Try our new research platform with insights from 80,000+ expert users

CrowdStrike Falcon Cloud Security vs Trivy comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
3rd
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
109
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
CrowdStrike Falcon Cloud Se...
Ranking in Container Security
6th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
29
Ranking in other categories
Application Security Tools (13th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), Cloud-Native Application Protection Platforms (CNAPP) (7th), Cloud Infrastructure Entitlement Management (CIEM) (2nd), Application Security Posture Management (ASPM) (5th)
Trivy
Ranking in Container Security
16th
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.0% compared to the previous year. The mindshare of CrowdStrike Falcon Cloud Security is 5.6%, up from 4.3% compared to the previous year. The mindshare of Trivy is 5.5%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Saif Ullah Khan - PeerSpot reviewer
Boosts security by automatically blocking applications or activities, but query responses have been slower recently
For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower. There are no bugs because they release updates continuously. We highly appreciate that, but during hunting or running a query on different logs, the time frame has increased in the past six months. It takes longer to give us the results. Another issue is the lack of proper documentation. During investigations, there is no proper documentation available. This is a problem because many people are saying there should be proper documentation explaining what CrowdStrike captures from the machine and the meaning of it.
Utsav Sharma - PeerSpot reviewer
Maintain operational efficiency by detecting misconfigurations and vulnerabilities
The vulnerability scanning feature is excellent as it supports various container capabilities like Docker and Sharma. It also offers repository scanning in the source code domain, allowing pre-push code scans. The misconfiguration detection works well for CloudFormation, Docker files, and Terraform. Its compliance support, like NIST, ensures that configurations align with standards. Trivy helps me significantly detect misconfigurations missed by the ops engineers or in Terraform by the naked eye. It ensures that my deployments are free of misconfigurations and vulnerabilities.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the easy-to-understand user interface, which allows even non-technical users to comprehend and resolve issues."
"Singularity Cloud Native Security provides us with a platform to scan instances when they are getting created, and the dashboard helps us to identify the critical issues."
"SentinelOne stands out with its responsiveness to feature requests for Singularity Cloud Security."
"The cloud misconfiguration feature and Offensive Security Engine, as well as their alerting process, are valuable."
"Cloud Native Security offers attack path analysis."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on."
"The user-friendly dashboard offers both convenience and security by providing quick access to solutions and keeping us informed of potential threats."
"The initial setup is easy ."
"CrowdStrike utilizes signatureless technology, eliminating the need for regular signature updates on endpoint systems."
"The threat intelligence is the most vital feature"
"The most valuable feature of Falcon Cloud Security is its comprehensive threat-hunting ability."
"Cloud security is one valuable feature. Spotlight is the other one. There is also vulnerability management and a couple of more features."
"The most valuable features of CrowdStrike Falcon Cloud Security are Cloud Security Posture Management and Cloud Workload Protection, offering more visibility and protection across our cloud environment."
"Technical support is helpful."
"Cloud security posture management (CSPM) is most valuable."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"I can see vulnerabilities in the images of any applications deployed in the Kubernetes environment or as container applications."
"It's customizable, allowing me to add any rules and format HTML templates as I wish."
"The most valuable feature of Trivy is its easy integration with the CI/CD pipeline."
"Trivy is particularly useful for checking if Docker images have critical vulnerabilities before they reach production."
"I appreciate Trivy for being open-source and not requiring any payment."
"It is open-source."
"Trivy is easy to integrate with CI/CD and can be installed on desktops to scan images."
 

Cons

"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"The cost has the potential for improvement."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."
"SentinelOne Singularity Cloud Security could be improved with easier integrations to the Singularity Data Lake, particularly for various vendors."
"They need more experienced support personnel."
"There is room for improvement in the current active licensing model for PingSafe."
"The only challenge lies in token verification."
"There were some integration issues with this product."
"Customers would benefit it CrowdStrike adopted some of SentinelOne's technologies."
"It would be more convenient if there was an easier way to install CrowdStrike, perhaps through better integration with Active Directory."
"The pricing is very high and should be improved."
"The threat intelligence and user behavioral analysis could be more comprehensive."
"I would not say the tool's integration capabilities were straightforward because the complexity depends on the volume of the data."
"Incorporating threat intelligence into the system would be a valuable addition."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"Trivy generates many false positives, flagging non-existent vulnerabilities. Improvements could include better contextual analysis or granular filtering."
"Trivy can improve by providing an output in PDF format. Additionally, it takes longer to scan container images built with many layers."
"The only problem is that Trivy does not support reporting features such as generating reports in CSV, which is useful for auditing and reporting."
"In our CI/CD pipelines, Trivy lacks built-in functionality for report analysis."
"A dynamic scanning capability during runtime would be a significant advantage."
"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools. That would be my suggestion."
"For malware detection, I need to use two tools: Trivy as my anomaly scanner and ClamAV. I am integrating these two tools into the CI pipeline. If both malware and anomaly detection could be managed by one tool, I would not need to depend on two tools."
 

Pricing and Cost Advice

"It was reasonable pricing for me."
"I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
"We found it to be fine for us. Its price was competitive. It was something we were happy with. We are not a Fortune 500 company, so I do not know how pricing scales at the top end, but for our cloud environment, it works very well."
"PingSafe is less expensive than other options."
"Its pricing was a little less than other providers."
"PingSafe is not very expensive compared to Prisma Cloud, but it's also not that cheap. However, because of its features, it makes sense to us as a company. It's fairly priced."
"PingSafe is fairly priced."
"PingSafe is priced reasonably for our workload."
"I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive."
"The pricing is reasonable, neither overly expensive nor excessively cheap, making it competitive compared to other market options."
"CrowdStrike Falcon is very expensive."
"CrowdStrike Falcon Cloud Security is very expensive for us. Last month, we had a big issue that took much time and money to resolve. It slowed down our business and required our management team to get involved. We had a problem similar to the "Blue Screen of Death" issue many US companies faced. This incident used up many of our IT resources in just a few months. That's why we're looking for a replacement tool now."
"The pricing is fair for what you get. I'd rate them a solid nine out of ten in terms of pricing."
"It's an expensive product"
"It's an expensive package but does what it says it will do."
"The price is not too high, it is okay."
Information not available
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Computer Software Company
15%
Financial Services Firm
15%
Manufacturing Company
8%
Insurance Company
5%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
The documentation could be better. Besides improving the documentation, obtaining a professional or partner specializ...
What do you like most about CrowdStrike Falcon Cloud Security?
It's easy to gather insights and conduct analysis about existing threats.
What is your experience regarding pricing and costs for CrowdStrike Falcon Cloud Security?
It's an expensive product. The solution costs around $60 for a single user on a yearly basis. I would rate the pricin...
What needs improvement with CrowdStrike Falcon Cloud Security?
I am not part of the current monitoring team, so I do not know how they feel about the tool. I am sharing information...
What needs improvement with Trivy?
One drawback I have observed with Trivy is the difficulty in building or integrating a UI, particularly for an operat...
What is your primary use case for Trivy?
The main use case for Trivy is to scan Docker images or packages for CVEs, specifically for vulnerabilities. I use th...
What advice do you have for others considering Trivy?
I rate Trivy an eight out of ten. This rating reflects its open-source nature, comprehensive scanning capabilities, a...
 

Also Known As

PingSafe
CrowdStrike Falcon ASPM
No data available
 

Overview

Find out what your peers are saying about CrowdStrike Falcon Cloud Security vs. Trivy and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.