Try our new research platform with insights from 80,000+ expert users

Cortex Xpanse vs CrowdStrike Falcon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Xpanse
Ranking in Attack Surface Management (ASM)
8th
Average Rating
8.8
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
No ranking in other categories
CrowdStrike Falcon
Ranking in Attack Surface Management (ASM)
1st
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
126
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st), Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

As of April 2025, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 4.3%, up from 4.2% compared to the previous year. The mindshare of CrowdStrike Falcon is 18.7%, down from 29.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM)
 

Featured Reviews

Ali Mohamed - PeerSpot reviewer
Proactively manages security and identifies vulnerabilities with good alerts
We use Cortex Xpanse as a security control for attack surface management in our organization When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action. It checks vulnerabilities periodically, ensuring they are addressed, which helps in…
Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex Xpanse has an easy-to-use user interface."
"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."
"The most valuable aspect is its ability to catch trojans and malware."
"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."
"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."
"The most valuable aspect is its ability to catch trojans and malware."
"The most valuable features of the solution are its firewall and antivirus."
"At this point what is most valuable is the interface, which is easy to navigate."
"CrowdStrike provides a lot of visibility in their tool."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"It's really good because it can detect anything."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"The solution offers great stability."
"The main feature we rely on is the product's intelligence. We appreciate the advice from the team during implementation. One of the main reasons we chose this product is its compatibility with Office 365."
 

Cons

"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"Cortex Xpanse needs to add dark-web scanning."
"Some improvements are needed in the user interface. It may require more enhancements."
"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."
"Some improvements are needed in the user interface."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"We'd like to see more integration capabilities."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"The new interface, the UI, seems a bit messy."
 

Pricing and Cost Advice

"The tool's cost is too high."
"Cortex Xpanse is cheaper than other solutions."
"We pay between $30-50 per user for a yearly license, which is more expensive than SentinelOne or Bitdefender. However, CrowdStrike gives better value for money."
"The price of CrowdStrike Falcon is reasonable."
"We bought a very small number of licenses, then ran it for a year. We bought a 100 licenses for a year, so we didn't actually do a proof of concept. We just bought them. Then, the next year, we bought 10,000 licenses."
"Our company pays approximately US$ 65,000 annually for 900 machines."
"We are on an annual subscription for the solution. There are not any additional costs."
"The solution's pricing is great for us."
"We pay 40,000 dirhams per 100 users."
"The licensing model is straightforward. We choose the features we want and we then can download the package we want."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
12%
Manufacturing Company
12%
Government
9%
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex Xpanse?
Cortex Xpanse has an easy-to-use user interface.
What is your experience regarding pricing and costs for Cortex Xpanse?
Cortex Xpanse is a bit expensive compared to other market solutions like FortyRicoh and RiskIQ, making it more suitable for enterprise companies.
What needs improvement with Cortex Xpanse?
It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
 

Overview

Find out what your peers are saying about Cortex Xpanse vs. CrowdStrike Falcon and other solutions. Updated: March 2025.
848,716 professionals have used our research since 2012.