BlackBerry Cylance Cybersecurity vs CrowdStrike Falcon comparison

BlackBerry Cylance Cybersecurity vs. CrowdStrike Falcon

Download the complete report

Helped 882,961 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

As of February 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.1% compared to the previous year. The mindshare of BlackBerry Cylance Cybersecurity is 1.3%, up from 1.2% compared to the previous year. The mindshare of CrowdStrike Falcon is 6.7%, down from 11.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP) Market Share Distribution
Product	Market Share (%)
CrowdStrike Falcon	6.7%
Cortex XDR by Palo Alto Networks	3.4%
BlackBerry Cylance Cybersecurity	1.3%
Other	88.6%

Endpoint Protection Platform (EPP)

Q&A Highlights

Miriam Tover

Service Delivery Manager at PeerSpot

Jun 27, 2019

What is the biggest difference between CrowdStrike and Cylance?

Both Cylance and CrowdStrike are amongst the few top of the market in terms or endpoint protection. CrowdStrike was considered among the top 5 in 2017 and Cylance was considered the same in 2019. As they are both highly effective, CrowdStrike is very unique in its user-friendliness, while Cylance is very unique for its minimum utilization of computer's resources. If you compare initial pricing, you would go with Cylance, but you can always negotiate with both to get the best offers.

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

Sooraj Makkancherrry

Security Operations Manager at Philips

Doesn't have daily updates, which is important for healthcare IT

I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.

Read full review

Waleed Omar

Information Security Specialist at Arab Open University

Provides effective real-time threat detection with potential for cost optimization

Some features such as device control, firewall management, and file analysis are standalone products that we need to purchase separately. If these features came out of the box within the product, it would be much more beneficial for us. Other providers such as SentinelOne include these features in their base product. We attended a CrowdStrike Falcon event where they discussed some shallow AI features, but we cannot see these in our panel yet. We work with different solutions such as Darktrace and SocRadar, where AI features are automatically displayed in our dashboards after release. However, for CrowdStrike Falcon, we cannot see these features.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."

"It's a nice product that's stable and scalable."

"Cortex is the best tool for endpoint detection, with playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."

"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."

"One of the main benefits of the solution is its intelligence to correlate the events into an incident."

"After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."

"The solution is a new generation XDR that has a lot of artificial intelligence modules."

"This software helps us understand any issues that may arise when someone is not at work."

More Cortex XDR by Palo Alto Networks pros

"I like the AI and mathematical components that they use."

"You can manage all the threats and everything from a centralized dashboard."

"The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality and cloud functionality as well."

"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."

"It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions."

"Centralized dashboard online which can be used for managing a huge product."

"I rate the tool a ten out of ten when it comes to the ease of use or management part."

"Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."

More BlackBerry Cylance Cybersecurity pros

"The feature I like the most is the solution's detection."

"It's very easy to set up."

"The best benefit of CrowdStrike Falcon is 99% MITRE coverage."

"The initial setup is a very fast process."

"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."

"The scalability is good."

"EDR is effective in CrowdStrike."

"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."

More CrowdStrike Falcon pros

Cons

"While using Cortex, I noticed some aspects that could be improved, such as increasing the synchronization speed between XDR and Xnor."

"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."

"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."

"It'll help if customization was easier."

"The dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard."

"The main issue I could point out is the offline agents and the way that it is missing."

"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."

"The solution should offer more dashboards and they should be better customized."

More Cortex XDR by Palo Alto Networks cons

"CylancePROTECT could be improved in its technical support and communication."

"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."

"Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."

"Reporting is an area with shortcomings in CylancePROTECT that needs to be improved."

"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."

"I would say one thing that they might need to bring in is protection for mobile devices."

"While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."

"The security scripting needs improvement. It needs deeper security for scripting."

More BlackBerry Cylance Cybersecurity cons

"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."

"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."

"The management of the solution could improve."

"Forensic controls have room for improvement."

"It can be expensive depending on the features you select."

"It would be nice if the dashboard had some more information upfront, and looked a little better."

"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."

"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."

More CrowdStrike Falcon cons

Pricing and Cost Advice

"It's about $55 per license on a yearly basis."

"The price was fine."

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."

"The solution is expensive. It's pricing is on a yearly-basis."

"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."

"I don't recall what the cost was, but it wasn't really that expensive."

"The cost depends on your chosen license type, like Pro or other licenses."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"Currently, we have competitive pricing for Cylance, which is affordable enough to consider."

"I think that the price we are paying is good for what it is."

"The price is reasonable for us at the moment. I rate the overall solution an eight out of ten."

"Shop around for sure and be assured the price you pay will be close to other solutions available, but even at a slight mark-up from the other solutions, you are getting real endpoint protection versus nothing more than a cheap security blanket that might keep you warm at night."

"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."

"Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees."

"The solution provides me with competitive pricing."

"It's not so heavily priced; rather, it's average and decent."

More BlackBerry Cylance Cybersecurity pricing and cost advice

"We are on an annual subscription for the solution. There are not any additional costs."

"Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business."

"We pay between $30-50 per user for a yearly license, which is more expensive than SentinelOne or Bitdefender. However, CrowdStrike gives better value for money."

"The product is expensive."

"The price is too high."

"The solution's pricing is great for us."

"CrowdStrike Falcon is more expensive than other EDR solutions with similar features."

"Different components are additional price points. We got the components that were right for us, but other organizations may require more (or less) components to suit their needs."

More CrowdStrike Falcon pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

882,961 professionals have used our research since 2012.

Answers from the Community

Miriam Tover

Service Delivery Manager at PeerSpot

Jun 27, 2019

What is the biggest difference between CrowdStrike and Cylance?

2 out of 3 answers

Dan Brunnquell

Director Of Information Technology at a financial services firm with 11-50 employees

Jun 25, 2019

I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.

Read full answer

ABDULRAHMAN ALBATARNI

IT Manager with 201-500 employees

Jun 26, 2019

Read full answer

See all 3 answers

Top Industries

By visitors reading reviews

Computer Software Company

10%

Financial Services Firm

10%

Manufacturing Company

Government

Computer Software Company

Manufacturing Company

Government

Comms Service Provider

Computer Software Company

11%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	42
Midsize Enterprise	21
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	33
Midsize Enterprise	5
Large Enterprise	13

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	34
Large Enterprise	62

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

What do you like most about Blackberry Protect?

It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessa...

What is your experience regarding pricing and costs for Blackberry Protect?

The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.

What needs improvement with Blackberry Protect?

I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we conta...

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...

Is Crowdstrike Falcon better than Trend Micro Deep Security?

I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Comparisons

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

More Cortex XDR by Palo Alto Networks Competitors

Microsoft Defender for Endpoint vs BlackBerry Cylance Cybersecurity

Compared 7% of the time

SentinelOne Singularity Complete vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

VMware Carbon Black Endpoint vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

Cisco Secure Endpoint vs BlackBerry Cylance Cybersecurity

Compared 6% of the time

Trellix Endpoint Security Platform vs BlackBerry Cylance Cybersecurity

Compared 4% of the time

More BlackBerry Cylance Cybersecurity Competitors

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 4% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 3% of the time

Microsoft Defender XDR vs CrowdStrike Falcon

Compared 3% of the time

Darktrace vs CrowdStrike Falcon

Compared 2% of the time

Symantec Endpoint Security vs CrowdStrike Falcon

Compared 2% of the time

More CrowdStrike Falcon Competitors

Product Reports

Cortex XDR by Palo Alto Networks

Download Cortex XDR by Palo Alto Networks product report

BlackBerry Cylance Cybersecurity

Download BlackBerry Cylance Cybersecurity product report

CrowdStrike Falcon

Download CrowdStrike Falcon product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

Blackberry Protect

CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

BlackBerry Cylance Cybersecurity leverages AI and machine learning for efficient malware detection and zero-day threat protection, offering robust endpoint security with high detection accuracy and low false positive rates.

BlackBerry Cylance Cybersecurity delivers advanced threat protection with AI-driven algorithms and machine learning. Its lightweight design ensures low system resource usage, making it both efficient and effective. It's recognized for centralized management, easy deployment, and a clean interface, providing comprehensive endpoint protection against diverse threats. The integration of features like CylanceOPTICS and behavioral monitoring enhances security insights. While the system excels in malware detection, enhancements are needed in areas like user interface design, reporting, deeper threat analysis, and integration with third-party systems. Support and pricing improvements could also increase competitiveness.

What are the key features of BlackBerry Cylance Cybersecurity?

AI and Machine Learning: Utilizes cutting-edge technology for malware and threat detection.
Zero-Day Protection: Safeguards against emerging threats without the need for constant updates.
Centralized Management: Simplifies deployment and management across devices.
CylanceOPTICS: Provides advanced security insights and behavioral monitoring.
Low Resource Usage: Ensures efficient operation with minimal system impact.

What benefits should users expect from BlackBerry Cylance Cybersecurity?

High Detection Accuracy: Reduces risk with minimal false positives.
Efficient Resource Management: Enhances performance with its lightweight design.
Proactive Threat Defense: Protects against a wide range of threats with centralized management.
Advanced Insights: Offers unique features for detailed security analysis.

Organizations deploy BlackBerry Cylance Cybersecurity for threat analytics, log management, and endpoint protection. As an antivirus replacement, it protects against zero-day malware, ransomware, and various threats. Its AI algorithms detect anomalies, minimizing risks in both internet-connected and isolated environments. Many businesses incorporate it into wider security strategies, appreciating its centralized management and proactive defense capabilities.

BlackBerry

CrowdStrike Falcon provides cutting-edge endpoint detection with automatic alerts, real-time monitoring, and seamless integration capabilities. Cloud-native architecture and AI-driven processes ensure scalable protection and efficient threat remediation.

CrowdStrike Falcon is recognized for its robust EDR and threat intelligence features that enhance security and streamline operations. Its lightweight agent minimizes system impact while offering real-time monitoring and detailed reporting. This platform uses cloud-native architecture for scalable, consistent protection, significantly reducing administrative demands. AI and machine learning empower precise threat hunting and behavioral analysis, which mitigates false positives and boosts cybersecurity efficiency. Users seek improvements in integration with other systems, reporting functions, and compatibility with specific operating systems. While the solution handles malware mitigation and threat response efficiently, suggestions for on-demand scanning, enhanced visibility, and better dashboard features are noted.

What are the key features of CrowdStrike Falcon?

Automatic Alert System: Provides instant alerts to enhance threat detection.
Robust EDR: Offers advanced endpoint detection capabilities.
Threat Intelligence: Delivers detailed insights for proactive security measures.
Real-time Monitoring: Enables continuous security assessments.
Seamless Integration Options: Streamlines operations with existing infrastructure.
Lightweight Agent: Minimizes system impact, maintaining performance efficiency.
Cloud-native Architecture: Provides scalable, consistent protection against threats.
AI and ML-driven Processes: Offers accurate threat hunting and behavioral analysis.

What benefits or ROI should users expect from CrowdStrike Falcon?

Enhanced Security: Comprehensive protection for endpoints using cutting-edge technologies.
Reduced Administrative Burden: Simplifies management of security incidents.
Efficient Threat Remediation: Minimizes downtime with quick threat response actions.
Improved Threat Visibility: Provides detailed reports and insights.
Scalable Protection: Ensures adaptable security measures across multiple devices.

In technology sectors, CrowdStrike Falcon commonly supports endpoint protection and threat response initiatives, allowing companies to replace traditional antivirus systems with more advanced solutions. In finance, it secures sensitive data across multiple platforms, ensuring compliance. In healthcare, real-time security analysis protects patient data on critical devices like servers and laptops, utilizing AI to enhance cybersecurity defenses.

CrowdStrike

Sample Customers

CBI Health Group, University Honda, VakifBank

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit

Information Not Available

BlackBerry Cylance Cybersecurity vs. CrowdStrike Falcon