No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point CloudGuard CNAPP vs Cisco Secure Workload comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Workload Protection Platforms (CWPP)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Check Point CloudGuard CNAPP
Ranking in Cloud Workload Protection Platforms (CWPP)
7th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
72
Ranking in other categories
Vulnerability Management (14th), Cloud and Data Center Security (8th), Container Security (13th), Cloud Security Posture Management (CSPM) (7th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Data Security Posture Management (DSPM) (8th), Compliance Management (6th)
Cisco Secure Workload
Ranking in Cloud Workload Protection Platforms (CWPP)
16th
Average Rating
8.6
Reviews Sentiment
7.7
Number of Reviews
15
Ranking in other categories
Cloud and Data Center Security (7th), Microsegmentation Software (4th), Cisco Security Portfolio (8th)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
reviewer2751468 - PeerSpot reviewer
Assistant Manager at a computer software company with 201-500 employees
Boosts security and compliance in multi-cloud environments while real-time threat detection enhances risk management
Check Point CloudGuard CNAPP flagged a misconfiguration in our AWS S3 bucket that had overly permissive access settings. That configuration could have exposed our sensitive data to the public internet. The platform not only identified the issue but also provided remediation that our team was able to apply immediately. This prevented a potential data exposure. Check Point CloudGuard CNAPP offers a unified, modular platform that combines CSPM, CWPP, CIEM, code security, and cloud detection and response. The agentless workload posture, real-time threat detection and response, multi-cloud coverage and visibility, compliance automation, and one-click remediations stand out as its best features. I find myself relying on the risk management engine and prioritization the most day-to-day. In any cloud environment, you are flooded with findings, misconfigurations, vulnerabilities, and compliance gaps. Without prioritization, it is overwhelming for our team to take care of the posture. CloudGuard's risk scoring helps us cut through incidents. This makes remediation faster and focused instead of wasting time checking every alert. We get to fix the issues that pose real business risks. Check Point CloudGuard CNAPP has positively impacted our organization at a significant level. We get greater visibility and control across all our cloud environments. Some biggest benefits we have seen are faster detection and remediation of misconfigurations, improved compliance posture, reduced risk exposure, operational efficiency, and cost savings. Overall, it has made our cloud environment more secure, compliant, and easier to manage while freeing up our teams to focus on projects instead of chasing alerts.
Raj Metkar - PeerSpot reviewer
Director, Head of Networks at MUFG, EMEA
Discover internal application dependencies and create a dependency map
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"By integrating TotalCloud, we have significantly reduced vulnerabilities in our deployment pipeline."
"I would definitely recommend Qualys TotalCloud to other users."
"The best part I like is the on-demand scans."
"Once you have your vulnerabilities fixed and your patches pushed out using Qualys TotalCloud, then you are able to eliminate threats and cyber risk."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."
"The product enables us to check the information that goes out of the company."
"It streamlines visibility, so this is the right tool if you are trying to meet a specific compliance standard or you are managing hundreds or thousands of servers within your cloud environment."
"Gives us centralized firewall management for both Windows and Linux distros. Also provides a clear view of the security configurations and connections across environments (DMZ, external and internal networks)."
"It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment."
"Dome9 continues to be a major piece of our cloud security architecture and has given our senior leadership team a high degree of confidence in our ability to protect our cloud environment."
"It is a very good tool for both cloud compliance and governance."
"A unified security solution across all major public clouds affects our cloud security operations by saving us a ton of time and effort."
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"Secure Workload's best feature is that it's an end-to-end offering from Cisco."
"The only use case I can see that makes sense is micro-segmentation. I think there are other use cases for it. The main purpose of the product is to do micro-segmentation by collecting IP. That could be done by installing an agent, and then you have all the communication coming in and out. You could also use some flow sensors installed in the network that receive a copy of the traffic and then report that back to the system."
"Scalability is its most valuable feature."
"The most valuable feature of this solution is security."
"This product does everything that you need it to do and more and does a lot to provide visibility in a network environment, save time and money, and make the organization IT operate in a much more streamlined fashion."
"The product offers great visibility into the network so we can enforce security measures."
"Overall, this is a really good product and I am happy with it."
"The product provides multiple-device integration."
 

Cons

"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"Qualys TotalCloud's increasing complexity, due to the development and deployment of multiple solutions, is making the GUI difficult to navigate."
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"There is a lack of data segregation according to criticality or inventory."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"The support is not up to the mark and seems to be overburdened."
"The cost of Qualys TotalCloud is high and could be more competitive."
"The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure."
"When rules change, it messes up the remediation. They haven't found a fix for that yet. The remediation rule goes into limbo. It's an architectural design flaw within their end compliance engine—a serious bug."
"Reporting should have more options."
"Integration could be improved."
"We want to be able to customize the solution more in order to meet the needs of our company."
"The accuracy of its remediation is a 7.5 out of 10. Before, I would have given it a ten but now, to handle remediation for fully qualified domain names, it's not working as it did in the past. We're finding some difficulties there."
"We are trying to replace Check Point CloudGuard with Dome9."
"CloudGuard CNAPP could be enhanced by increasing the number of components that run natively on Azure."
"Secure Workload is a little complicated to use, and the dashboard isn't intuitive, so it takes a while to learn how to use it."
"The product must be integrated with the cloud."
"The emailed notifications are either hard to find or they are not available. Search capabilities can be improved."
"It is not so easy to use and configure. It needs a bunch of further resources to work, which is mainly the biggest downside of it. The deployment is huge."
"It has an uninviting interface."
"I'd like to see better documentation for advanced features. The documentation is fairly basic. I would also like to see better integration with other applications."
"A feature that I was looking for was emailed alerts and notifications so we'd get them right away."
"The entire interface could be improved; it's ugly and uninviting, and Tetration tends to be a lot more cumbersome and not very intuitive compared to the biggest competitor's modern-looking GUI."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud is expensive."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"TotalCloud's price is about right where I would expect it to be."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The cost is high, but it meets our organizational needs."
"It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
"​They support either annual licensing or hourly. At the time of our last negotiation, it was either one or the other, you could not mix or match. I would have liked to mix/match. ​"
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"I would advise taking into account the existing number of devices and add a forecast of the number of devices to be added in the coming year or two, to obtain better pricing."
"The licensing part still needs some work. The issue that I have is that we do not use all the services in the cloud, but sometimes, CloudGuard identifies them as an asset."
"It is difficult to contextualize the pricing because we are used to Indian pricing and licensing."
"The tool's pricing is moderate. Its licensing costs are yearly."
"The cost for the hardware is around 300k."
"The price is outrageous. If you have money to throw at the product, then do it."
"The pricing is a bit higher than we anticipated."
"Pricing depends on the scope of the application and the features. Larger installations save more."
"It is not cheap and pricing may limit scalability."
"The price is based on how many computers you're going to install it on."
"Regarding price, Cisco Secure Workload can be expensive if you don't have a budget. If you're not doing micro-segmentation, every extra security measure or enforcement you're putting on top of your existing environment will be an extra cost. It's not a cheap solution at all. But from my point of view, if you need to do micro-segmentation, this is one of the best tools I've seen for it. I can't compare that to Microsoft's solution because I haven't looked into it. I've looked into VMware and Cisco. Those are the only two that I know of. I didn't know that Microsoft could do micro-segmentation at all. Maybe they can, but I haven't heard anything about it."
report
Use our free recommendation engine to learn which Cloud and Data Center Security solutions are best for your needs.
900,747 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
18%
Financial Services Firm
14%
Construction Company
7%
Comms Service Provider
7%
Construction Company
11%
Financial Services Firm
10%
Manufacturing Company
8%
Outsourcing Company
7%
Manufacturing Company
14%
Financial Services Firm
10%
Government
9%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
By reviewers
Company SizeCount
Small Business58
Midsize Enterprise13
Large Enterprise58
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise8
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for CloudGuard Workload Protection?
My experience with pricing, setup cost, and licensing has been reasonable for the value it delivers. The initial setu...
What needs improvement with CloudGuard for Cloud Intelligence?
One area that Check Point CloudGuard CNAPP could use improvement is the navigation when switching between modules. A ...
What is your primary use case for CloudGuard for Cloud Intelligence?
My main use case for Check Point CloudGuard CNAPP is strengthening cloud security posture, monitoring configurations,...
What is your experience regarding pricing and costs for Cisco Secure Workload?
CloudStrike offers antivirus capabilities and firewall features for servers and VDI but lacks automatic policy discov...
What needs improvement with Cisco Secure Workload?
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration a...
What is your primary use case for Cisco Secure Workload?
When we onboarded Cisco Secure Workload, the usual use case was to discover internal application dependencies and cre...
 

Also Known As

Qualys TotalCloud with FlexScan
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
Cisco Tetration
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
ADP, University of North Carolina Charlotte (UNCC)
Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Cisco Secure Workload and other solutions. Updated: June 2026.
900,747 professionals have used our research since 2012.