Try our new research platform with insights from 80,000+ expert users

Bitsight vs CrowdStrike Falcon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Bitsight
Ranking in Attack Surface Management (ASM)
5th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
9
Ranking in other categories
IT Vendor Risk Management (2nd)
CrowdStrike Falcon
Ranking in Attack Surface Management (ASM)
1st
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
137
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Endpoint Protection Platform (EPP) (1st), Threat Intelligence Platforms (TIP) (1st), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (1st)
 

Mindshare comparison

As of January 2026, in the Attack Surface Management (ASM) category, the mindshare of Bitsight is 4.0%, up from 2.2% compared to the previous year. The mindshare of CrowdStrike Falcon is 7.9%, down from 22.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM) Market Share Distribution
ProductMarket Share (%)
CrowdStrike Falcon7.9%
Bitsight4.0%
Other88.1%
Attack Surface Management (ASM)
 

Featured Reviews

SA
Senior AIML Engineer at a tech vendor with 1,001-5,000 employees
Continuous monitoring has strengthened external security and improved customer trust
There are areas for improvement; we do notice sometimes finding vulnerabilities which gives us visibility to find them quickly. However, there could be a mechanism they can build on top of that for validation as they identify the issues. What will the real risk be for that identifiable issue? Sometimes it could be open because of the traffic; how they detected it could be seen as vulnerable, but upon testing, it might not be a real issue. It could be a false positive because there could be a honeypot that we built. My thinking is about validation, so if they can build that validation part before they expose the risk to the specific asset, that would help. Additionally, based on their reporting, they could also build risk scores and prioritization, which would also aid us. I would suggest adding dashboards and custom reporting, which could help us by enabling rich custom reports with filters. That is especially for leadership because they will not look at each technical area, but overall they would be looking at the risk score and what the assets or critical exposure areas are. Customizable reporting based on requirements would be valuable. I chose 9 out of 10 because the reporting and dashboards would be the first thing I would consider for improvement, and then the second is about the validation part, which could probably improve to 10 out of 10. I cannot think of too much for additional improvements. Maybe some good automation with the API solutions that could be integrated with the CI/CD pipeline or DevOps tools we are running would also be automated and tested.
Waleed Omar - PeerSpot reviewer
Information Security Specialist at Arab Open University
Provides effective real-time threat detection with potential for cost optimization
Some features such as device control, firewall management, and file analysis are standalone products that we need to purchase separately. If these features came out of the box within the product, it would be much more beneficial for us. Other providers such as SentinelOne include these features in their base product. We attended a CrowdStrike Falcon event where they discussed some shallow AI features, but we cannot see these in our panel yet. We work with different solutions such as Darktrace and SocRadar, where AI features are automatically displayed in our dashboards after release. However, for CrowdStrike Falcon, we cannot see these features.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"My advice to others looking into using Bitsight is that it provides a lot of information that was not available before, and it is especially good in recon as it can identify many things about an organization that have never been found earlier, making it a valuable tool."
"Offers open ports from an external point of view."
"I prefer BitSight due to its patch management capabilities. The score is a valuable feature. I have contacted the customer support through e-mail and their response rate is fast. I rate the solution a nine out of ten."
"Bitsight has positively impacted my organization by improving security and customer trust, giving us continuous monitoring so we now find misconfigurations within hours instead of days or weeks, which directly improves our overall security posture and reduces risk as we catch high-risk exposures early, especially unexpected cloud assets or testing endpoints that accidentally went public."
"The product helps us identify the vulnerabilities of internet-facing applications."
"The best thing about BitSight is the comprehensive list of risk vectors, covering compromised systems, diligence failures, and behavioral anomalies."
"The solution is user-friendly."
"Bitsight gives me a holistic view of my entire security posture, which is something any organization would want to have after getting a tool such as Bitsight."
"The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately."
"The automatic alert feature is the most important feature of the solution."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"The solution's reporting console is phenomenal, and I can get a lot of data out of it."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"The UI is simple and self-explanatory. Everything is easy to understand."
 

Cons

"BitSight could improve the classes and lower-level detections of anomalies that compound the information used to compute the rating."
"At the moment, when the vulnerability score decreases, it remains the same for quite a while, even though issues are resolved in 24 hours."
"We found that some of the findings are clear false positives, but they still report that, and based on that, the rating goes down until we rectify them."
"Data enrichment is the major issue."
"The solution’s benchmarking should be improved."
"Its factor analysis feature could be better."
"There may be room for improvement in the methodology for identifying findings, as occasional errors occur on the technical side."
"There are areas for improvement; we do notice sometimes finding vulnerabilities which gives us visibility to find them quickly. However, there could be a mechanism they can build on top of that for validation as they identify the issues."
"Deployment in cloud environments is challenging. Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"Currently, I do not see any tangible benefits from CrowdStrike regarding incident improvement time, response time, or cost saving."
"One thing that is not yet available is attack simulation."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"It does take more time to scan than other solutions."
"Some of Falcon's features are a bit pricey."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
 

Pricing and Cost Advice

"The product has a reasonable price."
"The solution's price is average."
"CrowdStrike Falcon is one of the more expensive endpoint solutions on the market."
"The price is fixed with no room for negotiation."
"It has an annual license, and it is not that expensive."
"Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business."
"As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing."
"The price of CrowdStrike Falcon is reasonable."
"We pay 40,000 dirhams per 100 users."
"CrowdStrike is well priced. On a yearly basis, it costs between $60 and $100 per user."
report
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
881,082 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Manufacturing Company
10%
Computer Software Company
8%
Insurance Company
8%
Computer Software Company
11%
Financial Services Firm
10%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business3
Large Enterprise5
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise34
Large Enterprise62
 

Questions from the Community

What is your experience regarding pricing and costs for BitSight?
The product is a little expensive and very oriented to large companies.
What needs improvement with BitSight?
There are areas for improvement; we do notice sometimes finding vulnerabilities which gives us visibility to find them quickly. However, there could be a mechanism they can build on top of that for...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

No data available
CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform
 

Overview

 

Sample Customers

Fannie Mae, Cabela's, BNP Paribas, PWC, AIR Worldwide, Con Edison, The Container Store, OshKosh, Steris, University of South Florida, Emblem Health, Lloyds Bank
Information Not Available
Find out what your peers are saying about Bitsight vs. CrowdStrike Falcon and other solutions. Updated: December 2025.
881,082 professionals have used our research since 2012.