We performed a comparison between CrowdStrike Falcon and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product's initial setup phase is very easy."
"It is stable and scalable."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Ability to get forensics details and also memory exfiltration."
"This is stable and scalable."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"It's very easy to set up."
"The threat intelligence is the most valuable feature."
"Scalability hasn't been an issue for us."
"The UI is simple and self-explanatory. Everything is easy to understand."
"At this point what is most valuable is the interface, which is easy to navigate."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"It's positively affected our overall rate of efficiency."
"We use this solution to examine disparate log sources and provide a cohesive method to search for anomalous behavior."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"The artificial intelligence engine."
"It has allowed us to dive deeper into our network and figure out what is going on by parsing logs properly and being able to reduce the time it takes to work cases down from seven days to approximately two days."
"I would say the most valuable feature of LogRhythm is that it has built-in UEBA functionality, among other basic Windows packages."
"The GUI is very intuitive and the solution has good integration."
"The most valuable features would be the automation, reporting, and the support."
"Making the portal mobile friendly would be helpful when I am out of office."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"ZTNA can improve latency."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not stable."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"Some of Falcon's features are a bit pricey."
"I've found that CrowdStrike's technical support could benefit from increased technical expertise."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"There is room for improvement in managing multiple customer IDs."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"The initial setup is not so easy because it is quite a process."
"I would like to suggest that they should improve their usage of third party tools for making dashboards and reports. If they would create their own tools for dashboard and report, it would be much better in terms of security purposes."
"I would like to see case management become more independent from LogRhythm itself."
"Only area I can think of to improve on is the proof reading and using the guides before releasing them. Out the the 20+ guides I used one had issues with wrong information in it."
"There is room for improvement with separate running sources or better integration."
"I would like to see APIs well-documented and public facing, so we can get to them all."
"We have run into problems with stability going through upgrade processes. Recently, we have been on the front edge of the upgrade path. When that happens we tend to run into issues either with certain functionality not working after the upgrades or stability issues because of the upgrades."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. CrowdStrike Falcon is rated 8.8, while LogRhythm SIEM is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Rapid7 InsightIDR.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.