No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Falcon vs OpenText EnCase eDiscovery comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CrowdStrike Falcon
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
139
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (TIP) (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (2nd), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (2nd)
OpenText EnCase eDiscovery
Average Rating
7.8
Reviews Sentiment
7.7
Number of Reviews
8
Ranking in other categories
eDiscovery (8th)
 

Mindshare comparison

Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
CrowdStrike Falcon9.3%
SentinelOne Singularity Endpoint5.9%
Wazuh4.9%
Other79.9%
Extended Detection and Response (XDR)
eDiscovery Mindshare Distribution
ProductMindshare (%)
OpenText EnCase eDiscovery3.8%
kCura Relativity5.5%
Microsoft Purview eDiscovery4.8%
Other85.9%
eDiscovery
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Chetan Bhati - PeerSpot reviewer
Network Security Engineer at Arrow PC Network Pvt Ltd
Cloud-native security has improved real-time threat detection and streamlined daily operations
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful. The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
Alejandro Stromer - PeerSpot reviewer
Director Consulting SAP OpenText en Entelgy at DCL Consultores EIM SL
A stable and scalable hybrid solution with easy setup
The solution is scalable. It has three levels. You have the presentation area that can be escalated to the balance sheet. You have the back-end area that can be escalated using higher viability to configure more application servers. Also, the area of storage can be increased. We usually cater to enterprise solutions but have small- and medium-sized customers. It starts with 25 users and goes up to 100s and 1000s.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Palo Alto Networks Traps improves our security posture and lowers risk by providing next-gen methods to combat against modern threats on all the major platforms."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"I don't have to do much monitoring with it; I don't have to have anybody manually looking at this, it gives us reports, and it lets us know if something needs to be addressed, and we can easily address it."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"Once you become familiar with it, Cortex XDR by Palo Alto Networks is a more powerful tool and I would say that I prefer it over MDE because it is a stronger tool for me."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"I like the Overwatch feature the most."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The feature I like the most is the solution's detection."
"We have seen a reduction to the performance hit to our operating systems."
"Everything you need to know is right there in a single dashboard."
"We can protect against the worst level of attacks."
"The most important feature we've found is the Enscripts, as it allows me to customize the scripts and deploy them as and how I need them, for example to segregate and index files efficiently."
"The technical support is excellent."
"It indexes much faster, and is more reflexive because of the Enscripts."
"It speeds up the process, so I can meet my deadlines."
"It is a very useful tool; it is worth buying irrespective of price."
"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."
"Data Recovery: Its ability to repair damaged partitions and uncover hidden partitions from within the tool, and allow further analysis."
"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."
 

Cons

"The deployment is pretty hard."
"As an improvement, I would like to see enhanced connection speeds."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"The only issues that we have are, one the cost, two the dashboard is not very intuitive, even though you can drill down within the dashboard, we usually have to gather information from other sources to determine locations and if its a false positive."
"A better pricing plan would make this product more competitive."
"They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
"I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products."
"We can't do scanning audits or device blocking or application control."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"The solution isn't known in my market. The brand isn't as recognizable. Their shortcomings are more on the marketing side."
"They should provide us with good visibility for everything."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"With CrowdStrike, we have found that there are a few missed detections. We would not say it is completely reliable or 100% reliable, however, the ratio of missed detection is more in CrowdStrike."
"I'm concerned about the recent issue that involved a faulty update."
"I would like to see a capability to ingest and absorb more data. That would be really good. It currently is lacking this function."
"This is not the program I would suggest for a newbie using to learn. It is just too expensive for the full experience, and the student versions, while very good, are just for that, students."
"​Sometimes the application can take more time to complete the image processing or fail at the end of the process.​"
"There were minor UI bugs."
"In the past, incident response time for tech support was slow."
"From a customer service standpoint, this is unacceptable."
"I suggest that if the mobile phone acquisition is embedded in the Encase law enforcement version, it would be very useful."
"Ease of use and learning curve need improvement."
 

Pricing and Cost Advice

"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"I don't have any issues with the pricing. We are satisfied with the price."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"Very costly product."
"The cost depends on your chosen license type, like Pro or other licenses."
"This is an expensive solution."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."
"Pricing and licensing seem to be in line with what they offer. We are a smaller organization, so pricing is important. Obviously, we would make a business case if it is something we really needed or felt that we needed. So, the pricing is in line with what we are getting from a product standpoint."
"Different components are additional price points. We got the components that were right for us, but other organizations may require more (or less) components to suit their needs."
"Crowdstrike Falcon is relatively cheap."
"CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team."
"CrowdStrike Falcon is more expensive than other EDR solutions with similar features."
"The price of CrowdStrike Falcon is reasonable."
"When comparing to Microsoft, CrowdStrike Falcon is more expensive."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
"EnCase is an affordable solution."
"We have a license. And, we found the cost high. We contacted them and talked to them about the ratio of the US dollar versus the Indian rupee and then we came to a solution."
"​The product is affordable and user-friendly.​"
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
11%
Manufacturing Company
10%
Computer Software Company
9%
Government
5%
Performing Arts
10%
Construction Company
10%
Financial Services Firm
7%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
By reviewers
Company SizeCount
Small Business54
Midsize Enterprise34
Large Enterprise63
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
Is Crowdstrike Falcon better than Trend Micro Deep Security?
I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...
Ask a question
Earn 20 points
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform
EnCase eDiscovery
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Ontario Ministry of Government, Aerospace Company, Chesterfield Police Department
Find out what your peers are saying about CrowdStrike, SentinelOne, TrendAI and others in Extended Detection and Response (XDR). Updated: June 2026.
902,988 professionals have used our research since 2012.