CrowdStrike Falcon vs OpenText EnCase eDiscovery comparison

The compared CrowdStrike and OpenText solutions aren't in the same category. CrowdStrike is ranked #1 in XDR , with an average rating of 8.6, and holds a 9.9% mindshare in the category. OpenText is ranked #12 in eD , and holds a 3.1% mindshare. Additionally, 97% of CrowdStrike users are willing to recommend the solution, compared to 75% of OpenText users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between CrowdStrike Falcon and OpenText EnCase eDiscovery based on real PeerSpot user reviews.

Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed CrowdStrike Falcon vs. OpenText EnCase eDiscovery Report (Updated: May 2025).

Buyer's Guide

CrowdStrike Falcon vs. OpenText EnCase eDiscovery

May 2025

Download the complete report

Helped 883,026 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Mindshare comparison

Extended Detection and Response (XDR) Market Share Distribution
Product	Market Share (%)
CrowdStrike Falcon	9.9%
Wazuh	6.8%
SentinelOne Singularity Complete	5.8%
Other	77.5%

Extended Detection and Response (XDR)

eDiscovery Market Share Distribution
Product	Market Share (%)
OpenText EnCase eDiscovery	3.1%
Microsoft Purview eDiscovery	9.0%
kCura Relativity	5.8%
Other	82.1%

eDiscovery

Featured Reviews

ABHISHEK_SINGH

Senior Process Expert at A.P. Moller - Maersk

Gained full visibility and streamlined threat detection through behavior-based insights and AI integration

Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Read full review

Waleed Omar

Information Security Specialist at Arab Open University

Provides effective real-time threat detection with potential for cost optimization

Some features such as device control, firewall management, and file analysis are standalone products that we need to purchase separately. If these features came out of the box within the product, it would be much more beneficial for us. Other providers such as SentinelOne include these features in their base product. We attended a CrowdStrike Falcon event where they discussed some shallow AI features, but we cannot see these in our panel yet. We work with different solutions such as Darktrace and SocRadar, where AI features are automatically displayed in our dashboards after release. However, for CrowdStrike Falcon, we cannot see these features.

Read full review

Alejandro Stromer

Director Consulting SAP OpenText en Entelgy at DCL Consultores EIM SL

A stable and scalable hybrid solution with easy setup

The solution is scalable. It has three levels. You have the presentation area that can be escalated to the balance sheet. You have the back-end area that can be escalated using higher viability to configure more application servers. Also, the area of storage can be increased. We usually cater to enterprise solutions but have small- and medium-sized customers. It starts with 25 users and goes up to 100s and 1000s.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."

"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."

"The normal protection was really effective, and we detected situations that if we didn't have Cortex XDR by Palo Alto Networks, it's highly likely that we would have been affected, but it protected the infrastructure."

"The tool is designed to scale for large enterprises and handle large volumes of data."

"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."

"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."

"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."

"It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."

More Cortex XDR by Palo Alto Networks pros

"It's very easy to set up."

"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."

"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."

"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."

"The best benefit of CrowdStrike Falcon is 99% MITRE coverage."

"We are happy with CloudStrike's ease of use and touch notification."

"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."

"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."

More CrowdStrike Falcon pros

"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."

"It indexes much faster, and is more reflexive because of the Enscripts."

"It speeds up the process, so I can meet my deadlines."

"The solution is very stable."

"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."

"Data Recovery: Its ability to repair damaged partitions and uncover hidden partitions from within the tool, and allow further analysis."

"The technical support is excellent."

Cons

"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."

"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."

"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."

"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."

"I would like to see some additional features related to email protection included."

"The solution needs better reports. I think they should let the customer go in and customize the reports."

"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."

"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."

More Cortex XDR by Palo Alto Networks cons

"The installation process for this software needs to be simplified."

"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."

"I recommend that some deep-dive trainings are required for the NG SIEM, specifically for their next-generation SIEM module, as they need some basic trainings for that."

"They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."

"The new interface, the UI, seems a bit messy."

"CrowdStrike Falcon's GUI requires improvement for user-friendliness."

"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."

"If we have a dashboard capability to uninstall agents, I think that would be great."

More CrowdStrike Falcon cons

"Ease of use and learning curve need improvement."

"In the past, incident response time for tech support was slow."

"We have come across problems with the end-case. We could not find an email discovery type of module and there was not flexibility with the email."

"I would like to see a capability to ingest and absorb more data. That would be really good. It currently is lacking this function."

"Sometimes the application can take more time to complete the image processing or fail at the end of the process."

"There were minor UI bugs."

"The reporting is a bit unreliable. It needs to be better."

Pricing and Cost Advice

"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."

"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."

"The price was fine."

"The price of the solution is high for the license and in general."

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"It is expensive compared to SentinelOne, but as the market leader, it is worth it."

"We are at about $60,000 per year."

"The pricing and licensing are fairly good. It is definitely not a cheap product, but I have felt that it is worth the money that we spent. So, we have discussed it in the past, and were like, "Yes, it is probably pricier than some other solutions, but we also feel they really are the leader. We are very comfortable with their level of expertise. So, it's kind of worth the price that we pay.""

"Annual licensing."

"CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team."

"There are approximately a hundred different modules you have to purchase, depending on what you want to do. I have most of the modules. How it works is you buy the portfolio, you have to decide all the components you want in it, and then they price out a bundle for you. I have almost all of the package features in my bundle. You only need to pay for the modules you want."

"CrowdStrike Falcon is one of the more expensive endpoint solutions on the market."

"This solution has a very competitive price."

More CrowdStrike Falcon pricing and cost advice

"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."

"The product is affordable and user-friendly."

"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."

"EnCase is an affordable solution."

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

883,026 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

10%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

11%

Financial Services Firm

10%

Manufacturing Company

Government

Performing Arts

14%

Financial Services Firm

10%

Government

10%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	42
Midsize Enterprise	21
Large Enterprise	47

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	34
Large Enterprise	62

By reviewers
Company Size	Count
Small Business	2
Midsize Enterprise	2
Large Enterprise	3

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...

See all answers

Is Crowdstrike Falcon better than Trend Micro Deep Security?

I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...

See all answers

Ask a question

Earn 20 points

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 9% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 6% of the time

Cortex XSIAM vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks

Compared 3% of the time

Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks

Compared 2% of the time

More Cortex XDR by Palo Alto Networks Competitors

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 3% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 3% of the time

Microsoft Defender XDR vs CrowdStrike Falcon

Compared 3% of the time

SentinelOne Singularity Complete vs CrowdStrike Falcon

Compared 2% of the time

Kaspersky Endpoint Detection and Response vs CrowdStrike Falcon

Compared 1% of the time

More CrowdStrike Falcon Competitors

Trellix Endpoint Security Platform vs OpenText EnCase eDiscovery

Compared 13% of the time

BigFix vs OpenText EnCase eDiscovery

Compared 13% of the time

Exterro vs OpenText EnCase eDiscovery

Compared 12% of the time

Nuix eDiscovery vs OpenText EnCase eDiscovery

Compared 10% of the time

Microsoft Purview eDiscovery vs OpenText EnCase eDiscovery

Compared 7% of the time

More OpenText EnCase eDiscovery Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

February 2026

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

CrowdStrike Falcon

February 2026

Download CrowdStrike Falcon product report

Buyer's Guide

eDiscovery

February 2026

Download OpenText EnCase eDiscovery product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform

EnCase eDiscovery

Overview

Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.

Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.

What are the key features of Cortex XDR?

Advanced Threat Detection: Uses AI and machine learning for proactive threat identification.
Multi-layered Security: Combines various security measures for comprehensive protection.
Endpoint Protection: Safeguards against malware and exploits.
Behavioral Analysis: Monitors suspicious activity for early detection.
Automatic Threat Response: Automates responses to neutralize threats.

What benefits should users expect?

Ease of Use: Simplifies security management with intuitive design.
Resource Efficiency: Minimizes impact on system resources.
Integration Capabilities: Works well with existing security setups.
Reduced Analyst Workload: Automates processes to decrease manual intervention.

Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.

Palo Alto Networks

CrowdStrike Falcon provides cutting-edge endpoint detection with automatic alerts, real-time monitoring, and seamless integration capabilities. Cloud-native architecture and AI-driven processes ensure scalable protection and efficient threat remediation.

CrowdStrike Falcon is recognized for its robust EDR and threat intelligence features that enhance security and streamline operations. Its lightweight agent minimizes system impact while offering real-time monitoring and detailed reporting. This platform uses cloud-native architecture for scalable, consistent protection, significantly reducing administrative demands. AI and machine learning empower precise threat hunting and behavioral analysis, which mitigates false positives and boosts cybersecurity efficiency. Users seek improvements in integration with other systems, reporting functions, and compatibility with specific operating systems. While the solution handles malware mitigation and threat response efficiently, suggestions for on-demand scanning, enhanced visibility, and better dashboard features are noted.

What are the key features of CrowdStrike Falcon?

Automatic Alert System: Provides instant alerts to enhance threat detection.
Robust EDR: Offers advanced endpoint detection capabilities.
Threat Intelligence: Delivers detailed insights for proactive security measures.
Real-time Monitoring: Enables continuous security assessments.
Seamless Integration Options: Streamlines operations with existing infrastructure.
Lightweight Agent: Minimizes system impact, maintaining performance efficiency.
Cloud-native Architecture: Provides scalable, consistent protection against threats.
AI and ML-driven Processes: Offers accurate threat hunting and behavioral analysis.

What benefits or ROI should users expect from CrowdStrike Falcon?

Enhanced Security: Comprehensive protection for endpoints using cutting-edge technologies.
Reduced Administrative Burden: Simplifies management of security incidents.
Efficient Threat Remediation: Minimizes downtime with quick threat response actions.
Improved Threat Visibility: Provides detailed reports and insights.
Scalable Protection: Ensures adaptable security measures across multiple devices.

In technology sectors, CrowdStrike Falcon commonly supports endpoint protection and threat response initiatives, allowing companies to replace traditional antivirus systems with more advanced solutions. In finance, it secures sensitive data across multiple platforms, ensuring compliance. In healthcare, real-time security analysis protects patient data on critical devices like servers and laptops, utilizing AI to enhance cybersecurity defenses.

CrowdStrike

eDiscovery collection tools address the rise in dispersed and remote workforces, the proliferation of mobile devices and new sources of data. Comprehensively collecting data across all data sources, including endpoints, such as desktops and laptops, is critical to defensibility. Collection analytics and culling is key to efficient digital investigations, narrowing the document collection to drive down the cost of legal review.

With OpenText™ EnCase™ eDiscovery, organizations can streamline the collection, culling and preservation of data across diverse sources in a single efficient process.

OpenText

Sample Customers

CBI Health Group, University Honda, VakifBank

Information Not Available

Ontario Ministry of Government, Aerospace Company, Chesterfield Police Department

Buyer's Guide

CrowdStrike Falcon vs. OpenText EnCase eDiscovery

May 2025

Free Report: CrowdStrike Falcon vs. OpenText EnCase eDiscovery

Find out what your peers are saying about CrowdStrike Falcon vs. OpenText EnCase eDiscovery and other solutions. Updated: May 2025.

DOWNLOAD NOW

883,026 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. OpenText EnCase eDiscovery report.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.