No more typing reviews! Try our Samantha, our new voice AI agent.

Skyhawk Security vs Zscaler Zero Trust Exchange Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Skyhawk Security
Average Rating
9.4
Reviews Sentiment
5.7
Number of Reviews
5
Ranking in other categories
Cloud Workload Protection Platforms (CWPP) (21st), Cloud Security Posture Management (CSPM) (28th)
Zscaler Zero Trust Exchange...
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
67
Ranking in other categories
Data Loss Prevention (DLP) (6th), Cloud Access Security Brokers (CASB) (9th), Application Control (4th), ZTNA as a Service (1st), Secure Access Service Edge (SASE) (2nd), Remote Browser Isolation (RBI) (1st)
 

Mindshare comparison

Cloud Workload Protection Platforms (CWPP) Mindshare Distribution
ProductMindshare (%)
Skyhawk Security0.7%
Microsoft Defender for Cloud12.7%
AWS GuardDuty10.0%
Other76.6%
Cloud Workload Protection Platforms (CWPP)
Secure Access Service Edge (SASE) Mindshare Distribution
ProductMindshare (%)
Zscaler Zero Trust Exchange Platform8.8%
Prisma Access by Palo Alto Networks10.2%
Cato SASE Cloud Platform7.6%
Other73.4%
Secure Access Service Edge (SASE)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
Abhimanyu Das - PeerSpot reviewer
Senior Cybersecurity Engineer at Kyndryl
Cloud threat validation has reduced alert fatigue and now focuses investigations on real attacks
Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more native integration with Microsoft security tools such as Sentinel and Defender, since those are what we use daily. Having deeper built-in integration instead of relying on generic SIM connections would save time. The training and documentation could also be more comprehensive, with more real-world use case examples specific to different industries. Additionally, having more general customization for the AI models to adjust what gets flagged as anomalous in our specific environment would help reduce alert noise. These are pretty minor improvements, and most of them are probably already in their roadmap based on their recent updates adding self-AI training and bulk status changes for their customers. I believe a mobile app would benefit SOC analysts who need to respond frequently while on the go, as most of the platform feels focused on desktop use. Having a robust mobile experience for approving automated responses and reviewing critical alerts would be really useful.
Vibin Thomas - PeerSpot reviewer
Technical Team Lead - Content Security at Valuepoint Systems
Zero trust access has transformed remote connectivity and now simplifies secure app usage
Zscaler Zero Trust Exchange Platform, especially Zscaler Private Access, is very strong, though there are a few areas where improvements can be made. One challenge observed is around initial troubleshooting and visibility. While Zscaler Private Access provides logs, it can sometimes take time to pinpoint the exact cause of access issues, especially in complex environments with multiple policies and identity integration. Another area is the dependency on identity and connector health. Since Zscaler Private Access is heavily reliant on app connectors and identity providers, any issues with these components can impact user access, making proper monitoring critical. During the initial setup, policy configuration and application onboarding require careful planning, especially for larger environments with many applications. These challenges are manageable with proper design and monitoring. Overall, the platform delivers strong security and user experience. I would recommend a few improvements, especially around user interface, reporting, and troubleshooting experience. From a user interface perspective, while the platform is powerful, the policy configuration and navigation can feel complex, especially for new users. A more simplified and intuitive layout for policy mapping and application access would help reduce the learning curve. In terms of reporting, Zscaler Private Access provides logs, but having more built-in customizable dashboards and analytics would be very helpful. Better visibility into user access patterns, application performance, and real-time troubleshooting insights would improve operational efficiency. From a support and troubleshooting standpoint, it would be beneficial to have more granular centralized visibility, allowing for quick end-to-end tracing of a user request from authentication to application access without switching between multiple views. These improvements would make the platform even more efficient, especially for large-scale enterprise environments.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."
"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"TruRisk Insights is the most important innovation they've released this year."
"I found the initial setup user-friendly."
"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"The best feature would be the ability to create policies. It is easy to control and update policies as required."
"We fell in love at the first sight."
"The initial setup process is easy and intuitive."
"Skyhawk Security has plenty of products and subscriptions available, and at this moment, Skyhawk Security appears to be the leading company in the cybersecurity area."
"Skyhawk Security has positively impacted my organization because we are a small security team, and Skyhawk Security allows us to prioritize our work."
"Skyhawk Security has had a really positive impact on our organization, especially in reducing false positives and speeding up incident response times."
"It helps us in reaching the ISO27001 certification."
"The platform offers advanced threat protection features and embedded AI/ML capabilities, making it more proactive in blocking threats."
"The scalability is pretty good."
"The product provides a seamless user experience."
"I find all Zscaler Private Access features valuable because each replaces flawed technologies, such as EPAs being replacements for VPN and PR as a replacement for PAM, so I can't mention only one valuable feature. Overall, Zscaler Private Access is a good solution."
"Subsequently, after this, there is a huge reduction, as the vulnerabilities, especially the security bugs that were coming prior to Zscaler Zero Trust Exchange Platform, were about 20,000 to 22,000 and have come down more than 40 percent, which is definitely an advantage over the previous product."
"The most valuable feature of Zscaler Private Access is the categorization of the dynamic URLs which keeps the customer's environment protected. The threats and the malware are correctly categorized."
"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."
"The in-line DLP feature is one of the most vital features"
 

Cons

"There is a lack of data segregation according to criticality or inventory."
"I would appreciate additional integration options to connect Qualys TotalCloud with our other vulnerability management tools."
"Although TotalCloud is a helpful tool, some of its advanced features are still under development."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"The areas in the solution that have room for improvement include the UI/UX design, which should be improved, and they should integrate more artificial intelligence into the product."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."
"Skyhawk Security can be improved mainly by improving the UI so it is a little bit easier to use, and the speed that it takes pages to load are the main downfalls."
"The platform’s interface needs enhancement."
"The solution needs automatic testing."
"I wish there was more transparent self-service pricing information available instead of having to go through sales to get the details."
"The pre-defined dictionaries could be improved."
"More on-prem infrastructure is required when Zscaler Private Access is to be implemented as a single point of entry."
"It has massive room for improvement. The Zscaler product itself is okay, but it doesn't give enough granularity for us as an organization to stipulate rules or processes, especially for data-driven services."
"The granularity in blocking is not sufficient, as new domains are automatically blocked for 30 days without further information."
"Zscaler Zero Trust Exchange Platform probably needs to be more efficient because scanning takes a lot of time. Some vulnerabilities create issues, and when we wanted to identify the source of the vulnerabilities, specifically focusing on mobile ID and related areas, it was unable to provide assistance."
"The interface needs a bit of work."
"It has a limitation, if you are creating a rule or something for a web application or something, you could only add five users, not more than that. Five or four users are only included in a rule. If you want to create a rule for more than five or four users, you have to go through other methods, not particularly with the application. Working within the application with this method would be quite easy as compared to listing a URL or a normal IP address."
"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels."
 

Pricing and Cost Advice

"Qualys TotalCloud offers cost-effective licensing flexibility."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"The cost is high, but it meets our organizational needs."
Information not available
"Zscaler CASB is an expensive solution."
"The licensing model for Zscaler Cloud DLP allows you to only buy what you need. You don't need to buy it as a whole, so it's good."
"My company is a Zscaler Private Access partner, so the customers pay for the license fees."
"The product is a bit expensive."
"The solution is expensive."
"Zscaler Cloud DLP is moderately priced. We pay around 2 million rupees per year."
"Zscaler SASE software is quite expensive compared to other solutions"
"In terms of market positioning, I would describe Zscaler Private Access as offering optimal pricing. Based on our experience, Cato Networks tends to be slightly more expensive."
report
Use our free recommendation engine to learn which Cloud Workload Protection Platforms (CWPP) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
15%
Financial Services Firm
13%
Outsourcing Company
9%
Comms Service Provider
7%
No data available
Financial Services Firm
12%
Manufacturing Company
10%
Computer Software Company
8%
Outsourcing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business16
Midsize Enterprise12
Large Enterprise46
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Radware Cloud Native Protector?
I do not have access to specific pricing details and licensing costs as that is managed by our management team, but I...
What needs improvement with Radware Cloud Native Protector?
Skyhawk Security is pretty solid overall, but there are a few things I wish were better. One thing would be more nati...
What is your primary use case for Radware Cloud Native Protector?
My main use case of Skyhawk Security is cutting through the massive volume of alerts I deal with daily in my SOC oper...
What is the better solution - Prisma Access or Zscaler Private Access?
We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...
How to minimize false positives for PII and PCI around different data systems across the globe?
Personal information always should be under high protection from manipulations which is why it is the responsibility ...
What is your experience regarding pricing and costs for Zscaler Cloud Protection?
This is an area where I have candid feedback from our organization regarding pricing, setup cost, and licensing for Z...
 

Also Known As

Qualys TotalCloud with FlexScan
Radware Cloud Native Protector
Zscaler SASE, Zscaler DLP, Zscaler CASB, Zscaler CSPM, Zscaler Browser Isolation, Zscaler Posture Control
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Siemens, AutoNation, GE, NOV
Find out what your peers are saying about Microsoft, Wiz, SentinelOne and others in Cloud Workload Protection Platforms (CWPP). Updated: July 2026.
904,836 professionals have used our research since 2012.