No more typing reviews! Try our Samantha, our new voice AI agent.

Sweet Security vs Sysdig Secure comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
6th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (8th), SaaS Security Posture Management (SSPM) (1st)
Sweet Security
Ranking in Cloud Security Posture Management (CSPM)
19th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
14th
Average Rating
8.6
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
Vulnerability Management (31st), Cloud Workload Protection Platforms (CWPP) (15th), Identity Threat Detection and Response (ITDR) (9th), Cloud Detection and Response (CDR) (4th)
Sysdig Secure
Ranking in Cloud Security Posture Management (CSPM)
25th
Ranking in Cloud-Native Application Protection Platforms (CNAPP)
19th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Container Security (19th), Cloud Detection and Response (CDR) (9th), AI Observability (27th)
 

Mindshare comparison

As of June 2026, in the Cloud-Native Application Protection Platforms (CNAPP) category, the mindshare of Qualys TotalCloud is 2.0%, up from 1.4% compared to the previous year. The mindshare of Sweet Security is 1.5%, up from 0.4% compared to the previous year. The mindshare of Sysdig Secure is 3.2%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud-Native Application Protection Platforms (CNAPP) Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud2.0%
Sweet Security1.5%
Sysdig Secure3.2%
Other93.3%
Cloud-Native Application Protection Platforms (CNAPP)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
reviewer2805510 - PeerSpot reviewer
Partner Account Manager at a wholesaler/distributor with 51-200 employees
Runtime-first security has transformed real-time threat detection and reduced alert fatigue
Sweet Security can be improved in terms of product maturity and ecosystem. It has a smaller market presence, so we do not have as many large enterprise deployments. Sweet Security is less mature than competitors such as Wiz or Palo Alto Networks. Some competitors provide better integrations and workflow tooling. Additionally, as a new vendor, there is a new market perception and higher perceived risk, which relates to trust of the product. Some competitors are seen as safer and more established choices. Since Sweet Security operates in the production live environment, there have been a couple of problems reported where issues occurred in production environments. However, these have been resolved within about an hour or two. Having that risk is always going to be a negative. As a cloud-native platform solution, Sweet Security is really good overall. There are only a couple of areas for improvement, such as not being fully 100% production safe, and the reality that its competitors are global, well-known companies such as Palo Alto and Wiz.
MM
DevSecOps Engineer at a outsourcing company with 1,001-5,000 employees
Runtime threat detection has improved and security teams prioritize real Kubernetes risks
The best feature Sysdig Secure offers is threat detection. The threat detection feature on Sysdig Secure stands out compared to other solutions I have seen or used because Sysdig sees the actual behavior inside the container or kernel and correlates it with Kubernetes infrastructure, which makes detection both earlier and more precise in a cloud-native environment. Sysdig Secure has positively impacted our organization by improving visibility into our Kubernetes environment and focusing on real risk, which has reduced alert noise, improved threat detection at runtime, and made vulnerability management more efficient by prioritizing issues that actually affect running workloads.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"I appreciate Qualys TotalCloud's ability to onboard any type of device with ease, including containers."
"I would rate Qualys TotalCloud ten out of ten."
"I like the web API security and IoT scanning features the most. The user-friendly design of TotalCloud's interface enables customers to navigate it and use its full potential easily"
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"Qualys TotalCloud has significantly improved our organization by automating our reporting processes, reducing the time spent on report creation from two hours to less than fifteen to twenty minutes."
"For the time I have been using Sweet Security, I feel a bit more safe in the sense that there is something that continuously scans my infrastructure for issues."
"The value we see from having real-time visibility into our cloud environment is significant, as Sweet Security serves as our eyes and ears inside AWS, telling us what we are doing wrong so we can fix it."
"Before we had Sweet Security, upon any type of detection of activity, we needed to conduct lots of investigations in different platforms and logs until we could build the larger picture, but once we inserted Sweet Security, we are able to actually see each and every request being made from the application level towards the infrastructure, making it much easier and reducing the time for an analyst to understand what's really happening."
"The value of having real-time visibility in our cloud environment with Sweet Security changes everything because it differentiates between identifying and reacting to something that is not really a risk and something that is truly a risk that needs to be treated."
"Sweet Security represents the next generation of CNAPP that differentiates through a runtime-first approach and focuses on detecting and responding to real attacks in environments."
"We appreciate this feature, especially when combined with CD monitoring. The implementation of requested features has been remarkable, such as scanning for compliance in CRM processes for the US government. We heavily rely on this feature to assess compliance with federal requirements."
"The tool has the capability to conduct scans initially. It can perform scans on your virtual machines, physical machines, containers, and container images. A standout feature is its ability to scan offline container images stored in your container registry. Additionally, it can scan runtime images in your cluster or on your host machine. This allows for the detection of vulnerabilities in running containers, including loaded libraries. Notably, the tool can identify which library vulnerabilities are already present in your system. An added advantage is its capacity to take action beyond threat detection. It has the ability to block access and respond to encountered threats."
"The log monitor is the most valuable feature."
"I have not seen any stability issues so far."
"Sysdig Secure has positively impacted our organization by improving visibility into our Kubernetes environment and focusing on real risk, which has reduced alert noise, improved threat detection at runtime, and made vulnerability management more efficient by prioritizing issues that actually affect running workloads."
"In terms of measurable outcomes, I have seen a reduction in vulnerabilities, as Sysdig Secure can tell us how many vulnerabilities are present on a day-to-day report basis, which has improved our efficiency by more than 50% and helps us stay compliant with necessary regulations."
"I see Sysdig as the most comprehensive solution in comparison to its competitors."
"Sysdig Secure has many strong foundational features like compliance and benchmark, security, network access management, and vulnerability management."
 

Cons

"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"The price is very expensive, actually."
"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"We would like to see Windows-based sensors available in Qualys, as this would make the platform more versatile and support a broader range of environments."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"One area for improvement could be the alerts, as we have an issue with the alert time, the time it takes for the system to send the alert, but besides that, there is nothing special."
"Since Sweet Security operates in the production live environment, there have been a couple of problems reported where issues occurred in production environments."
"There was something a year ago that caused a production issue in my company, but they fixed it within an hour."
"One thing I think Sweet Security can definitely improve is that they have a lot of features, but the UI right now is not so well designed in my opinion."
"The option to run specific playbooks through Sweet Security platform would help us a lot, but these must be fully customizable."
"Sysdig Secure needs to scale more for complete cloud-native coverage."
"Sysdig's biggest weakness is dashboarding and reporting. You have access to the data and can get everything you need, but we need the ability to summarize the information quickly in a format that senior leaders can understand. We report to the executive level and global board. I need to roll all that in-depth information into a quick summary, and their maturity level isn't there. I'm seeing that on the future road map, but it isn't there now."
"Sysdig Secure works well for us, but there are a few areas for improvement, such as the alerting and notification system being more flexible for complex workflows, and some dashboard and reporting features could be more customizable to match specific team needs."
"The solution needs to improve overall from a CSPM standpoint since they can't compete with Wiz or Orca."
"There was a security concern related to a specific feature. While the feature itself was promising, it posed a challenge. The situation revolved around code scanning. If your source code is hosted within your own premises, say on Bitbucket, you naturally wouldn't want your code to be accessible to external parties beyond your company. Keeping your code base private is a standard practice. However, in the case of code scanning using Sysdig Secure, they copy your code to their SaaS platform. This posed an issue for us. When we inquired about this, their response acknowledged the concern. In an upcoming release, they plan to enable code scanning within your on-premises environment through the assistance of an agent. This change is already in progress. While this tool stands out compared to existing solutions in the market, it's important to note that there are still some limitations to consider. Another drawback we encountered relates to our expertise with Kubernetes. The tool can monitor Kubernetes audit logs, triggering alerts and notifications. However, it falls short in terms of taking direct action based on these alerts. There are different methods of event capture, including through system labels and system calls, as well as via Kubernetes audit events. Notably, at the system level, Sysdig Secure can both detect and respond to events, allowing actions like blocking and warning. This proactive approach is effective at the system call level. However, when it comes to monitoring Kubernetes audit events, Sysdig Secure can only notify without being able to execute any further actions. It can't block access or containers. The vendor likened their role to that of a monitoring camera, observing events and sending notifications without the capacity to intervene. This limitation applies to Kubernetes audit events. Given that everything operates within our system, there is a workaround available: configuring system-level policies to block containers as necessary."
"I give it an eight because of the bugs, specifically the fix version bug where sometimes there is no fix version shown, and I wish Sysdig Secure would create a customizable UI that orders features by importance to enhance user experience."
"They should make it specific with a couple of features only."
"Reporting can definitely be better. Live dashboards should be configurable for a longer period of time rather than 30 days. Being able to go back in time to compare six months ago to today would be valuable."
 

Pricing and Cost Advice

"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
Information not available
"The solution's pricing depends on the agents...In short, the price depends on the environment of its user."
"In comparison to other cloud solutions, it's reasonably priced. However, when compared to in-house built open-source projects, it might be considered somewhat costly. The cost depends on whether someone sees the support provided by Sysdig as an advantage or if it's deemed unnecessary. Personally, I find the support to be excellent and consider it a good value."
"Sysdig is competitive. The quality matches the pricing. Obviously, everyone wants things to be cheaper, but if you're realistic, you acknowledge that quality service comes with a price. Sysdig is the gold standard for Kubernetes, and I wouldn't choose anything else. We live in Kubernetes. Everything is containerized, so that means a lot to us, and we're willing to make an investment."
"It is quite costly compared to other tools."
"I am always going to say that it could be a little bit cheaper. I do feel that it is a little bit on the expensive side."
report
Use our free recommendation engine to learn which Cloud-Native Application Protection Platforms (CNAPP) solutions are best for your needs.
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
18%
Financial Services Firm
14%
Construction Company
7%
Comms Service Provider
7%
Wellness & Fitness Company
10%
Healthcare Company
9%
Financial Services Firm
8%
Manufacturing Company
7%
Financial Services Firm
17%
Computer Software Company
11%
Manufacturing Company
9%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise29
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise3
Large Enterprise3
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise2
Large Enterprise5
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Sweet Security?
My experience with pricing, setup cost, and licensing has been that Sweet Security's pricing is quite fair and cost-e...
What needs improvement with Sweet Security?
Sweet Security can be improved in terms of product maturity and ecosystem. It has a smaller market presence, so we do...
What is your primary use case for Sweet Security?
My main use case for Sweet Security as a distributor is to distribute to our partners within the UK channel, and they...
What needs improvement with Sysdig Secure?
Sysdig Secure works well for us, but there are a few areas for improvement, such as the alerting and notification sys...
What is your primary use case for Sysdig Secure?
Our primary use case for Sysdig Secure is runtime threat detection and vulnerability management.
What advice do you have for others considering Sysdig Secure?
My advice for others looking into using Sysdig Secure is to clearly define your primary use case before getting start...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
SAP Concur, Goldman Sachs, Worldpay, Experian, BigCommerce, Arkose Labs, Calendly, Noteable, Bloomreach. More here: https://sysdig.com/customers/
Find out what your peers are saying about Sweet Security vs. Sysdig Secure and other solutions. Updated: April 2026.
900,644 professionals have used our research since 2012.