We performed a comparison between CrowdStrike Falcon and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"It is stable and scalable."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"I like the overall reports of this solution. They are crisp, and to the point."
"At this point what is most valuable is the interface, which is easy to navigate."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
"We haven't had any infections or down time."
"The automatic alert feature is the most important feature of the solution."
"The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched."
"AlienVault has an advanced component within one package. With this, we can cover more area with one solution."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"Allowed us to help our customers satisfy compliance needs around logging and monitoring."
"The ease of implementation is the most valuable feature."
"Ease of deployment across various environments."
"Having everything in a central place has been helpful."
"It is my "security person" looking at irregularities and letting me know when something has occurred."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR can be improved by providing more detailed reporting."
"The support needs improvement."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The management of log aggregation is in need of improvement."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"The current database schema presents challenges and has potential for improvement."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"The detection time has room for improvement."
"This solution could be improved with greater scope for admins to make changes to the solution."
"Falcon could include more integrative features."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"The reporting and dashboards have room for improvement."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"In the future, I would like to see all these features of the solution working properly."
"We would like more plugins. This being the main point of improvement which would benefit the users."
"There are many reports included but would be nice to have better access to the data."
"Maybe logs are the problem, as the database query is too slow. If you want to search something, you need time to find it."
"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while USM Anywhere is ranked 23rd in Endpoint Detection and Response (EDR) with 113 reviews. CrowdStrike Falcon is rated 8.8, while USM Anywhere is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Trellix Helix. See our CrowdStrike Falcon vs. USM Anywhere report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.