Morphisec vs Qualys CyberSecurity Asset Management comparison

Morphisec and Qualys are both solutions in the Vulnerability Management category. Morphisec is ranked #60, while Qualys is ranked #11 with an average rating of 9.2. Morphisec holds a 0.2% mindshare in VM, compared to Qualys’s 0.6% mindshare. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.

Morphisec

Read 21 Morphisec reviews

250 Views
143 Comparison Views

100% willing to recommend

Qualys CyberSecurity Asset ...

Read 19 Qualys CyberSecurity Asset Management reviews

429 Views
260 Comparison Views

100% willing to recommend

Morphisec

Qualys CyberSecurity Asset ...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 16, 2025

Morphisec and Qualys CyberSecurity Asset Management compete in the cybersecurity solutions category. Based on feature comparisons, Morphisec has the upper hand due to its real-time threat prevention and integration capabilities.

Features: Morphisec stands out for its unique in-memory attack prevention, seamless integration with Microsoft Defender, and zero-day threat protection, providing real-time visibility into security events without pre-existing signatures. Qualys CSAM excels in asset discovery and inventory management, offering extensive tagging and classification for enhanced visibility into risks associated with complex IT infrastructures.

Room for Improvement: Morphisec users desire more proactive communication about product updates and enhanced reporting and filtering options; improvements in integration with multifactor systems are also recommended. Qualys CSAM could benefit from better scan frequency control, a more intuitive user interface, and refinement in tagging, asset categorization, and integration capabilities, particularly for smaller enterprises.

Ease of Deployment and Customer Service: Morphisec offers flexibility across Public, Private, and Hybrid Cloud environments and is backed by responsive customer support, though some language barriers exist. Qualys CSAM supports diverse deployment environments and provides effective technical support during cloud transitions, despite some reports of longer resolution times.

Pricing and ROI: Morphisec is seen as competitively priced, delivering clear ROI through a reduction in cybersecurity incidents, even though it's pricier than traditional antivirus solutions. Qualys CSAM, while potentially costly for smaller organizations, delivers significant value through comprehensive asset management and integration, proving a worthwhile investment for large enterprises.

To learn more, read our detailed Morphisec vs. Qualys CyberSecurity Asset Management Report (Updated: January 2025).

Buyer's Guide

Morphisec vs. Qualys CyberSecurity Asset Management

January 2025

Download the complete report

Helped 841,004 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Morphisec

Ranking in Vulnerability Management

60th

Average Rating

9.2

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (57th), Advanced Threat Protection (ATP) (33rd), Endpoint Detection and Response (EDR) (59th), Cloud Workload Protection Platforms (CWPP) (36th), Threat Deception Platforms (13th)

Qualys CyberSecurity Asset ...

Ranking in Vulnerability Management

11th

Average Rating

9.2

Reviews Sentiment

7.6

Number of Reviews

Ranking in other categories

Patch Management (8th), Cyber Asset Attack Surface Management (CAASM) (2nd), Attack Surface Management (ASM) (4th), Software Supply Chain Security (7th)

Mindshare comparison

As of March 2025, in the Vulnerability Management category, the mindshare of Morphisec is 0.2%, up from 0.1% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 0.6%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management

Featured Reviews

Islam Shaikh

Senior Manager - IT at IndiGrid Limited

Lightweight, detects everything quickly, and takes corrective action

We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.

Read full review

Revathi VeeraRaghavan

Information Security - Manager at Infosys

Provides comprehensive visibility and covers the complete attack surface

For some of the software, there was no life cycle or general information. We wanted them to give details in the database as and when the software comes. I raised a ticket for that, and after that, they updated the details for more than one million software. They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that. When we click on the web application, it only shows potential web assets. The application details are not there. Overall, CSAM has matured a lot. These are the few enhancements that need to be done.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It provides full visibility into security events and from both solutions in one dashboard. I'm not a big security guy, if I have a threat that looks like there's a problem, I will ask Morphisec to dissect it for me, and tell me what might be happening. Because it tends to be all hash codes, so I can tell what's going on. They've been pretty good with that."

"It also provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. We've always had that capability with Morphisec. The more recent version appears to do that even a little bit more natively and it's given us visibility that we didn't have otherwise."

"The fact that Morphisec uses deterministic attack prevention that does not require human intervention has affected our security team's operations by making things much simpler. We don't have to really track down various alerts anymore, they've just stopped. At that point, we can go in and we can clean up whatever needs to be cleaned up. There are some things that Morphisec detects that we can't really remove, it's parts of Internet Explorer, but it's being blocked anyway. So we're happy with that."

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."

"We have seen it successfully block attacks that a traditional antivirus did not pick up."

"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."

"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."

"Morphisec provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. Defender and Morphisec are integrated. It's important because it lowers the total cost of maintenance on the engineer's time, more or less. So the administrative time is dramatically reduced in maintaining the product. This saves an engineer around four to five hours a week."

More Morphisec pros

"I would rate Qualys CyberSecurity Asset Management ten out of ten."

"Authorized and unauthorized software visibility is the best feature for me."

"Qualys CSAM is valuable for providing end-of-life and end-of-sale information. It gives me visibility into the number of products or hardware items that are end-of-life."

"The end-of-life and end-of-service software and hardware are some of my favorite features."

"The fact that it is integrated makes it very easy to understand."

"The most valuable aspect we receive from Qualys is the remediation."

"I like the EASM part because it provides visibility into unmanaged assets that are public-facing."

"My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software."

More Qualys CyberSecurity Asset Management pros

Cons

"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."

"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."

"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."

"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."

"Some of the filters for the console need improvement. There are alerts that show up and just being able to acknowledge that we've seen those and not turn them off, but dismiss them, would be a huge benefit."

"If anything, tech support might be their weakest link. The process of getting someone involved sometimes takes a little time. It seems to me that they should have all the data they need to let me know whether an alert is legitimate or not, but they tend to need a lot of information from me to get to the bottom of something. It usually takes a little longer than I would expect."

"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."

"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."

More Morphisec cons

"The scanning function could be improved."

"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."

"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."

"The UI needs improvement as it can become overwhelming after prolonged use."

"Qualys could improve by enhancing its dynamic tagging and role-based access control features, and by refining its user interface for a more intuitive and efficient user experience."

"In my opinion, the area that needs improvement is the role-based access control (RBAC). The access privilege management needs to be more robust and streamlined to enhance user access management."

"Qualys could improve by enhancing its dynamic tagging and role-based access control features, and by refining its user interface for a more intuitive and efficient user experience."

"The Qualys CAPS service requires further exploration and improvement, particularly in its handling of protocols and reactivity with MAC and IP addresses for CAP agents."

More Qualys CyberSecurity Asset Management cons

Pricing and Cost Advice

"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."

"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."

"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."

"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."

"The pricing is definitely fair for what it does."

"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."

"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."

"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."

More Morphisec pricing and cost advice

"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."

"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."

"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."

"Qualys offers excellent value for money."

"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."

"The pricing for Qualys CSAM is nominal."

"The cost for Qualys CyberSecurity Asset Management is high."

"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."

More Qualys CyberSecurity Asset Management pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

841,004 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

12%

Outsourcing Company

12%

Manufacturing Company

11%

Financial Services Firm

11%

Computer Software Company

23%

Financial Services Firm

12%

Government

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?

The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage.

See all answers

What needs improvement with Qualys CyberSecurity Asset Management?

There can be further simplification to reduce the overall noise and provide ESAM-related data. Some data modification might also be required, but that is not as critical as noise reduction.

See all answers

What is your primary use case for Qualys CyberSecurity Asset Management?

We use it to collect all software-related information, including external attack surface information. All of this information is validated here.

See all answers

Comparisons

CrowdStrike Falcon vs Morphisec

Compared 37% of the time

SentinelOne Singularity Complete vs Morphisec

Compared 11% of the time

Halcyon vs Morphisec

Compared 11% of the time

Cisco Secure Endpoint vs Morphisec

Compared 7% of the time

More Morphisec Competitors

Amazon Inspector vs Qualys CyberSecurity Asset Management

Compared 16% of the time

Armis vs Qualys CyberSecurity Asset Management

Compared 14% of the time

Microsoft Defender External Attack Surface Management vs Qualys CyberSecurity Asset Management

Compared 13% of the time

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Compared 8% of the time

Lacework FortiCNAPP vs Qualys CyberSecurity Asset Management

Compared 4% of the time

More Qualys CyberSecurity Asset Management Competitors

Product Reports

Buyer's Guide

Morphisec

February 2025

Download Morphisec product report

Buyer's Guide

Qualys CyberSecurity Asset Management

February 2025

Qualys CyberSecurity Asset Management report

Download Qualys CyberSecurity Asset Management product report

Also Known As

Morphisec, Morphisec Moving Target Defense

No data available

Overview

Morphisec integrates seamlessly with platforms like Microsoft Defender, offering signatureless protection against zero-day threats and ransomware. It enhances existing endpoint solutions with minimal maintenance through its set-and-forget deployment, providing heightened security and reduced false positives.

Morphisec strengthens defense strategies by merging memory morphing and signatureless protection to effectively block zero-day attacks and ransomware. It operates efficiently within existing infrastructure, reducing system impact and maintenance needs. Users find its full visibility dashboard invaluable. Despite its strengths, cloud deployment and reporting features can be improved. Stability, alerts, and integration with other systems pose challenges for users, impacting usability and support quality.

What are Morphisec's key features?

Seamless Integration: Works with Microsoft Defender for comprehensive dashboard visibility
Memory Morphing: Hides processes to reduce attack surfaces
Signatureless Protection: Prevents threats without impacting performance
Automatic Threat Blocking: Uses inbuilt intelligence to detect risks
Set-and-Forget Deployment: Simplifies management and reduces maintenance

What benefits should users consider in reviews?

Quick Deployment: Fast setup without disrupting operations
Enhanced Protection: Provides an additional defense layer against advanced threats
Cost-Effectiveness: Works with existing licenses, minimizing extra investments
Improved Compatibility: Integrates smoothly with current antivirus systems
Minimal System Impact: Operates efficiently without overloading resources

In security-focused industries, Morphisec is crucial for protecting workstations and servers against sophisticated attacks like ransomware. Its signatureless technology offers early threat detection, while compatibility with existing systems ensures seamless integration, providing advanced protection without additional licensing costs.

Morphisec

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?

Real-time Visibility: Offers continuous insight into asset status and condition.
Dynamic Tagging: Allows for flexible organization and assessment of assets.
External Attack Surface Management: Identifies potential threats from external sources.
Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
Unauthorized Software Management: Detects and manages software not approved for use.
Asset Purge Rule: Automates the removal of obsolete assets from the inventory.

What benefits should users look for in reviews?

Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
Improved Compliance: Assists in meeting industry standards and regulations.
Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Qualys

Sample Customers

Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center

Information Not Available

Buyer's Guide

Morphisec vs. Qualys CyberSecurity Asset Management

January 2025

Free Report: Morphisec vs. Qualys CyberSecurity Asset Management

Find out what your peers are saying about Morphisec vs. Qualys CyberSecurity Asset Management and other solutions. Updated: January 2025.

DOWNLOAD NOW

841,004 professionals have used our research since 2012.

See our Morphisec vs. Qualys CyberSecurity Asset Management report.

See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.