We performed a comparison between CrowdStrike Falcon and Cybereason Endpoint Detection & Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's initial setup phase is very easy."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Ability to get forensics details and also memory exfiltration."
"Fortinet is very user-friendly for customers."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"The detection is very reliable. Also, OverWatch is a great feature."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed."
"The EDR and XDR features have been most valuable."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The solution is efficient."
"We didn't have the visibility that we now have. It has increased our visibility by a lot. So, we put a lot more time into really looking at our environment and what is happening throughout our different networks. It has increased our visibility by around fivefold."
"It gives all the information in a clear response."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"The dashboard is very good and you can consider it as an interactive UI."
"The initial setup process is straightforward."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"ZTNA can improve latency."
"The solution should address emerging threats like SQL injection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The support needs improvement."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"An improvement would be to extend support to legacy and unsupported servers."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"The Integration with tools, SOC tools, could be better."
"Ad hoc higher-level reporting to senior management can be improved or can be implemented. That's definitely an area of improvement that they need to focus on."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"The product's reporting isn't great."
"They need to improve their technical support services."
"I feel that the product lacks reporting features and needs improvement."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"It should be more stable, and the sensor needs improvement in terms of connectivity."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews. CrowdStrike Falcon is rated 8.8, while Cybereason Endpoint Detection & Response is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Cybereason Endpoint Detection & Response is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace, SentinelOne Singularity Complete and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.