Try our new research platform with insights from 80,000+ expert users

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management (CSAM) comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

CrowdStrike Falcon
Ranking in Attack Surface Management (ASM)
1st
Average Rating
8.6
Reviews Sentiment
8.3
Number of Reviews
122
Ranking in other categories
Endpoint Protection Platform (EPP) (3rd), Identity Management (IM) (5th), Threat Intelligence Platforms (2nd), Endpoint Detection and Response (EDR) (1st), Active Directory Management (3rd), Extended Detection and Response (XDR) (1st), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (2nd)
Qualys CyberSecurity Asset ...
Ranking in Attack Surface Management (ASM)
5th
Average Rating
9.2
Reviews Sentiment
6.8
Number of Reviews
6
Ranking in other categories
Vulnerability Management (14th), Patch Management (10th), Cyber Asset Attack Surface Management (CAASM) (4th), Software Supply Chain Security (7th)
 

Featured Reviews

Chintan-Vyas - PeerSpot reviewer
May 29, 2022
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
Improves visibility, reliability, and scalability
The external attack surface management identified unexpected assets, suggesting some exist outside our known inventory. While these may not be directly managed by us, the process has brought valuable awareness to the fact that our core servers are externally hosted, prompting a review of similar situations. An external attack surface management scan revealed several outsourced name services, along with one unexpected third-party-linked IP. It's unclear if this was due to past consulting work or a registration error, but since it wasn't relevant to our company, it was easily excluded from future scans. The benefits of Qualys CyberSecurity Asset Management are immediate. We already had the cloud agents installed. They were already on all the servers and workstations. Once we upgraded from the VMDR included GAV (Global AssetView) to CSAM, it was no time before I could see the end-of-life, end-of-service software, and hardware. In addition to vulnerabilities, CSAM provides a better view of other risk factors, but VMDR is very powerful. VMDR was already seeing our limitations in hardening our vulnerabilities. CSAM enhanced our view by adding more visibility and insight into what we have. TruRisk scoring goes beyond traditional vulnerability scoring like CVSS to prioritize both vulnerabilities and assets based on real-world exploitability and industry targeting. This provides a clearer picture of our actual risk by considering factors like published exploits and what attackers are currently focusing on, allowing us to quickly identify critical issues and avoid wasting time on vulnerabilities with a high theoretical risk but low real-world threat. Qualys Cloud Agents can now be configured as passive sensors to discover all devices on our network in real-time, eliminating the requirement for separate virtual or physical passive sensor appliances. These cloud agent sensors monitor network broadcasts instead of egress traffic, and they can even designate a secondary sensor to take over if the primary becomes unavailable, ensuring continuous asset discovery and populating our CSAM platform with managed and unmanaged devices.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The stability is good; we haven't experienced any glitches or bugs."
"The feature I like the most is the solution's detection."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"We have seen a reduction to the performance hit to our operating systems."
"There's almost no maintenance required. It's very low if there's any at all."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"When you implement a dynamic tag using a query, you do not need to manually tag all the servers. It categorizes all the servers that come under that query. The tagging part is automatically done within a few minutes. It reduces the effort."
"Tags are very useful for us since we can tag virus applications in infrastructure types such as databases, operating systems, or web platforms."
"The end-of-life and end-of-service software and hardware are some of my favorite features."
"The best feature is asset discovery through their cloud agent or IP-based scanning."
"The most valuable aspect we receive from Qualys is the remediation."
"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."
 

Cons

"The installation process for this software needs to be simplified."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"We sometimes get false positives."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"They should provide us with good visibility for everything."
"As the company has grown, the technical support has felt less personal."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."
"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."
"From the user experience perspective, we need a simpler interface and reduced complexity in certain features, particularly with the Qualys Query Language."
"It is automatically exporting the vulnerabilities and the assets. However, it would be useful to have the ability to select or to filter which we would like to export."
"In our reporting, we faced a challenge syncing with cloud devices."
"One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team."
 

Pricing and Cost Advice

"CrowdStrike Falcon is one of the more expensive endpoint solutions on the market."
"The pricing is not bad. It's on the higher end of the market, but you get what you pay for."
"It is an expensive product, but I think it is well worth the investment."
"Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace."
"The licensing model is straightforward. We choose the features we want and we then can download the package we want."
"The price of CrowdStrike Falcon is expensive and should be reduced."
"The pricing on CrowdStrike is per license. It was about $42 per seat yearly."
"In my opinion, the pricing of CrowdStrike Falcon seems aggressive."
"Qualys offers excellent value for money."
"The cost for Qualys CyberSecurity Asset Management is high."
"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."
"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
814,325 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
Computer Software Company
27%
Government
12%
Financial Services Firm
10%
Non Profit
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management (CSAM)?
It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price. In my opinion, Qualys is one of the best solutions available in the m...
What needs improvement with Qualys CyberSecurity Asset Management (CSAM)?
In Qualys CSAM, there is a module called EASM. One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete...
What is your primary use case for Qualys CyberSecurity Asset Management (CSAM)?
I am working as a senior security analyst. I provide enterprise vulnerability management solutions. CyberSecurity Asset Management helps us categorize all the assets and products. We can see the cu...
 

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
No data available
 

Overview

Find out what your peers are saying about CrowdStrike Falcon vs. Qualys CyberSecurity Asset Management (CSAM) and other solutions. Updated: October 2024.
814,325 professionals have used our research since 2012.