Try our new research platform with insights from 80,000+ expert users

Cortex Xpanse vs Qualys CyberSecurity Asset Management comparison

Palo Alto Networks and Qualys are both solutions in the Attack Surface Management (ASM) category. Palo Alto Networks is ranked #6 with an average rating of 8.8, while Qualys is ranked #3 with an average rating of 9.2. Palo Alto Networks holds a 4.2% mindshare in ASM, compared to Qualys’s 3.7% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of Qualys users who would recommend it.
Cortex Xpanse
Read 5 Cortex Xpanse reviews
  • 1,152 Views
  • 1,129 Comparison Views
100% willing to recommend
Qualys CyberSecurity Asset ...
Read 22 Qualys CyberSecurity Asset Management reviews
  • 1,768 Views
  • 548 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jul 27, 2025

Cortex Xpanse and Qualys CyberSecurity Asset Management are competing in the cybersecurity asset management arena. While Cortex Xpanse is noted for its broad visibility and real-time data insights, Qualys CyberSecurity Asset Management takes the lead with its comprehensive asset discovery and vulnerability management capabilities.

Features: Cortex Xpanse provides automated asset discovery, continuous inventory updates, and focuses on external visibility. Qualys CyberSecurity Asset Management excels in detailed asset classification, robust integration with other security tools, and extensive vulnerability detection, focusing on comprehensive internal security features.

Room for Improvement: Cortex Xpanse could enhance its internal visibility and expand integration with existing security tools. It could also improve on managing vulnerabilities at a detailed level. Qualys CyberSecurity Asset Management could benefit from simplifying its user interface for a more straightforward user experience, enhance the speed of its initial deployment, and improve the cost-effectiveness of its subscription model.

Ease of Deployment and Customer Service: Cortex Xpanse is recognized for its straightforward deployment with minimal disruption and responsive customer service. Qualys, with its cloud-based deployment, integrates well into existing infrastructure but requires careful planning to leverage its deep integration capabilities effectively, supported by effective customer service.

Pricing and ROI: Cortex Xpanse may entail higher initial setup costs but offers significant ROI by reducing exposure to external threats. Qualys CyberSecurity Asset Management is valued for its long-term ROI achieved through comprehensive security improvements, potentially offering more cost competitiveness with a focus on operational security value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex Xpanse vs. Qualys CyberSecurity Asset Management Report (Updated: July 2025).
Buyer's Guide
Cortex Xpanse vs. Qualys CyberSecurity Asset Management
July 2025
Download the complete report
Helped 864,155 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Xpanse
Ranking in Attack Surface Management (ASM)
6th
Average Rating
8.8
Reviews Sentiment
7.6
Number of Reviews
5
Ranking in other categories
No ranking in other categories
Qualys CyberSecurity Asset ...
Ranking in Attack Surface Management (ASM)
3rd
Average Rating
9.2
Reviews Sentiment
7.7
Number of Reviews
22
Ranking in other categories
Vulnerability Management (8th), Patch Management (6th), Cyber Asset Attack Surface Management (CAASM) (3rd), Software Supply Chain Security (5th)
 

Mindshare comparison

As of August 2025, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 4.2%, up from 4.1% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 3.7%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM)
 

Featured Reviews

Ali Mohamed - PeerSpot reviewer
Proactively manages security and identifies vulnerabilities with good alerts
We use Cortex Xpanse as a security control for attack surface management in our organization When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action. It checks vulnerabilities periodically, ensuring they are addressed, which helps in…
Read full review
Scott Frederick - PeerSpot reviewer
Well-integrated with our vulnerability scanning utilities and efficient in asset tagging and identification
Our favorite features are the tagging and the ability to quickly find assets in the portal. Additionally, I do like the fact that Qualys CSAM is integrated with the rest of our vulnerability scanning utilities. We use the full suite from Qualys. The fact that it is integrated makes it very easy to understand. It shares tagging information with VMDR. That is very nice. Qualys CSAM has discovered assets not previously covered by our vulnerability management program. Primarily, if we have assets without vulnerabilities, they become less visible, but Qualys CSAM alerts us to them because they have IP addresses and are attached to our network. It could discover everything from printers to servers to endpoints. It could discover UPSs, network devices, and across all operating systems. It discovers our security badge readers and digital signage. We have to feed that the IP address ranges, but beyond that, it finds everything in our internal network. We were able to realize its benefits within the first quarter of installing it. We did have to take some time to learn it and understand how to operationally leverage what it was telling us, but it was very quick. In addition to vulnerabilities, Qualys CSAM helps identify other risk factors to a degree. For instance, we can see if servers or assets have incorrect naming standards. We have our network segmented into development model, test, and production, and we have server naming standards that identify which management they should be in. If a production server has the naming standard of a development model server, we can find that. That is one area we have used it for. We are not fully using TruRisk, but we are using the Qualys detection score that is central to our corporate risk prioritization approach. It has completely replaced our homegrown one.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."
"The most valuable features of the solution are its firewall and antivirus."
"The most valuable aspect is its ability to catch trojans and malware."
"The most valuable aspect is its ability to catch trojans and malware."
"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."
"Cortex Xpanse has an easy-to-use user interface."
"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."
"We have had zero attacks since we enabled all the features in Qualys CSAM."
"My favourite feature of Qualys CyberSecurity Asset Management is its ability to target missing software."
"Qualys CSAM is valuable for providing end-of-life and end-of-sale information. It gives me visibility into the number of products or hardware items that are end-of-life."
"The support is extremely helpful, deserving a 10 out of 10 rating."
"The scanning results are pretty good, and some of the insights are quite valuable."
"I would rate the Qualys CSAM a ten out of ten for its overall performance."
"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."
"The best feature is asset discovery through their cloud agent or IP-based scanning."
More Qualys CyberSecurity Asset Management pros
 

Cons

"Cortex Xpanse needs to add dark-web scanning."
"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."
"Some improvements are needed in the user interface."
"Some improvements are needed in the user interface. It may require more enhancements."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that."
"The Qualys CAPS service requires further exploration and improvement, particularly in its handling of protocols and reactivity with MAC and IP addresses for CAP agents."
"It is automatically exporting the vulnerabilities and the assets. However, it would be useful to have the ability to select or to filter which we would like to export."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."
"The UI needs improvement as it can become overwhelming after prolonged use."
"Currently, whenever the agent is running, it consumes over ten percent of my CPU, indicating that CPU consumption is another area Qualys needs to address."
"Further research and development are needed to enhance integration with other cloud agents and products, particularly improving communication with external products and vendors."
"The UI needs improvement as it can become overwhelming after prolonged use."
More Qualys CyberSecurity Asset Management cons
 

Pricing and Cost Advice

"Cortex Xpanse is cheaper than other solutions."
"The tool's cost is too high."
"The pricing is market-competitive."
"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."
"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."
"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."
"Qualys offers excellent value for money."
"The cost for Qualys CyberSecurity Asset Management is high."
"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."
"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."
More Qualys CyberSecurity Asset Management pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
See recommendations
864,155 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Manufacturing Company
12%
Financial Services Firm
11%
Government
10%
Computer Software Company
18%
Financial Services Firm
15%
Government
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex Xpanse?
Cortex Xpanse has an easy-to-use user interface.
See all answers
What is your experience regarding pricing and costs for Cortex Xpanse?
Cortex Xpanse is a bit expensive compared to other market solutions like FortyRicoh and RiskIQ, making it more suitable for enterprise companies.
See all answers
What needs improvement with Cortex Xpanse?
It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors...
See all answers
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?
The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution.
See all answers
What needs improvement with Qualys CyberSecurity Asset Management?
Qualys CyberSecurity Asset Management helps us prioritize assets according to operating system, kernel version, installed software, and current version information. The ASM assists with attack surf...
See all answers
What is your primary use case for Qualys CyberSecurity Asset Management?
We are using Qualys CyberSecurity Asset Management for daily activities such as identifying new assets through network scanning and agent-based scanning for newly provisioned assets. When any new a...
See all answers
 

Comparisons

Tenable Attack Surface Management vs Cortex Xpanse Logo
Tenable Attack Surface Management vs Cortex Xpanse
Compared 25% of the time
Bitsight vs Cortex Xpanse Logo
Bitsight vs Cortex Xpanse
Compared 18% of the time
CyCognito vs Cortex Xpanse Logo
CyCognito vs Cortex Xpanse
Compared 13% of the time
IBM Security Randori Recon vs Cortex Xpanse Logo
IBM Security Randori Recon vs Cortex Xpanse
Compared 11% of the time
CrowdStrike Falcon vs Cortex Xpanse Logo
CrowdStrike Falcon vs Cortex Xpanse
Compared 6% of the time
More Cortex Xpanse Competitors
Amazon Inspector vs Qualys CyberSecurity Asset Management Logo
Amazon Inspector vs Qualys CyberSecurity Asset Management
Compared 12% of the time
CrowdStrike Falcon vs Qualys CyberSecurity Asset Management Logo
CrowdStrike Falcon vs Qualys CyberSecurity Asset Management
Compared 10% of the time
Armis vs Qualys CyberSecurity Asset Management Logo
Armis vs Qualys CyberSecurity Asset Management
Compared 9% of the time
Axonius vs Qualys CyberSecurity Asset Management Logo
Axonius vs Qualys CyberSecurity Asset Management
Compared 9% of the time
runZero vs Qualys CyberSecurity Asset Management Logo
runZero vs Qualys CyberSecurity Asset Management
Compared 3% of the time
More Qualys CyberSecurity Asset Management Competitors
 

Product Reports

Buyer's Guide
Attack Surface Management (ASM)
July 2025
Cortex Xpanse reportDownload Cortex Xpanse product report
Buyer's Guide
Qualys CyberSecurity Asset Management
July 2025
Qualys CyberSecurity Asset Management reportDownload Qualys CyberSecurity Asset Management product report
 

Overview

Xpanse provides a complete, accurate and continuously updated inventory of all global internet-facing assets. This allows you to discover, evaluate, and mitigate cyber attack surface risks. You can also evaluate supplier risk and assess the security of acquired companies.
Manual asset inventory maintenance is slow and prone to error. An outside-in view of your attack surface catches assets and exposures you never knew existed to help with attack surface reduction.

Get ahead of your ransomware risk assessment by discovering and remediating RDP exposures, the leading attack vector in ransomware attacks. Find exposed assets before attackers do.

Integration with Cortex XSOAR, Prisma Cloud, and our broader portfolio allows our ASM findings to enhance security workflows, and secure unknown, unmanaged risks on your cloud attack surface.

Palo Alto Networks

Qualys CyberSecurity Asset Management provides advanced real-time asset visibility, dynamic tagging, and External Attack Surface Management. It streamlines asset discovery and management using cloud agents and IP-based scanning, enhancing risk management and software lifecycle tracking.

Qualys CyberSecurity Asset Management offers a comprehensive solution for managing asset inventories and tracking software lifecycle states. It facilitates network visibility and supports zero-day vulnerability solutions, enhancing security posture through efficient monitoring. Users benefit from its cloud-based interface, which provides in-depth asset configurations and insights. Key features include automated vulnerability scanning and unauthorized software management, reducing manual efforts. The platform also emphasizes the importance of timely remediation and ongoing risk mitigation across multiple environments. Despite its strengths, users note the need for enhanced integration with additional CMDBs beyond ServiceNow, as well as cost efficiency improvements. Requests also include better report customization, more scan control, and a simplified UI.

What are the key features of Qualys CyberSecurity Asset Management?
  • Real-time Visibility: Offers continuous insight into asset status and condition.
  • Dynamic Tagging: Allows for flexible organization and assessment of assets.
  • External Attack Surface Management: Identifies potential threats from external sources.
  • Automated Vulnerability Scanning: Reduces manual scanning efforts and identifies vulnerabilities instantly.
  • Unauthorized Software Management: Detects and manages software not approved for use.
  • Asset Purge Rule: Automates the removal of obsolete assets from the inventory.
What benefits should users look for in reviews?
  • Enhanced Security Posture: Gains stronger defense through effective asset monitoring.
  • Efficient Risk Management: Identifies threats quickly, enabling timely resolutions.
  • Improved Compliance: Assists in meeting industry standards and regulations.
  • Reduced Manual Effort: Automates repetitive tasks, saving time and resources.
  • Comprehensive Insight: Provides detailed data for informed decision making.

In industries like finance, healthcare, and manufacturing, Qualys CyberSecurity Asset Management enhances asset control by offering visibility into hardware and software configurations. It aids in maintaining security compliance and identifying unauthorized software, crucial for sectors with strict regulatory requirements.

Qualys
Buyer's Guide
Cortex Xpanse vs. Qualys CyberSecurity Asset Management
July 2025
Free Report: Cortex Xpanse vs. Qualys CyberSecurity Asset Management
Find out what your peers are saying about Cortex Xpanse vs. Qualys CyberSecurity Asset Management and other solutions. Updated: July 2025.
DOWNLOAD NOW
864,155 professionals have used our research since 2012.
See our Cortex Xpanse vs. Qualys CyberSecurity Asset Management report.
See our list of best Attack Surface Management (ASM) vendors.

We monitor all Attack Surface Management (ASM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.