Try our new research platform with insights from 80,000+ expert users

Cortex Xpanse vs CrowdStrike Falcon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Xpanse
Ranking in Attack Surface Management (ASM)
8th
Average Rating
8.8
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
No ranking in other categories
CrowdStrike Falcon
Ranking in Attack Surface Management (ASM)
1st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
126
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Endpoint Protection Platform (EPP) (2nd), Identity Management (IM) (6th), Threat Intelligence Platforms (2nd), Endpoint Detection and Response (EDR) (1st), Active Directory Management (2nd), Extended Detection and Response (XDR) (1st), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st), Continuous Threat Exposure Management (CTEM) (1st)
 

Mindshare comparison

As of April 2025, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 4.3%, up from 4.2% compared to the previous year. The mindshare of CrowdStrike Falcon is 18.7%, down from 29.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM)
 

Featured Reviews

Ali Mohamed - PeerSpot reviewer
Proactively manages security and identifies vulnerabilities with good alerts
We use Cortex Xpanse as a security control for attack surface management in our organization When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action. It checks vulnerabilities periodically, ensuring they are addressed, which helps in…
Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."
"Cortex Xpanse has an easy-to-use user interface."
"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."
"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."
"The most valuable aspect is its ability to catch trojans and malware."
"The most valuable features of the solution are its firewall and antivirus."
"The most valuable aspect is its ability to catch trojans and malware."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"The detection is very effective."
"Scalability hasn't been an issue for us."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"The machine learning behavior for anomaly detection is a valuable feature. It helps identify any suspicious or unusual activities within the system."
"The EDR and XDR features have been most valuable."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
 

Cons

"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"Some improvements are needed in the user interface. It may require more enhancements."
"Some improvements are needed in the user interface."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."
"Cortex Xpanse needs to add dark-web scanning."
"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"The price is too high."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"The ability to receive text alerts natively in the console would be kind of cool."
"They respond quickly on the weekdays, but the weekend response times are slower."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
 

Pricing and Cost Advice

"The tool's cost is too high."
"Cortex Xpanse is cheaper than other solutions."
"Years ago, when we bought CrowdStrike, you got everything it had. I was a little concerned when they broke this out into a la carte modules where you can buy EDR, Spotlight, etc., picking and choosing off the menu. I was a little worried that the solution would get watered down. However, I realized in my previous organization when we had the full suite that there were a bunch of features in it that we didn't have time to operationalize. So, I warmed up to it. I get the whole, "Look, you can pick and choose. Okay, everybody buys a steak, but do you want mashed potatoes, or do you want lobster mac and cheese?" So, you can pick the sides that you want, so you can buy the solution that you want and operationalize versus paying a lot of money and getting a bunch of things, but not using 60 percent of the tools in the box."
"Crowdstrike Falcon is relatively cheap."
"We bought a very small number of licenses, then ran it for a year. We bought a 100 licenses for a year, so we didn't actually do a proof of concept. We just bought them. Then, the next year, we bought 10,000 licenses."
"CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team."
"It is expensive compared to SentinelOne, but as the market leader, it is worth it."
"The price of CrowdStrike Falcon could be better. It is very expensive, we pay approximately $900 per month for the licenses. There are not any additional fees."
"The pricing of CrowdStrike Falcon is competitive."
"The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end users PC and we can tell if it's something that we actually need or something that's malicious."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
13%
Manufacturing Company
11%
Government
9%
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex Xpanse?
Cortex Xpanse has an easy-to-use user interface.
What is your experience regarding pricing and costs for Cortex Xpanse?
Cortex Xpanse is a bit expensive compared to other market solutions like FortyRicoh and RiskIQ, making it more suitable for enterprise companies.
What needs improvement with Cortex Xpanse?
It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
 

Overview

Find out what your peers are saying about Cortex Xpanse vs. CrowdStrike Falcon and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.