No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Falcon vs OpenText EnCase eDiscovery comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CrowdStrike Falcon
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
139
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (TIP) (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (2nd), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (2nd)
OpenText EnCase eDiscovery
Average Rating
7.8
Reviews Sentiment
7.7
Number of Reviews
8
Ranking in other categories
eDiscovery (8th)
 

Mindshare comparison

Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
CrowdStrike Falcon9.3%
SentinelOne Singularity Endpoint5.9%
Wazuh4.9%
Other79.9%
Extended Detection and Response (XDR)
eDiscovery Mindshare Distribution
ProductMindshare (%)
OpenText EnCase eDiscovery3.8%
kCura Relativity5.5%
Microsoft Purview eDiscovery4.8%
Other85.9%
eDiscovery
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Chetan Bhati - PeerSpot reviewer
Network Security Engineer at Arrow PC Network Pvt Ltd
Cloud-native security has improved real-time threat detection and streamlined daily operations
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful. The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
Alejandro Stromer - PeerSpot reviewer
Director Consulting SAP OpenText en Entelgy at DCL Consultores EIM SL
A stable and scalable hybrid solution with easy setup
The solution is scalable. It has three levels. You have the presentation area that can be escalated to the balance sheet. You have the back-end area that can be escalated using higher viability to configure more application servers. Also, the area of storage can be increased. We usually cater to enterprise solutions but have small- and medium-sized customers. It starts with 25 users and goes up to 100s and 1000s.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"The solution's most valuable feature is the user interface."
"These days it's machine-learning technology and behavior-based analytics features that make us more secure."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
"The tool is designed to scale for large enterprises and handle large volumes of data."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"During the PoC, we figured out that this product is far better, and it met our requirements."
"The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint."
"It improves a lot of our security operations for threat management, and it provides a lot for our day-to-day operations too."
"The UI is simple and self-explanatory. Everything is easy to understand."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"Easy to use, intelligent, and stable threat detection software."
"The most beneficial features of CrowdStrike Falcon are that it is easy to install, easy to manage, lightweight, and it can stop breaches."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"It indexes much faster, and is more reflexive because of the Enscripts."
"The solution is very stable."
"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."
"Using Encase we are able to implement security and also Forensics."
"The most important feature we've found is the Enscripts, as it allows me to customize the scripts and deploy them as and how I need them, for example to segregate and index files efficiently."
"The technical support is excellent."
"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."
"The solution has been quite good, and, overall, the features we need are available to us."
 

Cons

"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"The configuration could be simplified. I would like to see better protection, specifically to protect email applications."
"The solution lags to the real-time scenarios here and there."
"There are some default policies which sometimes affect our applications and cause them to run around."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"CrowdStrike Falcon needs to improve their host management system."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"Technical support could be better than what is currently offered."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"The console is not user-friendly or visually appealing and has room for improvement."
"This is not the program I would suggest for a newbie using to learn. It is just too expensive for the full experience, and the student versions, while very good, are just for that, students."
"From a customer service standpoint, this is unacceptable."
"​Sometimes the application can take more time to complete the image processing or fail at the end of the process.​"
"In the past, incident response time for tech support was slow."
"Ease of use and learning curve need improvement."
"There were minor UI bugs."
"We have come across problems with the end-case. We could not find an email discovery type of module and there was not flexibility with the email."
"The reporting is a bit unreliable. It needs to be better."
 

Pricing and Cost Advice

"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"It has reasonable pricing for the use cases it provides to the company."
"I don't have any issues with the pricing. We are satisfied with the price."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"The price of the product is not very economical."
"This is an expensive solution."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"There is no license required to use this solution."
"We pay between $30-50 per user for a yearly license, which is more expensive than SentinelOne or Bitdefender. However, CrowdStrike gives better value for money."
"The cost is usually a challenge in the industry. I think we pay around sixty-eight dollars."
"The product is expensive."
"The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality."
"CrowdStrike is well priced. On a yearly basis, it costs between $60 and $100 per user."
"The pricing and licensing are fairly good. It is definitely not a cheap product, but I have felt that it is worth the money that we spent. So, we have discussed it in the past, and were like, "Yes, it is probably pricier than some other solutions, but we also feel they really are the leader. We are very comfortable with their level of expertise. So, it's kind of worth the price that we pay.""
"CrowdStrike Falcon's price is good."
"​The product is affordable and user-friendly.​"
"EnCase is an affordable solution."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
903,996 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
11%
Manufacturing Company
10%
Computer Software Company
9%
Government
5%
Performing Arts
10%
Construction Company
10%
Financial Services Firm
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business55
Midsize Enterprise33
Large Enterprise63
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
Is Crowdstrike Falcon better than Trend Micro Deep Security?
I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform
EnCase eDiscovery
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Ontario Ministry of Government, Aerospace Company, Chesterfield Police Department
Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: June 2026.
903,996 professionals have used our research since 2012.