulate rules or processes, especially for data-driven services. For instance, we can stick on SSL inspection, but it's just a click box. It doesn't allow us to go any further into the detail of the SSL inspection. We also can't pull it out without having an additional logging server. It just doesn't give us enough granularity. They should give us more control over the interfaces because it is all backend. They weren't very open to discussing their backend architecture with us in terms of their own data centers. They can maybe a little bit more open about what components are there and how the backend infrastructure works alongside Zscaler. Its licensing can be better. Some of the additional licensing costs are quite high, and they should have certain features ready and available as a baseline rather than having to purchase additional licenses for it. Their support should also be improved. I initially had a consultant from Zscaler for its deployment, but the support that I had throughout the deployment of the project wasn't the best."
"It needs to offer SSO, single sign-on, and items of that nature."
"You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language."
"This is a great solution, I'm just searching for an alternative because the costing or the commercials for this type of solution tends to be a little high, although we have been using it for a year already."
"It has a limitation, if you are creating a rule or something for a web application or something, you could only add five users, not more than that. Five or four users are only included in a rule. If you want to create a rule for more than five or four users, you have to go through other methods, not particularly with the application. Working within the application with this method would be quite easy as compared to listing a URL or a normal IP address."
 

Pricing and Cost Advice

"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"TotalCloud's price is about right where I would expect it to be."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers cost-effective licensing flexibility."
Information not available
"It is an auto-renewal subscription service."
"Zscaler Private Access is extremely expensive."
"As per industry leads, Zscaler CASB is an expensive solution."
"The pricing is quite high, especially when it comes to the gateway."
"Zscaler CASB is an expensive solution."
"The product has reasonable pricing."
"The product is a little more expensive than other tools."
"Zscaler SASE software is quite expensive compared to other solutions"
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
904,680 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Outsourcing Company
8%
Comms Service Provider
7%
No data available
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
8%
Outsourcing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise12
Large Enterprise46
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Radware Cloud Native Protector?
I do not have access to specific pricing details and licensing costs as that is managed by our management team, but I...
What needs improvement with Radware Cloud Native Protector?
Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more nati...
What is your primary use case for Radware Cloud Native Protector?
My main use case of Skyhawk Security is cutting through the massive volume of alerts I deal with daily in my SOC oper...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
How to minimize false positives for PII and PCI around different data systems across the globe?
Personal information always should be under high protection from manipulations which is why it is the responsibility ...
What is your experience regarding pricing and costs for Zscaler Cloud Protection?
This is an area where I have candid feedback from our organization regarding pricing, setup cost, and licensing for Z...
 

Also Known As

Qualys TotalCloud with FlexScan
Radware Cloud Native Protector
Zscaler SASE, Zscaler DLP, Zscaler CASB, Zscaler CSPM, Zscaler Browser Isolation, Zscaler Posture Control
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Siemens, AutoNation, GE, NOV
Find out what your peers are saying about Microsoft, Wiz, SentinelOne and others in Cloud Workload Protection Platforms (CWPP). Updated: July 2026.
904,680 professionals have used our research since 2012.