Try our new research platform with insights from 80,000+ expert users

Cortex Xpanse vs CrowdStrike Falcon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Xpanse
Ranking in Attack Surface Management (ASM)
8th
Average Rating
8.8
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
No ranking in other categories
CrowdStrike Falcon
Ranking in Attack Surface Management (ASM)
1st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
126
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st), Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

As of April 2025, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 4.3%, up from 4.2% compared to the previous year. The mindshare of CrowdStrike Falcon is 18.7%, down from 29.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM)
 

Featured Reviews

Ali Mohamed - PeerSpot reviewer
Proactively manages security and identifies vulnerabilities with good alerts
We use Cortex Xpanse as a security control for attack surface management in our organization When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action. It checks vulnerabilities periodically, ensuring they are addressed, which helps in…
Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex Xpanse has an easy-to-use user interface."
"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."
"The most valuable aspect is its ability to catch trojans and malware."
"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."
"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."
"The most valuable features of the solution are its firewall and antivirus."
"The most valuable aspect is its ability to catch trojans and malware."
"It helps to prevent unauthorized access or identity theft from external sites. If your identity is stolen, you can ban it."
"The most valuable feature is its threat analysis."
"The detection is very effective."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"Scalability hasn't been an issue for us."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
 

Cons

"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"Some improvements are needed in the user interface. It may require more enhancements."
"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."
"Some improvements are needed in the user interface."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."
"Cortex Xpanse needs to add dark-web scanning."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"It does take more time to scan than other solutions."
"There are some areas where some customers would prefer a different service."
"I would like to see a more accurate integration and an option to check the local machine."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"The solution could improve the policies themselves."
 

Pricing and Cost Advice

"Cortex Xpanse is cheaper than other solutions."
"The tool's cost is too high."
"We bought a very small number of licenses, then ran it for a year. We bought a 100 licenses for a year, so we didn't actually do a proof of concept. We just bought them. Then, the next year, we bought 10,000 licenses."
"All I can say about the licensing cost is that it's negotiable."
"The pricing on CrowdStrike is per license. It was about $42 per seat yearly."
"The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality."
"The cost of CrowdStrike Falcon in Latin America seems high relative to the economic conditions in the region."
"When comparing to Microsoft, CrowdStrike Falcon is more expensive."
"CrowdStrike Falcon is more expensive than other EDR solutions with similar features."
"In my opinion, the pricing of CrowdStrike Falcon seems aggressive."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
12%
Government
9%
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex Xpanse?
Cortex Xpanse has an easy-to-use user interface.
What is your experience regarding pricing and costs for Cortex Xpanse?
Cortex Xpanse is a bit expensive compared to other market solutions like FortyRicoh and RiskIQ, making it more suitable for enterprise companies.
What needs improvement with Cortex Xpanse?
It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
 

Overview

Find out what your peers are saying about Cortex Xpanse vs. CrowdStrike Falcon and other solutions. Updated: March 2025.
849,190 professionals have used our research since 2012.