We performed a comparison between CrowdStrike Falcon and Cuckoo Sandbox based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"This is stable and scalable."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The setup is pretty simple."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"The scalability is good."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"It is an easy product to deploy."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"The scalability is an eight out of ten."
"The solution should address emerging threats like SQL injection."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I haven't seen the use of AI in the solution."
"The dashboard isn't easy to access and manage."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"The portal can be clunky to navigate at times and has room for improvement."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"They should provide us with good visibility for everything."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"I want the command to be quicker."
Earn 20 points
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Cuckoo Sandbox is ranked 20th in Anti-Malware Tools with 1 review. CrowdStrike Falcon is rated 8.8, while Cuckoo Sandbox is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Cuckoo Sandbox writes "Provides great technical support and is very scalable". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Cuckoo Sandbox is most compared with VirusTotal, ANY.RUN, VMRay, Microsoft Defender for Endpoint and Deep Instinct Prevention Platform.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.