Microsoft Configuration Manager vs Qualys CyberSecurity Asset Management (CSAM) comparison


Comparison Buyer's Guide

Executive Summary

Categories and Ranking

Microsoft Configuration Man...
Ranking in Patch Management
Average Rating
Number of Reviews
Ranking in other categories
Server Monitoring (2nd), Configuration Management (2nd)
Qualys CyberSecurity Asset ...
Ranking in Patch Management
Average Rating
Number of Reviews
Ranking in other categories
Vulnerability Management (21st), Cyber Asset Attack Surface Management (CAASM) (4th), Attack Surface Management (ASM) (15th), Software Supply Chain Security (11th)

Featured Reviews

HuaLiu - PeerSpot reviewer
Feb 6, 2023
Automatically apply patches, is stable, and scalable
The primary use case of the solution is to deploy patches, and applications, and upgrade our client operating systems Without the solution, we would have to manually install all patches and software and upgrade our operating system with the help of our support team, which would take a long time.…
Brad Mathis - PeerSpot reviewer
Jun 10, 2024
Improves visibility, reliability, and scalability
The external attack surface management identified unexpected assets, suggesting some exist outside our known inventory. While these may not be directly managed by us, the process has brought valuable awareness to the fact that our core servers are externally hosted, prompting a review of similar situations. An external attack surface management scan revealed several outsourced name services, along with one unexpected third-party-linked IP. It's unclear if this was due to past consulting work or a registration error, but since it wasn't relevant to our company, it was easily excluded from future scans. The benefits of Qualys CyberSecurity Asset Management are immediate. We already had the cloud agents installed. They were already on all the servers and workstations. Once we upgraded from the VMDR included GAV (Global AssetView) to CSAM, it was no time before I could see the end-of-life, end-of-service software, and hardware. In addition to vulnerabilities, CSAM provides a better view of other risk factors, but VMDR is very powerful. VMDR was already seeing our limitations in hardening our vulnerabilities. CSAM enhanced our view by adding more visibility and insight into what we have. TruRisk scoring goes beyond traditional vulnerability scoring like CVSS to prioritize both vulnerabilities and assets based on real-world exploitability and industry targeting. This provides a clearer picture of our actual risk by considering factors like published exploits and what attackers are currently focusing on, allowing us to quickly identify critical issues and avoid wasting time on vulnerabilities with a high theoretical risk but low real-world threat. Qualys Cloud Agents can now be configured as passive sensors to discover all devices on our network in real-time, eliminating the requirement for separate virtual or physical passive sensor appliances. These cloud agent sensors monitor network broadcasts instead of egress traffic, and they can even designate a secondary sensor to take over if the primary becomes unavailable, ensuring continuous asset discovery and populating our CSAM platform with managed and unmanaged devices.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"It's a stable product."
"The solution doesn't require any maintenance from our end because it is a cloud-based solution and Microsoft takes care of everything."
"With the right administrator, application deployment can do wonders."
"I manage software updates and operating systems for devices, and within seconds, we can remotely deploy a system for, say, 2,000 devices. Not only that, but we can also deploy scripts and create comprehensive compliance rules."
"Patching is the main feature because SCCM is made to control the entire environment without manually interpreting. So it is good to use for patching."
"Valuable features include configurations enforcement, compliance data gathering, and deployment of a standardized OS."
"SCCM is a stable solution."
"Offers good patching."
"The end-of-life and end-of-service software and hardware are some of my favorite features."


"It would be better if automation options were available. For example, in Nexthink or SysTrack, there is an analytical tool. Creating dashboards would be very easy if you implement the same thing in Microsoft. That report will be a daily cost to the customers and good revenue for our organization. The price also could be better. In the next release, we need to include some features like tables, dashboards, surveys, services, and metrics in the dashboard. Whatever we are implementing will be downloaded by a report. Apart from the report, we will telecast from the dashboard. It's very easy to compare, and it will be easy to telecast to the end-users."
"SCCM should strive to enhance the accuracy of its reporting functions in order to avoid any issues with incorrect or inaccurate data."
"The reports are too busy. They could be simpler. I'm a technician, so I don't care how pretty the reports look. They should be easy to read. I'm designing this for production folks. They need to read the reports quickly when they're patching in the middle of the night."
"The solution does not support remote devices so the CMG is still required."
"The cost of the product can be improved."
"Not everything is readily available, and there are a lot of commands that are only executable via PowerShell."
"The TSM component could be improved."
"In terms of scalability, I believe there's room for improvement. While SCCM is capable of handling our current needs effectively, scalability could be enhanced to accommodate future growth and larger deployments."
"Qualys CyberSecurity Asset Management could be more cost-effective by offering a lower price point or integrating with existing VMDR features."

Pricing and Cost Advice

"Along with buying a license for MECM, we also have to buy a service called CMG (Cloud Management Gateway) which is a virtual machine in the cloud with which you can link your MECM to the Azure tenant so as to manage teleworkers."
"For enterprises, there is an annual license required to use this solution. The price of the solution could be cheaper. However, this is mostly because of the exchange rate from the dollar to the Nigerian currency."
"Pricing is negotiable with Microsoft, depending upon which of their packages you choose."
"We use the tool's free license. It is expensive."
"The license price could be reduced for Microsoft Endpoint Configuration Manager They should make the price more affordable for smaller companies, most companies would be able to use the solution if it was priced better. There are more people on this cloud because you don't have to have either a server room or an on-premise server. You can have one IT person handle this without any local infrastructure."
"The solution operates on a licensing model that can be expensive."
"The price of Microsoft Endpoint Configuration Manager is expensive."
"The price is competitive and reasonable."
"Qualys CyberSecurity Asset Management can be expensive, especially if we already have VMDR."
Use our free recommendation engine to learn which Patch Management solutions are best for your needs.
792,031 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Computer Software Company
Financial Services Firm
Manufacturing Company
No data available

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available

Questions from the Community

How does Ansible compare to Microsoft Endpoint Configuration Manager (SCCM)?
Microsoft Endpoint Configuration Manager takes knowledge and research to properly configure. The length of time that the set up will take depends on the kind of technical architecture that your org...
How to choose between ManageEngine Desktop Central and Microsoft Endpoint Configuration Manager (formerly SCCM)?
ManageEngine Desktop Central is very easy to set up, is scalable, stable, and also has very good patch management. What I like most about ManageEngine is that I can log on to every PC very easily a...
What do you like most about SCCM?
One of the standout features of SCCM is its application management capabilities. It allows us to create packages efficiently and deploy them to specific groups within our network. This streamlined ...
What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management (CSAM)?
Qualys CyberSecurity Asset Management can be expensive since it is an add-on to VMDR. The cost seems to be a barrier to entry for some organizations, and a lower price point might lead to more auto...
What needs improvement with Qualys CyberSecurity Asset Management (CSAM)?
The CMDB Sync feature currently only works with ServiceNow, which is common in larger organizations. If the feature could integrate with other, more affordable CMDB options, like those used by smal...
What is your primary use case for Qualys CyberSecurity Asset Management (CSAM)?
Qualys Cybersecurity Asset Management helps us manage our technical debt by identifying end-of-life and end-of-service software and hardware within our IT infrastructure. Qualys CSAM is primarily a...

Also Known As

Microsoft Endpoint Configuration Manager, System Center Configuration Manager (SCCM )
No data available

Learn More




Sample Customers

Bank Alfalah Ltd., Wªrth Handelsges.m.b.H, Dimension Data, Japan Business Systems, St. Lucie County Public Schools, MISC Berhad
Find out what your peers are saying about Microsoft, HCLTech, NinjaOne and others in Patch Management. Updated: June 2024.
792,031 professionals have used our research since 2012.