Sysdig Secure vs Zscaler Zero Trust Exchange Platform comparison

Sysdig and Zscaler are both solutions in the Cloud Security Posture Management (CSPM) category. Sysdig is ranked #18 with an average rating of 8.3, while Zscaler is ranked #10 with an average rating of 8.4. Additionally, 100% of Sysdig users are willing to recommend the solution, compared to 98% of Zscaler users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 7, 2024

Sysdig Secure and Zscaler Zero Trust Exchange Platform are two prominent solutions in the cybersecurity category. Based on user feedback, Sysdig Secure seems to have an upper hand in integration and deployment, while Zscaler leads in comprehensive security coverage and threat intelligence.

Features: Sysdig Secure is noted for container and Kubernetes security, offering deep visibility and compliance checks that integrate seamlessly with DevOps workflows, providing ease of integration and robust threat detection. Zscaler Zero Trust Exchange is recognized for its scalability, seamless cloud application access, and extensive threat intelligence, creating a secure perimeter for remote workforces.

Room for Improvement: Sysdig Secure could benefit from enhanced dashboard functionalities, improved reporting features, and more intuitive navigation. Zscaler users suggest enhancements in network performance, simplification of policy management, and streamlined processes.

Ease of Deployment and Customer Service: Sysdig Secure users report smoother deployment due to automation and comprehensive support during the setup phase. Zscaler integrates well with existing systems but needs improvements in customer service responsiveness. Sysdig provides slightly better support according to user feedback.

Pricing and ROI: Sysdig Secure is competitively priced for small to medium enterprises, offering good ROI in risk reduction. Zscaler is priced higher, justified by its features and performance in large-scale environments, providing substantial ROI through enhanced security effectiveness.

To learn more, read our detailed Cloud Security Posture Management (CSPM) Report (Updated: September 2024).

Buyer's Guide

Cloud Security Posture Management (CSPM)

September 2024

Download the complete report

Helped 812,651 peers since 2012

Categories and Ranking

SentinelOne Singularity Clo...

Featured Reviews

Andrew W

VP - Information Technology at a financial services firm with 201-500 employees

Aug 29, 2024

Tells us about vulnerabilities as well as their impact and helps to focus on real issues

Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Read full review

SunilKumar28

DevOps Specialist at a manufacturing company with 10,001+ employees

Aug 30, 2023

A security scanning tool with great insight on your workloads running anywhere

There was a security concern related to a specific feature. While the feature itself was promising, it posed a challenge. The situation revolved around code scanning. If your source code is hosted within your own premises, say on Bitbucket, you naturally wouldn't want your code to be accessible to external parties beyond your company. Keeping your code base private is a standard practice. However, in the case of code scanning using Sysdig Secure, they copy your code to their SaaS platform. This posed an issue for us. When we inquired about this, their response acknowledged the concern. In an upcoming release, they plan to enable code scanning within your on-premises environment through the assistance of an agent. This change is already in progress. While this tool stands out compared to existing solutions in the market, it's important to note that there are still some limitations to consider. Another drawback we encountered relates to our expertise with Kubernetes. The tool can monitor Kubernetes audit logs, triggering alerts and notifications. However, it falls short in terms of taking direct action based on these alerts. There are different methods of event capture, including through system level and system calls, as well as via Kubernetes audit events. Notably, at the system level, Sysdig Secure can both detect and respond to events, allowing actions like blocking and warning. This proactive approach is effective at the system call level. However, when it comes to monitoring Kubernetes audit events, Sysdig Secure can only notify without being able to execute any further actions. It can't block access or containers. The vendor likened their role to that of a monitoring camera, observing events and sending notifications without the capacity to intervene. This limitation applies to Kubernetes audit events. Given that everything operates within our system, there is a workaround available: configuring system-level policies to block containers as necessary.

Read full review

Vikram Srirama.

Deputy General Manager at Sagility

Oct 4, 2023

A VPN alternative that delivers a zero trust model

The primary use cases for the Zscaler include secure channel access for applications, private file service access, and remote connectivity to the active directory. These are the top three essential functionalities provided by Zscaler Previously, we utilized HubSpot, which required connecting to…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable aspect of Singularity Cloud Security is its unified dashboard."

"Our organization is growing steadily, so our infrastructure is expanding, and we're managing more technical resources. Singularity Cloud Security helps us track our resources so that we don't get lost in the overwhelming volume of things and ensures we follow best practices. The solution gives us better visibility into our resources and enables faster resolution."

"The most valuable features are automated threat response, AI detection, and static and dynamic detection."

"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."

"It is scalable, stable, and can detect any threat on a machine. It uses artificial intelligence and can lock down any virus."

"PingSafe's most valuable feature is its unified console."

"Cloud Native Security offers attack path analysis."

"There's real-time threat detection. It can show threats and find issues based on their severity and helps us with real-time monitoring."

More SentinelOne Singularity Cloud Security pros

"The most valuable feature is the level of support that we get. Our solutions or customer success representative is very valuable. I see them as an extension of our security team."

"Sysdig Secure has many strong foundational features like compliance and benchmark, security, network access management, and vulnerability management."

"The log monitor is the most valuable feature."

"I see Sysdig as the most comprehensive solution in comparison to its competitors."

"The tool has the capability to conduct scans initially. It can perform scans on your virtual machines, physical machines, containers, and container images. A standout feature is its ability to scan offline container images stored in your container registry. Additionally, it can scan runtime images in your cluster or on your host machine. This allows for the detection of vulnerabilities in running containers, including loaded libraries. Notably, the tool can identify which library vulnerabilities are already present in your system. An added advantage is its capacity to take action beyond threat detection. It has the ability to block access and respond to encountered threats."

"From a container-based standpoint, it offers excellent scalability to its users...I would tell those planning to use the solution that, from a container standpoint, it's excellent."

"The proactiveness of the support has been fantastic. Every time we mention something in a meeting that we're trying to do, he proactively takes that as an investigation topic and looks into it. He'll provide the solution even though we might not have asked him to investigate it."

"We appreciate this feature, especially when combined with CD monitoring. The implementation of requested features has been remarkable, such as scanning for compliance in CRM processes for the US government. We heavily rely on this feature to assess compliance with federal requirements."

"The solution offers a simplified network infrastructure and security functions and it enables secure remote access for the users"

"On DLP terms, Zscaler Cloud DLP ensures that data doesn't go outside of the organization. So on the network level, Zscaler does a pretty good job."

"The most valuable features are the File Type Control and SSL bypass policies. We"

"The customer service and support are very good."

"This secure connection allows users to connect to the Zscaler VPN and access the resources on the office network, making it a highly valuable component of our system."

"The product’s most valuable features are data discovery, activity control, and zero trust exchange."

"I find all Zscaler Private Access features valuable because each replaces flawed technologies, such as EPAs being replacements for VPN and PR as a replacement for PAM, so I can't mention only one valuable feature. Overall, Zscaler Private Access is a good solution."

"I like the web filtering capabilities."

More Zscaler Zero Trust Exchange Platform pros

Cons

"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."

"Customized queries should be made easier to improve PingSafe."

"Scanning capabilities should be added for the dark web."

"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."

"I would like PingSafe's detections to be openly available online instead of only accessible through their portal. Other tools have detections that are openly available without going through the tool."

"In some cases, the rules are strictly enforced but do not align with real-world use cases."

"When we request any changes, they must be reflected in the next update."

"While it is good, I think the solution's console could be improved."

More SentinelOne Singularity Cloud Security cons

"Reporting can definitely be better. Live dashboards should be configurable for a longer period of time rather than 30 days. Being able to go back in time to compare six months ago to today would be valuable."

"They should make it specific with a couple of features only."

"The dashboard could be more simple and show the more important issues that are detected first. We'd like to be able to set it up so more important issues show up more prominently in the dashboard."

"Sysdig's biggest weakness is dashboarding and reporting. You have access to the data and can get everything you need, but we need the ability to summarize the information quickly in a format that senior leaders can understand. We report to the executive level and global board. I need to roll all that in-depth information into a quick summary, and their maturity level isn't there. I'm seeing that on the future road map, but it isn't there now."

"There was a security concern related to a specific feature. While the feature itself was promising, it posed a challenge. The situation revolved around code scanning. If your source code is hosted within your own premises, say on Bitbucket, you naturally wouldn't want your code to be accessible to external parties beyond your company. Keeping your code base private is a standard practice. However, in the case of code scanning using Sysdig Secure, they copy your code to their SaaS platform. This posed an issue for us. When we inquired about this, their response acknowledged the concern. In an upcoming release, they plan to enable code scanning within your on-premises environment through the assistance of an agent. This change is already in progress. While this tool stands out compared to existing solutions in the market, it's important to note that there are still some limitations to consider. Another drawback we encountered relates to our expertise with Kubernetes. The tool can monitor Kubernetes audit logs, triggering alerts and notifications. However, it falls short in terms of taking direct action based on these alerts. There are different methods of event capture, including through system labels and system calls, as well as via Kubernetes audit events. Notably, at the system level, Sysdig Secure can both detect and respond to events, allowing actions like blocking and warning. This proactive approach is effective at the system call level. However, when it comes to monitoring Kubernetes audit events, Sysdig Secure can only notify without being able to execute any further actions. It can't block access or containers. The vendor likened their role to that of a monitoring camera, observing events and sending notifications without the capacity to intervene. This limitation applies to Kubernetes audit events. Given that everything operates within our system, there is a workaround available: configuring system-level policies to block containers as necessary."

"Perhaps, it could support more custom implementations, as our company utilizes custom implementations rather than standard ones. Configuring it requires a deep understanding and adjustment to our specific needs, which took some time. Other than that, I'm unsure about potential improvements. We were considering the possibility of compartmentalizing their tools. Currently, in Sysdig Secure, they bundle multiple features, and we are unable to use them individually. For instance, if we only need compliance scanning, we have to deploy the entire secure package. This is because of the way their agent functions, but I can't delve into more details."

"The solution needs to improve overall from a CSPM standpoint since they can't compete with Wiz or Orca."

"Banks and financial institutions cannot use Sysdig Secure because it doesn't sell SaaS-hosted versions for under two hundred working nodes."

"Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow."

"The solution's granularity should be improved because it has limited granular options to control, visible, allow, block, delay, and receive."

"It would be better if the Zscaler Private Access team made it easier for people to find subscriptions on the portal, mainly information on what my customers subscribed to or the type of licenses purchased."

"Setup is a bit complex because there are many steps that need to be taken before onboarding and activating the solution."

"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels. Zscaler Cloud DLP doesn't give you coverage for email, fax, and USB channels, and this is the only challenge or room for improvement in the solution. It's just an extension on top of what you're buying on the proxy, so it's just an added layer, and it doesn't cover DLP on a very broad level. I'm unsure if Zcaler is in the business of competing with a full-blown DLP solution, and if there's a plan to expand the features of Zscaler Cloud DLP beyond the web channel because you'll have to deploy a full-blown agent for it. I'm unsure if this is on the cards because the solution is just an added layer that you get with your proxy. I've asked the Zcaler team whether there's a plan to go full DLP in the future, but I didn't get a positive response. There isn't any feature I'd like added to Zscaler Cloud DLP currently, because anything you could think of that should be in cloud or SaaS solutions is already there, except for machine learning, as it's the only functionality that seems to be lacking in the solution. Machine learning is an additional policy available in other DLP solutions in the market, but my team didn't find it in Zscaler Cloud DLP."

"The area that requires improvement is their support. The current support is lacking."

"While Zscaler supports client-initiated connections, it does not support server-initiated connections. This is a feature that Zscaler may consider adding in the future."

"I can't speak to any missing features."

More Zscaler Zero Trust Exchange Platform cons

Pricing and Cost Advice

"PingSafe falls within the typical price range for cloud security platforms."

"PingSafe's primary advantage is its ability to consolidate multiple tools into a single user interface, but, beyond this convenience, it may not offer significant additional benefits to justify its price."

"PingSafe is less expensive than other options."

"Its pricing was a little less than other providers."

"PingSafe is priced reasonably for our workload."

"The pricing for PingSafe in India was more reasonable than other competitors."

"Singularity Cloud Security by SentinelOne is cost-efficient."

"It is not that expensive. There are some tools that are double the cost of PingSafe. It is good on the pricing side."

More SentinelOne Singularity Cloud Security pricing and cost advice

"I am always going to say that it could be a little bit cheaper. I do feel that it is a little bit on the expensive side."

"Sysdig is competitive. The quality matches the pricing. Obviously, everyone wants things to be cheaper, but if you're realistic, you acknowledge that quality service comes with a price. Sysdig is the gold standard for Kubernetes, and I wouldn't choose anything else. We live in Kubernetes. Everything is containerized, so that means a lot to us, and we're willing to make an investment."

"In comparison to other cloud solutions, it's reasonably priced. However, when compared to in-house built open-source projects, it might be considered somewhat costly. The cost depends on whether someone sees the support provided by Sysdig as an advantage or if it's deemed unnecessary. Personally, I find the support to be excellent and consider it a good value."

"It is quite costly compared to other tools."

"The solution's pricing depends on the agents...In short, the price depends on the environment of its user."

"It is an auto-renewal subscription service."

"The solution is expensive."

"It's expensive currently. But when purchasing for a large number of users, there's room to negotiate. It's really up to the procurement team."

"The cost is expensive. It depends on the number of users."

"Zscaler DLP solution is expensive, with a fixed pricing structure that is billed annually and monthly. There are no additional costs for licenses."

"It has been relatively reasonable for what it does. Some of the additional license costs based on the advanced next-generation firewall functions are quite high, and they should have certain features ready and available as a baseline rather than having to purchase additional licenses for it. Overall, the cost seems reasonable."

"In the long run, cloud services are not inherently costly."

"My company is a Zscaler Private Access partner, so the customers pay for the license fees."

More Zscaler Zero Trust Exchange Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.

See recommendations

812,651 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

16%

Manufacturing Company

10%

Insurance Company

Financial Services Firm

21%

Computer Software Company

17%

Manufacturing Company

10%

Comms Service Provider

Computer Software Company

17%

Financial Services Firm

13%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about PingSafe?

The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...

See all answers

What is your experience regarding pricing and costs for PingSafe?

I am personally not taking care of the pricing part, but when we moved from CrowdStrike to Singularity Cloud Native S...

See all answers

What needs improvement with PingSafe?

They can provide some kind of alert when a new type of risk is there. There can be a specific type of alert showing t...

See all answers

What do you like most about Sysdig Secure?

The proactiveness of the support has been fantastic. Every time we mention something in a meeting that we're trying t...

See all answers

What needs improvement with Sysdig Secure?

Reporting can definitely be better. Live dashboards should be configurable for a longer period of time rather than 30...

See all answers

What is your primary use case for Sysdig Secure?

We use Sysdig Secure to gain visibility into our runtime workloads. We use a whole bunch of security tools to scan ou...

See all answers

What is the better solution - Prisma Access or Zscaler Private Access?

We looked into Prisma Access before choosing Zscaler Private Access (ZPA). Palo Alto’s Prisma Access is a secure ac...

See all answers

What do you like most about Zscaler SASE?

The most valuable features of Zscaler Private Access are reliability, scalability, and availability.

See all answers

What is your experience regarding pricing and costs for Zscaler SASE?

Zscaler SASE is quite expensive compared to other solutions. The price is not fixed and it does not include all of th...

See all answers

Comparisons

Wiz vs SentinelOne Singularity Cloud Security

Compared 33% of the time

Prisma Cloud by Palo Alto Networks vs SentinelOne Singularity Cloud Security

Compared 24% of the time

AWS GuardDuty vs SentinelOne Singularity Cloud Security

Compared 8% of the time

Orca Security vs SentinelOne Singularity Cloud Security

Compared 7% of the time

Qualys VMDR vs SentinelOne Singularity Cloud Security

Compared 3% of the time

More SentinelOne Singularity Cloud Security Competitors

Wiz vs Sysdig Secure

Compared 26% of the time

Sysdig Falco vs Sysdig Secure

Compared 12% of the time

SUSE NeuVector vs Sysdig Secure

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs Sysdig Secure

Compared 8% of the time

Tenable.io Container Security vs Sysdig Secure

Compared 2% of the time

More Sysdig Secure Competitors

Prisma Access by Palo Alto Networks vs Zscaler Zero Trust Exchange Platform

Compared 10% of the time

Microsoft Purview Data Loss Prevention vs Zscaler Zero Trust Exchange Platform

Compared 9% of the time

Cato SASE Cloud Platform vs Zscaler Zero Trust Exchange Platform

Compared 8% of the time

Axis Security vs Zscaler Zero Trust Exchange Platform

Compared 6% of the time

Wiz vs Zscaler Zero Trust Exchange Platform

Compared 5% of the time

More Zscaler Zero Trust Exchange Platform Competitors

Product Reports

Buyer's Guide

SentinelOne Singularity Cloud Security

September 2024

SentinelOne Singularity Cloud Security report

Download SentinelOne Singularity Cloud Security product report

Buyer's Guide

Sysdig Secure

September 2024

Download Sysdig Secure product report

Buyer's Guide

Zscaler Zero Trust Exchange Platform

September 2024

Zscaler Zero Trust Exchange Platform report

Download Zscaler Zero Trust Exchange Platform product report

Also Known As

PingSafe

No data available

Zscaler SASE, Zscaler DLP, Zscaler CASB, Zscaler CSPM, Zscaler Browser Isolation, Zscaler Posture Control

Learn More

SentinelOne

Sysdig

Zscaler

Overview

SentinelOne Singularity Cloud Security protects cloud workloads, offering advanced threat detection and automated response. It integrates seamlessly with cloud environments and secures containerized applications and virtual machines against vulnerabilities.

SentinelOne Singularity Cloud Security is renowned for its efficiency in mitigating threats in real-time. The platform integrates effortlessly with existing cloud environments, ensuring robust cloud security management with minimal manual intervention. Securing containerized applications and virtual machines, it excels in threat intelligence and endpoint protection. However, improvements are needed in performance during high workload periods, and more integrations with third-party tools and better documentation would be beneficial. Users often find the installation process complex, support response times slow, and the dashboard's navigation unintuitive.

What are the key features of SentinelOne Singularity Cloud Security?

Real-time Threat Detection: Identifies and mitigates threats as they occur.
Automated Response: Automatically responds to threats to minimize impact.
Ease of Deployment: Simple setup process with scalable options.
Machine Learning Insights: AI-driven insights enhance threat prevention.
Seamless Integration: Integrates with cloud environments for unified security management.

What are the primary benefits or ROI to expect from SentinelOne Singularity Cloud Security?

Enhanced Threat Mitigation: Improved security against real-time threats.
Reduced Manual Intervention: Automated processes save time and resources.
Scalability: Easily adapts to growing security requirements.
Centralized Management: Manage security across platforms from a single console.
Advanced Threat Intelligence: Provides in-depth analysis and protection.

In specific industries, SentinelOne Singularity Cloud Security is implemented to safeguard critical data and infrastructure. Organizations in finance, healthcare, and technology depend on its real-time threat detection and automated response to protect sensitive information. Its ability to secure containerized applications and virtual machines is particularly valuable in dynamic environments where rapid scaling is necessary.

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation.

Sysdig. Secure Every Second.

Zscaler Zero Trust Exchange Platform acts as a VPN alternative for secure remote access, cloud protection, and zero-trust strategies. It enables secure data transmission, supports remote work, and enhances compliance through a cloud-based architecture, offering improved performance and simplified management.

Designed for organizations seeking secure application access and robust data protection, Zscaler Zero Trust Exchange Platform delivers a comprehensive solution through seamless VPN connectivity, data loss prevention, and SSL inspection. Its cloud integration ensures scalability and reliability, while its interface provides intuitive management. Companies benefit from automatic secure access, minimizing constant authentication needs, and safeguarding sensitive data. The platform allows easy deployment and integration with diverse identity providers, granting granular control for access and application segmentation. Despite powerful capabilities, enhancements are needed in speed, bandwidth, and legacy support, with users noting interface and configuration challenges.

What are the key features of Zscaler Zero Trust Exchange Platform?

Seamless VPN Connectivity: Provides automatic secure access without repetitive authentication.
Strong Security Measures: Offers DLP and SSL inspection for data protection.
Cloud Integration: Ensures scalability and performance optimization.
Granular Access Control: Manages access with application-specific segmentation.

What benefits should companies look for in reviews when evaluating this platform?

Performance: Enhanced connectivity and reduced latency.
Data Protection: Comprehensive DLP and encryption capabilities.
Scalability: Efficient handling of growing organizational demands.
Ease of Deployment: Quick setup and integration with IDPs.

In specific industries, Zscaler Zero Trust Exchange has been implemented to enhance security protocols in fields like finance and healthcare. By prioritizing data protection and compliance, it assists companies in safely managing sensitive information and meeting regulatory requirements. Organizations leverage its features to ensure secure operations across remote and cloud environments, adapting to industry-specific needs with customizable access and security controls.

Sample Customers

Information Not Available

SAP Concur, Goldman Sachs, Worldpay, Experian, BigCommerce, Arkose Labs, Calendly, Noteable, Bloomreach. More here: https://sysdig.com/customers/

Siemens, AutoNation, GE, NOV

Buyer's Guide

Cloud Security Posture Management (CSPM)

September 2024

Download Free Report

Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Cloud Security Posture Management (CSPM). Updated: September 2024.

DOWNLOAD NOW

812,651 professionals have used our research since 2012.

See our list of best Cloud Security Posture Management (CSPM) vendors and best Cloud-Native Application Protection Platforms (CNAPP) vendors.

We monitor all Cloud Security Posture Management (CSPM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.