Try our new research platform with insights from 80,000+ expert users

Qualys CyberSecurity Asset Management vs SentinelOne Singularity Cloud Security comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
27th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (6th)
Qualys CyberSecurity Asset ...
Ranking in Vulnerability Management
10th
Average Rating
9.2
Reviews Sentiment
7.6
Number of Reviews
21
Ranking in other categories
Patch Management (7th), Cyber Asset Attack Surface Management (CAASM) (2nd), Attack Surface Management (ASM) (4th), Software Supply Chain Security (5th)
SentinelOne Singularity Clo...
Ranking in Vulnerability Management
6th
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
112
Ranking in other categories
Cloud and Data Center Security (5th), Container Security (3rd), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (2nd)
 

Mindshare comparison

As of April 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.4%. The mindshare of Qualys CyberSecurity Asset Management is 0.7%, up from 0.1% compared to the previous year. The mindshare of SentinelOne Singularity Cloud Security is 1.7%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Revathi VeeraRaghavan - PeerSpot reviewer
Provides comprehensive visibility and covers the complete attack surface
For some of the software, there was no life cycle or general information. We wanted them to give details in the database as and when the software comes. I raised a ticket for that, and after that, they updated the details for more than one million software. They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that. When we click on the web application, it only shows potential web assets. The application details are not there. Overall, CSAM has matured a lot. These are the few enhancements that need to be done.
Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"I appreciate the feature that simplifies cloud security posture, offering insights into vulnerabilities, and reducing the complexity of managing the security program."
"Qualys CyberSecurity Asset Management offers comprehensive features to cover our entire attack surface."
"When you implement a dynamic tag using a query, you do not need to manually tag all the servers. It categorizes all the servers that come under that query. The tagging part is automatically done within a few minutes. It reduces the effort."
"I recommend Qualys CyberSecurity Asset Management due to its superior asset information collection capabilities, including comprehensive hardware and software inventorying."
"The best feature is asset discovery through their cloud agent or IP-based scanning."
"We have had zero attacks since we enabled all the features in Qualys CSAM."
"The scanning results are pretty good, and some insights are quite valuable."
"I like the EASM part because it provides visibility into unmanaged assets that are public-facing."
"The user-friendliness is the most valuable feature."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"It is pretty easy to integrate with this platform. When properly integrated, it monitors end-to-end."
"SentinelOne Singularity Cloud Security offers comprehensive security posture management."
"The tool identifies issues quickly."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"I would rate SentinelOne Singularity Cloud Security a nine out of ten."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"One improvement that they can make in the EASM module is the scan frequency. After EASM is configured the first time, it allows you to do the complete configuration, but if you want to reconfigure it, it will not ask or provide any option for scan frequency. For that, you need to raise a case with Qualys and talk to the Qualys team."
"We have had challenges modifying the agent configuration. Particularly, when we want to change the tenant that the agent is pointing to, we have had difficulties making that reliable and working properly."
"Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules."
"Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules."
"They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that."
"Further research and development are needed to enhance integration with other cloud agents and products, particularly improving communication with external products and vendors."
"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."
"Based on the company's budget, Qualys offers limited features, which can also be utilized in other environments."
"They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding."
"For SentinelOne, improvements could be made in managing Internet dependency as cloud-based operations can pose challenges in environments with limited connectivity."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"The price is on the higher side. The dashboard can be more detailed."
"They need more experienced support personnel."
"I would prefer to see SentinelOne Singularity Cloud Security develop into a single pane of glass for ASPM and CSPM."
"While the future roadmap presented by SentinelOne appears promising, I hope the envisioned advancements are realistically achievable and that the gap between current offerings and long-term goals is not too significant."
 

Pricing and Cost Advice

Information not available
"The pricing is market-competitive."
"The Qualys Cybersecurity Asset Management pricing is well-aligned with our usage."
"Qualys offers excellent value for money."
"The cost for Qualys CyberSecurity Asset Management is high."
"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
"The pricing for Qualys CSAM is nominal."
"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."
"Qualys is competitively priced for its features. Its pricing is suitable for large organizations with more than 4,000 assets, but for smaller organizations with few assets, such as banks, the costs might be high. They should come up with packages that are suitable for small organizations."
"It was reasonable pricing for me."
"While SentinelOne Singularity Cloud Security offers robust protection, its high cost may be prohibitive for small and medium-sized businesses."
"SentinelOne provided competitive pricing compared to other vendors, and we are satisfied with the deal."
"PingSafe's pricing is good because it provides us with a solution."
"We have an enterprise license. It is affordable. I'm not sure, but I think we pay 150,000 rupees per month."
"SentinelOne Singularity Cloud Security is on the costlier side."
"PingSafe is cost-effective for the amount of infrastructure we have. It's reasonable for what they offer compared to our previous solution. It's at least 25 percent to 30 percent less."
"The tool is cost-effective."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
849,600 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
7%
Retailer
6%
Computer Software Company
21%
Financial Services Firm
13%
Government
10%
Retailer
6%
Computer Software Company
17%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
I find that the pricing for Zafran aligns well with the comprehensive features it offers. The asset and user-based li...
What needs improvement with Zafran Security?
Zafran is a new startup. Features are continuously being added or improved. 1) Continued integrations with existing (...
What is your primary use case for Zafran Security?
We connect this to our vulnerability scanner as input, our security tools to better determine risk, and our change ma...
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?
The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, c...
What needs improvement with Qualys CyberSecurity Asset Management?
The deployment is somewhat complicated and could be made more user-friendly for most users. It is currently not user-...
What is your primary use case for Qualys CyberSecurity Asset Management?
We use it to identify all our assets, including those on our premises, cloud, and remote environments. It continuousl...
What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
SentinelOne Singularity Cloud Security is an excellent CSPM tool, but its CWPP features need improvement, and there i...
 

Also Known As

No data available
No data available
PingSafe
 

Overview

Find out what your peers are saying about Qualys CyberSecurity Asset Management vs. SentinelOne Singularity Cloud Security and other solutions. Updated: April 2025.
849,600 professionals have used our research since 2012.