No more typing reviews! Try our Samantha, our new voice AI agent.

Check Point CloudGuard CNAPP vs Zafran Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Check Point CloudGuard CNAPP
Ranking in Vulnerability Management
14th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
70
Ranking in other categories
Cloud and Data Center Security (8th), Container Security (13th), Cloud Workload Protection Platforms (CWPP) (8th), Cloud Security Posture Management (CSPM) (7th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Data Security Posture Management (DSPM) (8th), Compliance Management (6th)
Zafran Security
Ranking in Vulnerability Management
20th
Average Rating
9.6
Reviews Sentiment
6.4
Number of Reviews
6
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of Check Point CloudGuard CNAPP is 1.3%, down from 1.3% compared to the previous year. The mindshare of Zafran Security is 1.0%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
Check Point CloudGuard CNAPP1.3%
Zafran Security1.0%
Other96.6%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
reviewer2751468 - PeerSpot reviewer
Assistant Manager at a computer software company with 201-500 employees
Boosts security and compliance in multi-cloud environments while real-time threat detection enhances risk management
Check Point CloudGuard CNAPP flagged a misconfiguration in our AWS S3 bucket that had overly permissive access settings. That configuration could have exposed our sensitive data to the public internet. The platform not only identified the issue but also provided remediation that our team was able to apply immediately. This prevented a potential data exposure. Check Point CloudGuard CNAPP offers a unified, modular platform that combines CSPM, CWPP, CIEM, code security, and cloud detection and response. The agentless workload posture, real-time threat detection and response, multi-cloud coverage and visibility, compliance automation, and one-click remediations stand out as its best features. I find myself relying on the risk management engine and prioritization the most day-to-day. In any cloud environment, you are flooded with findings, misconfigurations, vulnerabilities, and compliance gaps. Without prioritization, it is overwhelming for our team to take care of the posture. CloudGuard's risk scoring helps us cut through incidents. This makes remediation faster and focused instead of wasting time checking every alert. We get to fix the issues that pose real business risks. Check Point CloudGuard CNAPP has positively impacted our organization at a significant level. We get greater visibility and control across all our cloud environments. Some biggest benefits we have seen are faster detection and remediation of misconfigurations, improved compliance posture, reduced risk exposure, operational efficiency, and cost savings. Overall, it has made our cloud environment more secure, compliant, and easier to manage while freeing up our teams to focus on projects instead of chasing alerts.
Reviewer6233 - PeerSpot reviewer
Information Security Vulnerability Management Executive Advisor at a healthcare company with 10,001+ employees
Has become an indispensable tool in our cybersecurity arsenal
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even greater value. One key area for enhancement is the searching capabilities within its vulnerabilities module. By incorporating the ability to create Boolean searches, users would gain the ability to apply more complex filters and customize their search criteria. This would greatly enhance the precision and efficiency with which security teams can identify and prioritize vulnerabilities. Having such tailored search capabilities would save time and resources by narrowing down vast lists of vulnerabilities to those that meet specific parameters relevant to our unique risk environment. Additionally, integrating more robust reporting and visualization tools would be advantageous. Enhanced dashboards that offer customizable visual representations of risk configurations and threat landscapes would facilitate better communication with stakeholders, making it easier to explain vulnerabilities and the rationale behind certain security measures. This would also aid in demonstrating the improvements and value derived from existing security investments to leadership and non-technical team members.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"Its dashboards are brilliant. It provides in-depth insights."
"We were able to realize its benefits within 24 to 48 hours."
"TotalCloud offers a comprehensive suite of features, including EDR, XDR, and TrueRisk, providing a centralized platform for managing vulnerabilities and security risks."
"If someone were to ask me to review Qualys TotalCloud, I would summarize it as an end-to-end solution for cloud security with visibility and governance-grade controls without needing to manage multiple disconnected tools."
"I would definitely recommend it because it is easy to handle any cloud resources."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"Cloud security posture management is the feature we've been using the longest."
"The solution learns day by day, learning from behavior, attacks, management, detections, capturing packets, and performing real-time analysis while generating knowledge from a variety of sources for an excellent analysis, which allows us to move faster and have more efficient responses to incidents."
"Checkpoint posture management gives you visibility across your entire cloud infrastructure, so it helps you with management, maintenance, and compliance. With visibility across all these cloud platforms, you can protect against compromised credentials or identity theft."
"It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment."
"It presents great visibility of the traffic flow of our cloud, providing information on what data and users are circulating and in the event of a threat, it immediately identifies them by providing detailed and granular information from our entire environment."
"The CDR helps detect anomalous behavior and respond to threats before they become an issue."
"We know the vulnerability in advance, so we can take some action for that vulnerability."
"The feature that I find most valuable is the blocking feature."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"With Zafran Security, it integrates with your security controls, allowing you to take that risk score and reduce it based on the controls in place or increase the risk based on different factors, such as if the issue is internet reachable or if there's an exploit in the wild."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We saw benefits from Zafran Security almost immediately after deploying it."
 

Cons

"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"The main area needing improvement is integration. Although the team is strengthening TotalCloud, integration can be enhanced with SIEM, SOAR, ITSM, and other sources."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"It is already perfect, but they can bring some newer dashboards and customization options for the dashboard. It would be great to be able to include on-prem assets on the dashboard."
"The cost of Qualys TotalCloud is high and could be more competitive."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"Currently, I would like this solution extended to cellular devices or tablets."
"I would like to see Test B functions at the application access level."
"We have concerns regarding the pricing and would appreciate seeing some improvements."
"For businesses with varied IT ecosystems, increasing the integration capabilities with additional third-party products and services would increase flexibility and user-friendliness."
"You do need to pay extra in order to get better support."
"I don't have any notes for improvements."
"Check Point tools need to improve the latency in the portal since they take a long time to load."
"Streamlining the user interface would greatly improve the user experience."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
 

Pricing and Cost Advice

"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
"In the beginning, the price of Dome9 was cheap, whereas now it is not."
"Everything in this field is very expensive."
"CloudGuard is fairly priced."
"Its price is very fair."
"We have the enterprise-level license and we renew it annually because it is worth the cost."
"The license for CloudGuard Posture Management is about $80 a year, and it's based on your cloud footprint, not the number of users. So you could have a million users, and it doesn't matter."
"The license fee is high."
Information not available
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
904,680 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
16%
Financial Services Firm
13%
Outsourcing Company
8%
Comms Service Provider
7%
Construction Company
11%
Financial Services Firm
10%
Outsourcing Company
9%
Manufacturing Company
8%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
7%
Outsourcing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise5
Large Enterprise29
By reviewers
Company SizeCount
Small Business59
Midsize Enterprise13
Large Enterprise57
By reviewers
Company SizeCount
Midsize Enterprise2
Large Enterprise5
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for CloudGuard Workload Protection?
My experience with pricing, setup cost, and licensing has been reasonable for the value it delivers. The initial setu...
What needs improvement with CloudGuard for Cloud Intelligence?
One area that Check Point CloudGuard CNAPP could use improvement is the navigation when switching between modules. A ...
What is your primary use case for CloudGuard for Cloud Intelligence?
My main use case for Check Point CloudGuard CNAPP is strengthening cloud security posture, monitoring configurations,...
What is your experience regarding pricing and costs for Zafran Security?
Since we stood Zafran Security up in our private cloud, we handle the maintenance on our side. As we opted not to use...
What needs improvement with Zafran Security?
In terms of areas for improvement, Zafran Security is doing a really great job as a new and emerging company. Oftenti...
What is your primary use case for Zafran Security?
My use cases for Zafran Security revolve around two primary areas. One is around vulnerability management and priorit...
 

Also Known As

Qualys TotalCloud with FlexScan
Check Point CloudGuard Posture Management, Dome9, Check Point CloudGuard Workload Protection, Check Point CloudGuard Intelligence
No data available
 

Overview

 

Sample Customers

Information Not Available
Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners
Information Not Available
Find out what your peers are saying about Check Point CloudGuard CNAPP vs. Zafran Security and other solutions. Updated: June 2026.
904,680 professionals have used our research since 2012.