We performed a comparison between CrowdStrike Falcon and Mandiant Advantage based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I have found the ability to delete unwanted threats beneficial."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Easy to use, intelligent, and stable threat detection software."
"The detection is very reliable. Also, OverWatch is a great feature."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"We like Falcon's network visibility. We can see how threats are evolving on PCS or in the company network. The solution's real-time incident response is very fast."
"The detection and response console is the most valuable feature."
"CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"CrowdStrike Falcon needs to improve their host management system."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"In a future release, I would like to see more integrations for data breaches and security features."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"Technical support could be better than what is currently offered."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"I have worked with their technical support on several problems that were never fully resolved."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Mandiant Advantage is ranked 21st in Extended Detection and Response (XDR) with 3 reviews. CrowdStrike Falcon is rated 8.8, while Mandiant Advantage is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Mandiant Advantage is most compared with Cortex Xpanse, Microsoft Defender External Attack Surface Management, Cymulate, Tenable Attack Surface Management and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. Mandiant Advantage report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.