Try our new research platform with insights from 80,000+ expert users

Morphisec vs Qualys CyberSecurity Asset Management (CSAM) comparison

Morphisec and Qualys are both solutions in the Vulnerability Management category. Morphisec is ranked #28 with an average rating of 9.0, while Qualys is ranked #14 with an average rating of 9.3. Additionally, 100% of Morphisec users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.
Morphisec
Read 21 Morphisec reviews
  • 232 Views
  • 125 Comparison Views
100% willing to recommend
Qualys CyberSecurity Asset ...
Read 12 Qualys CyberSecurity Asset Management (CSAM) reviews
  • 218 Views
  • 149 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Morphisec and Qualys CyberSecurity Asset Management compete in the cybersecurity domain, focusing on endpoint protection and asset management, respectively. Morphisec has the upper hand in immediate endpoint protection, while Qualys excels in asset management and vulnerability insights.

Features: Morphisec provides lightweight, signatureless endpoint protection with real-time attack prevention, integration with Microsoft Defender, and proactive threat neutralization. Qualys CSAM offers comprehensive asset inventory capabilities, advanced external attack surface management, dynamic tagging, and passive sensor monitoring.

Room for Improvement: Morphisec could enhance cloud deployment features, improve customer interaction with feature alerts, and strengthen reporting functionalities. Qualys CSAM could improve configuration flexibility, provide better scan frequency options, and reduce costs to improve accessibility for smaller businesses.

Ease of Deployment and Customer Service: Morphisec offers flexibility in public, private, and hybrid cloud environments with responsive support, though time zone differences may pose challenges. Qualys CSAM supports hybrid deployment models and has solid technical support, but users report occasional delays in response.

Pricing and ROI: Morphisec offers competitive pricing with various models, providing essential features without additional costs, ensuring a good return on investment. Qualys CSAM is considered expensive but recognized for its comprehensive features that justify the investment, though high costs may be a barrier for some organizations.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Morphisec vs. Qualys CyberSecurity Asset Management (CSAM) Report (Updated: October 2024).
Buyer's Guide
Morphisec vs. Qualys CyberSecurity Asset Management (CSAM)
October 2024
Download the complete report
Helped 815,209 peers since 2012
 

Categories and Ranking

Morphisec
Ranking in Vulnerability Management
28th
Average Rating
9.2
Number of Reviews
21
Ranking in other categories
Endpoint Protection Platform (EPP) (44th), Advanced Threat Protection (ATP) (24th), Endpoint Detection and Response (EDR) (33rd), Cloud Workload Protection Platforms (CWPP) (18th), Threat Deception Platforms (10th)
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
14th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
12
Ranking in other categories
Patch Management (9th), Cyber Asset Attack Surface Management (CAASM) (4th), Attack Surface Management (ASM) (5th), Software Supply Chain Security (7th)
 

Featured Reviews

Islam Shaikh - PeerSpot reviewer
Oct 19, 2022
Lightweight, detects everything quickly, and takes corrective action
We sometimes have to depend on the support team to know what action we should take. If the solution for an alert can be built into the report that we are getting, it will save time, and the interaction with support would be less. At times, corrective action is required, but at times, we don't need to take any action. It would be good if we get to know in the report that a particular infection doesn't require any action. It will save us time and effort. Other than that, nothing else is required. They have taken care of everything. We are getting alerts, and we can have multiple admins. We get a good model with this view.
Read full review
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
Improves visibility, reliability, and scalability
The external attack surface management identified unexpected assets, suggesting some exist outside our known inventory. While these may not be directly managed by us, the process has brought valuable awareness to the fact that our core servers are externally hosted, prompting a review of similar situations. An external attack surface management scan revealed several outsourced name services, along with one unexpected third-party-linked IP. It's unclear if this was due to past consulting work or a registration error, but since it wasn't relevant to our company, it was easily excluded from future scans. The benefits of Qualys CyberSecurity Asset Management are immediate. We already had the cloud agents installed. They were already on all the servers and workstations. Once we upgraded from the VMDR included GAV (Global AssetView) to CSAM, it was no time before I could see the end-of-life, end-of-service software, and hardware. In addition to vulnerabilities, CSAM provides a better view of other risk factors, but VMDR is very powerful. VMDR was already seeing our limitations in hardening our vulnerabilities. CSAM enhanced our view by adding more visibility and insight into what we have. TruRisk scoring goes beyond traditional vulnerability scoring like CVSS to prioritize both vulnerabilities and assets based on real-world exploitability and industry targeting. This provides a clearer picture of our actual risk by considering factors like published exploits and what attackers are currently focusing on, allowing us to quickly identify critical issues and avoid wasting time on vulnerabilities with a high theoretical risk but low real-world threat. Qualys Cloud Agents can now be configured as passive sensors to discover all devices on our network in real-time, eliminating the requirement for separate virtual or physical passive sensor appliances. These cloud agent sensors monitor network broadcasts instead of egress traffic, and they can even designate a secondary sensor to take over if the primary becomes unavailable, ensuring continuous asset discovery and populating our CSAM platform with managed and unmanaged devices.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The simplicity of the solution, how easy it is to deploy and how small it is when deployed as an agent on a device, is probably the biggest aspect, given what it can do."
"The biggest feature is that it hides everything from your operating system that's running in-memory from anything to try to run against it. That's the most unique thing that's on the market. There's nothing else out there that's quite like that. That's a big selling point and why we went with it. It does exactly what the design does. If you can't find it, you can't execute against it."
"Morphisec has enabled us to become a lot less paranoid when it comes to staff clicking on things or accessing things that they shouldn't that could infect the whole system. Our original ransomware attack that happened came from someone's Google drive and then just filtered on through that. It has put our minds at ease a lot more in running it. It's also another layer of security that has been proven to be effective for us."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Since using Morphisec we have seen a downturn in attacks because Morphisec protects us versus Defenders and whatnot that are signature-based. I know we have not had any issues with ransomware or other zero-day attacks that we've seen with machines that, all of a sudden, have become before we instituted the product. Now the machine had to be re-imaged and there was a loss of data because something was on the machine. You couldn't really determine what was on the machine because nothing was picking it up. The products we were using weren't picking it up."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
More Morphisec pros
"My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software."
"Qualys CyberSecurity Asset Management offers comprehensive features to cover our entire attack surface."
"With Qualys CSAM, we can see which assets have critical application vulnerabilities. This feature helps us prioritize and address these vulnerabilities more efficiently."
"Qualys CyberSecurity Asset Management offers valuable features such as continuous vendor support, rapid response times, dedicated vendor partnerships, and advanced technical capabilities for risk identification."
"Qualys CSAM is valuable for providing end-of-life and end-of-sale information. It gives me visibility into the number of products or hardware items that are end-of-life."
"The most valuable feature is the real-time visibility Qualys CyberSecurity Asset Management provides into all assets across our development and operational environments."
"Tags are very useful for us since we can tag virus applications in infrastructure types such as databases, operating systems, or web platforms."
"Our favorite features are the tagging and the ability to quickly find assets in the portal."
More Qualys CyberSecurity Asset Management (CSAM) pros
 

Cons

"We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release."
"The dashboard is the area that requires the most improvement. We have about, I would say 5,500 computers currently, and searching through all of those takes some time to filter. So as soon as you apply the filter, it takes a few seconds. It crunches, it thinks, and then it brings up the clients that match."
"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"It might be a bit much to ask, but we are now beginning to use Morphisec Scout, which provides vulnerability information. At this time, it's recognizing vulnerabilities and reporting them to us, but it's not necessarily resolving them. There's still a separate manual process to resolve those vulnerabilities, primarily through upgrades. We have to do that outside of Morphisec. If Morphisec could somehow have that capability built into it, that would be very effective."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
More Morphisec cons
"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."
"One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team."
"Further research and development are needed to enhance integration with other cloud agents and products, particularly improving communication with external products and vendors."
"In our reporting, we faced a challenge syncing with cloud devices."
"All required features are available in Qualys CSAM. However, it would be helpful if Qualys CSAM started incorporating AI models. An inclusion of threat details for AI and LLM-related risks would be beneficial."
"The only minor issue is occasionally being redirected to multiple teams, causing slight delays."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."
"Qualys CSAM is not super responsive, and there can be delays sometimes, especially with the network passive sensor. You might see duplicate objects which eventually disappear but it takes time. If that can be done faster, it will be great."
More Qualys CyberSecurity Asset Management (CSAM) cons
 

Pricing and Cost Advice

"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"The pricing is definitely fair for what it does."
More Morphisec pricing and cost advice
"Qualys offers excellent value for money."
"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
"The cost for Qualys CyberSecurity Asset Management is high."
"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."
"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."
"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
815,209 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
12%
Computer Software Company
11%
Outsourcing Company
9%
Computer Software Company
23%
Financial Services Firm
10%
Government
10%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Morphisec Unified Threat Prevention Platform?
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will de...
See all answers
What is your experience regarding pricing and costs for Morphisec Unified Threat Prevention Platform?
Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competit...
See all answers
What needs improvement with Morphisec Unified Threat Prevention Platform?
We have discovered some bugs in the new releases that they've had to fix, so I would like to see more testing and QA on their side before they release.
See all answers
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management (CSAM)?
It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price. In my opinion, Qualys is one of the best solutions available in the m...
See all answers
What needs improvement with Qualys CyberSecurity Asset Management (CSAM)?
In Qualys CSAM, there is a module called EASM. One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete...
See all answers
What is your primary use case for Qualys CyberSecurity Asset Management (CSAM)?
I am working as a senior security analyst. I provide enterprise vulnerability management solutions. CyberSecurity Asset Management helps us categorize all the assets and products. We can see the cu...
See all answers
 

Comparisons

CrowdStrike Falcon vs Morphisec Logo
CrowdStrike Falcon vs Morphisec
Compared 39% of the time
Code42 Incydr vs Morphisec Logo
Code42 Incydr vs Morphisec
Compared 15% of the time
SentinelOne Singularity Complete vs Morphisec Logo
SentinelOne Singularity Complete vs Morphisec
Compared 13% of the time
Cortex XDR by Palo Alto Networks vs Morphisec Logo
Cortex XDR by Palo Alto Networks vs Morphisec
Compared 7% of the time
More Morphisec Competitors
Armis vs Qualys CyberSecurity Asset Management (CSAM) Logo
Armis vs Qualys CyberSecurity Asset Management (CSAM)
Compared 26% of the time
Amazon Inspector vs Qualys CyberSecurity Asset Management (CSAM) Logo
Amazon Inspector vs Qualys CyberSecurity Asset Management (CSAM)
Compared 20% of the time
Microsoft Defender External Attack Surface Management vs Qualys CyberSecurity Asset Management (CSAM) Logo
Microsoft Defender External Attack Surface Management vs Qualys CyberSecurity Asset Management (CSAM)
Compared 19% of the time
Tanium vs Qualys CyberSecurity Asset Management (CSAM) Logo
Tanium vs Qualys CyberSecurity Asset Management (CSAM)
Compared 10% of the time
Axonius vs Qualys CyberSecurity Asset Management (CSAM) Logo
Axonius vs Qualys CyberSecurity Asset Management (CSAM)
Compared 8% of the time
More Qualys CyberSecurity Asset Management (CSAM) Competitors
 

Product Reports

Buyer's Guide
Morphisec
October 2024
Morphisec reportDownload Morphisec product report
Buyer's Guide
Qualys CyberSecurity Asset Management (CSAM)
October 2024
Qualys CyberSecurity Asset Management (CSAM) reportDownload Qualys CyberSecurity Asset Management (CSAM) product report
 

Also Known As

Morphisec, Morphisec Moving Target Defense
No data available
 

Learn More

Morphisec
Qualys
 

Overview

Morphisec's cybersecurity platform is centered around its Moving Target Defense technology. This innovative approach is designed to prevent attacks by making the system environment dynamically unpredictable to attackers, thereby neutralizing zero-day threats, evasive malware, and in-memory exploits without requiring prior knowledge of attack patterns. Unlike traditional security systems that rely on detection and response strategies, Morphisec operates on the principle of attack prevention, reducing the system's attack surface and minimizing security operation efforts.

Morphisec provides cybersecurity defense solutions that protect against advanced threats through proactive and predictive security measures. Key features include Moving Target Defense, which Constantly changes system memory and application structures, making them hard to target. Also, Morphisec enables threat-hunting and visibility by providing detailed forensic data on blocked attacks, enabling advanced threat-hunting capabilities.

    Morphisec’s key capabilities include:

    • Anti-ransomware: Advanced ransomware protection leveraging dedicated AMTD mechanisms for safeguarding against ransomware attacks, from early attack stages to the impact/encryption phase.
    • Credential theft protection: Advanced credential theft protection leveraging AMTD for safeguarding against Infostealer/credential stealing attacks
    • Enhanced cyber-resilience: Implementing AMTD to efficiently mitigate the costs associated with recovery from advanced, previously unknown evasive threats, thereby bolstering overall cyber defense strategy.
    • Prevention-first security: Prevents threats without prior knowledge: signatures, behavioral patterns, or indicators of attacks (IoAs).
    • Operational efficiency: Providing simple installation with negligible performance impact and no additional staffing requirements. 
    • Lower IT and security costs: Significantly reducing security analyst alert triage time and costs due to early prevention, exact threat classification and prioritization of high-risk alerts.
    • Risk-based vulnerability prioritization for exposure management: Empowering organizations with continuous business context and risk-driven remediation recommendations, enabling effective prioritization of patching processes and reduced exposure with patchless protection, powered by AMTD.  
    • Flexible deployment: Offering a SaaS-based, multi-tenant and API-driven platform. 
    • Incident Response Services: The Morphisec Incident Response Team works collaboratively with client organizations to triage critical security incidents and conduct forensic analysis to solve immediate cyberattacks as well as provide recommendations for reducing the organization's risk exposure. Morphisec's team helps to identify and resolve unknown threats to get organizations' networks restored quickly.

    Morphisec is particularly effective in industries such as finance, healthcare, and government, where highly sensitive data is often targeted. Its ability to provide robust protection without the need for extensive updates makes it suitable for environments where system stability and uptime are critical.

    In summary, Morphisec offers a proactive cybersecurity solution designed to outsmart modern cyber threats through a strategic, preventative approach, making it an excellent choice for organizations aiming to bolster their defenses against sophisticated attacks.

    Qualys CyberSecurity Asset Management (CSAM) provides industry-leading coverage of the internal and external attack surface (EASM), along with comprehensive cyber risk assessment, natively-integrated with Qualys Vulnerability Management, Detection, and Response (VMDR). 

    CSAM solidifies attack surface coverage and turbocharges vulnerability management with:  

    • Comprehensive discovery of IT, IoT/OT, and rogue assets, internet-facing assets from mergers and subsidiaries, and business context from third-party connectors 
    • Risk factors such as EoL/EoS software, missing security controls, unsanctioned ports, and expired SSL certs to show the TruRisk of every asset 
    • Bi-directional CMDB sync to push cyber risk context to IT’s source of truth and pull business context into your security program 
     

    Sample Customers

    Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
    Information Not Available
    Buyer's Guide
    Morphisec vs. Qualys CyberSecurity Asset Management (CSAM)
    October 2024
    Free Report: Morphisec vs. Qualys CyberSecurity Asset Management (CSAM)
    Find out what your peers are saying about Morphisec vs. Qualys CyberSecurity Asset Management (CSAM) and other solutions. Updated: October 2024.
    DOWNLOAD NOW
    815,209 professionals have used our research since 2012.
    See our Morphisec vs. Qualys CyberSecurity Asset Management (CSAM) report.
    See our list of best Vulnerability Management vendors.

    We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.