No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Falcon vs OpenText EnCase eDiscovery comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CrowdStrike Falcon
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
139
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (TIP) (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (2nd), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (2nd)
OpenText EnCase eDiscovery
Average Rating
7.8
Reviews Sentiment
7.7
Number of Reviews
8
Ranking in other categories
eDiscovery (8th)
 

Mindshare comparison

Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
CrowdStrike Falcon9.3%
SentinelOne Singularity Endpoint5.9%
Wazuh4.9%
Other79.9%
Extended Detection and Response (XDR)
eDiscovery Mindshare Distribution
ProductMindshare (%)
OpenText EnCase eDiscovery3.8%
kCura Relativity5.5%
Microsoft Purview eDiscovery4.8%
Other85.9%
eDiscovery
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Chetan Bhati - PeerSpot reviewer
Network Security Engineer at Arrow PC Network Pvt Ltd
Cloud-native security has improved real-time threat detection and streamlined daily operations
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful. The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
Alejandro Stromer - PeerSpot reviewer
Director Consulting SAP OpenText en Entelgy at DCL Consultores EIM SL
A stable and scalable hybrid solution with easy setup
The solution is scalable. It has three levels. You have the presentation area that can be escalated to the balance sheet. You have the back-end area that can be escalated using higher viability to configure more application servers. Also, the area of storage can be increased. We usually cater to enterprise solutions but have small- and medium-sized customers. It starts with 25 users and goes up to 100s and 1000s.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"The most valuable features of this product are the management capabilities, which allow an IT organization to get quite a good picture of attempted cyber attacks, and its out-of-the-box investigation capabilities."
"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"What I like about Cortex XDR by Palo Alto Networks is that it is a comprehensive solution that contains everything the organization may need when using endpoints."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"I can highlight that we have not faced any security incidents with Cortex XDR by Palo Alto Networks, and even though our environment is quite dynamic, we have not faced any security incident with Cortex XDR by Palo Alto Networks until now."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"CrowdStrike Falcon has helped my customers predict and prevent potential breaches because of its proactive approach."
"Its integration capability is valuable. It integrates easily with any OS."
"The feature I like the most is the solution's detection."
"We are happy with CloudStrike's ease of use and touch notification."
"There are great security features on offer that are much better than other options in India at this time."
"This product has worked flawlessly to prevent breaches, and then it has allowed us to prevent any downtime."
"CrowdStrike has a much lower rate of false positives than Cylance and the dashboard makes it easier to use."
"It is a very useful tool; it is worth buying irrespective of price."
"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."
"The solution has been quite good, and, overall, the features we need are available to us."
"The solution is very stable."
"Using Encase we are able to implement security and also Forensics."
"Data Recovery: Its ability to repair damaged partitions and uncover hidden partitions from within the tool, and allow further analysis."
"Image creation and image analysis in one program, basically for ease of use."
"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."
 

Cons

"Based on our experience so far, its implementation is quite complex."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."
"There are some limitations on the Traps agents."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"This is a very costly product."
"I believe nothing can be done to make CrowdStrike Falcon a ten out of ten, as I think it's one of the best solutions in the market. However, rating it a ten overall would imply there's no scope for improvement, but to survive in the market, changes must be made every day."
"I would like to see the machine learning feature enhanced."
"CrowdStrike should add support for ransomware protection."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"They should provide us with good visibility for everything."
"One thing that is not yet available is attack simulation."
"CrowdStrike Falcon's GUI requires improvement for user-friendliness."
"This solution lacks basic functionality, such as being able to perform on-demand scanning."
"I suggest that if the mobile phone acquisition is embedded in the Encase law enforcement version, it would be very useful."
"​Sometimes the application can take more time to complete the image processing or fail at the end of the process.​"
"This is not the program I would suggest for a newbie using to learn. It is just too expensive for the full experience, and the student versions, while very good, are just for that, students."
"Ease of use and learning curve need improvement."
"In the past, incident response time for tech support was slow."
"The reporting is a bit unreliable. It needs to be better."
"From a customer service standpoint, this is unacceptable."
"There were minor UI bugs."
 

Pricing and Cost Advice

"I feel it is fairly priced."
"Cortex XDR’s pricing is very reasonable."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"Cortex XDR's pricing is ok."
"I don't recall what the cost was, but it wasn't really that expensive."
"It has a yearly renewal."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Its pricing is kind of in line with its competitors and everybody else out there."
"With respect to pricing, my suggestion to others is to evaluate the environment and purchase what you need."
"Our company pays approximately US$ 65,000 annually for 900 machines."
"It is an expensive product, but I think it is well worth the investment."
"The price is fixed with no room for negotiation."
"Different components are additional price points. We got the components that were right for us, but other organizations may require more (or less) components to suit their needs."
"The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality."
"CrowdStrike Falcon is one of the more expensive endpoint solutions on the market."
"The pricing and licensing are reasonable. I don't think we are getting charged more than what it is worth. It is fair, but I do not like how it is a la carte. I realize they do that so other organizations can buy and get the agent, getting it cheaper than you could otherwise. However, if you want the main core package, which has all the main features with the exception of maybe the multi-cloud protections, that can get pricier for an organization. So, you have to pick and choose what you want. I do not care for a la carte pricing."
"​The product is affordable and user-friendly.​"
"EnCase is an affordable solution."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
903,807 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Financial Services Firm
11%
Manufacturing Company
10%
Computer Software Company
9%
Government
5%
Performing Arts
10%
Construction Company
10%
Financial Services Firm
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business55
Midsize Enterprise33
Large Enterprise63
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
Is Crowdstrike Falcon better than Trend Micro Deep Security?
I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform
EnCase eDiscovery
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Ontario Ministry of Government, Aerospace Company, Chesterfield Police Department
Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: June 2026.
903,807 professionals have used our research since 2012.