CrowdStrike Falcon vs Symantec Endpoint Detection and Response comparison

CrowdStrike Falcon vs. Symantec Endpoint Detection and Response

December 2025

Download the complete report

Helped 879,927 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

7.2

CrowdStrike Falcon boosts productivity and ROI by reducing costs and improving security without impacting system performance.

Sentiment score

1.0

Symantec Endpoint Detection and Response enhances security, reduces incident response time, saves costs, and increases productivity through its automated features.

CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.

BambangTrisilo

IT consultant at Asuransi Ramayana

It's very easy to deploy without many IT admins, saving time.

Dipak M Gohil

IT Manager at Jord International Pty Ltd

For more quotes and insights, download the CrowdStrike Falcon report

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Customer Service

Sentiment score

7.0

CrowdStrike Falcon customer service is efficient and helpful, though some users report delays or expertise gaps in support.

Sentiment score

6.0

Symantec Endpoint Detection and Response's support is mixed, with effective local help but issues with outsourced assistance post-Broadcom acquisition.

On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.

Mahmoud Younes

CyberSecurity Architects at VaporVM

The CrowdStrike team is very efficient; I would rate them ten out of ten.

Security Analyst at NTT Ltd

They could improve by initiating calls for high-priority cases instead of just opening tickets.

For more quotes and insights, download the CrowdStrike Falcon report

Information Security Specialist at Arab Open University

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Scalability Issues

Sentiment score

7.8

CrowdStrike Falcon offers seamless, scalable security solutions for businesses of all sizes, integrating easily with minimal administrative effort.

Sentiment score

5.2

Symantec Endpoint Detection and Response is praised for scalability, global presence, and versatile deployment, despite some flexibility concerns.

It has adequate coverage and is easy to deploy.

For more quotes and insights, download the CrowdStrike Falcon report

Senior Principal Information Security Analyst at Veritas Technologies LLC

In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.

Mahmoud Younes

CyberSecurity Architects at VaporVM

There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.

Bhupesh-Sharma

Large account Manager at Softcell Technologies Limited

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Stability Issues

Sentiment score

8.1

CrowdStrike Falcon is highly stable and reliable, with minor glitches, appreciated for its cloud-based architecture and proactive support.

Sentiment score

6.2

Symantec EDR is mostly stable and reliable, with improved updates, minor bugs, and varying user ratings from seven to nine.

I have never seen instability in the CrowdStrike tool.

Security Analyst at NTT Ltd

We are following N-1 versions across our environment, which is stable.

Senior Principal Information Security Analyst at Veritas Technologies LLC

The biggest issue occurred when every computer worldwide experienced a blue screen.

For more quotes and insights, download the CrowdStrike Falcon report

Information Security Specialist at Arab Open University

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Room For Improvement

CrowdStrike Falcon needs improved integration, reporting, and user experience, with better support, pricing, customization, and API features.

Symantec EDR requires improvements in reporting, integration, user interface complexity, scalability, stability, support, and AI-driven analytics.

Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.

Security Analyst at NTT Ltd

Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.

For more quotes and insights, download the CrowdStrike Falcon report

Senior Principal Information Security Analyst at Veritas Technologies LLC

Threat prevention should be their first priority.

Bhim Arora

Group Manager at HCLSoftware

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Setup Cost

CrowdStrike Falcon is a premium, competitively priced solution with variable pricing, often negotiated, offering free trials for easy evaluation.

Symantec EDR pricing varies, influenced by deployment type and endpoints, with mixed user opinions on affordability and value.

It is expensive compared to SentinelOne, but as the market leader, it is worth it.

Senior Principal Information Security Analyst at Veritas Technologies LLC

The licensing cost and setup costs are affordable.

Rojal Barreto

Computer Engineer at OIC, Alshirawi

The solution is a bit expensive.

For more quotes and insights, download the CrowdStrike Falcon report

Information Security Specialist at Arab Open University

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Valuable Features

CrowdStrike Falcon offers AI-driven threat detection and lightweight agent for efficient, real-time endpoint security with seamless integration.

Symantec Endpoint Detection and Response provides comprehensive, scalable, and user-friendly security features with integration, automation, and effective threat protection.

I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.

Security Analyst at NTT Ltd

The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.

Mahmoud Younes

CyberSecurity Architects at VaporVM

Being an EDR solution, it helps us identify attacks in real-time.

For more quotes and insights, download the CrowdStrike Falcon report

Information Security Specialist at Arab Open University

No quotes available

For more quotes and insights, download the Symantec Endpoint Detection and Response report

Categories and Ranking

CrowdStrike Falcon

Ranking in Endpoint Detection and Response (EDR)

1st

Average Rating

8.6

Reviews Sentiment

7.3

Number of Reviews

136

Ranking in other categories

Security Information and Event Management (SIEM) (6th), Endpoint Protection Platform (EPP) (1st), Threat Intelligence Platforms (TIP) (1st), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (1st), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (1st)

Symantec Endpoint Detection...

Ranking in Endpoint Detection and Response (EDR)

48th

Average Rating

7.6

Reviews Sentiment

5.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of January 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of CrowdStrike Falcon is 9.1%, down from 15.5% compared to the previous year. The mindshare of Symantec Endpoint Detection and Response is 0.6%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Detection and Response (EDR) Market Share Distribution
Product	Market Share (%)
CrowdStrike Falcon	9.1%
Symantec Endpoint Detection and Response	0.6%
Other	90.3%

Endpoint Detection and Response (EDR)

Featured Reviews

Provides effective real-time threat detection with potential for cost optimization

Information Security Specialist at Arab Open University

Some features such as device control, firewall management, and file analysis are standalone products that we need to purchase separately. If these features came out of the box within the product, it would be much more beneficial for us. Other providers such as SentinelOne include these features in their base product. We attended a CrowdStrike Falcon event where they discussed some shallow AI features, but we cannot see these in our panel yet. We work with different solutions such as Darktrace and SocRadar, where AI features are automatically displayed in our dashboards after release. However, for CrowdStrike Falcon, we cannot see these features.

Read full review

YusufAhmed

Information Security Specialist at IHV-Nigeria

Easy to use and competitively priced

Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product. The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.

See recommendations

879,927 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Financial Services Firm

10%

Manufacturing Company

Government

University

11%

Manufacturing Company

10%

Comms Service Provider

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	34
Large Enterprise	62

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	7
Large Enterprise	9

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

What do you like most about Symantec Endpoint Detection and Response?

The security is good.

What is your experience regarding pricing and costs for Symantec Endpoint Detection and Response?

I am not aware of the pricing details, as that falls under the management's responsibility.

What needs improvement with Symantec Endpoint Detection and Response?

While the prices for technical issues in Symantec Endpoint Detection and Response are good, as a partner of Symantec, it is very difficult to sell this product because they have a challenging partn...

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Comparisons

Compared 4% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 3% of the time

Microsoft Defender XDR vs CrowdStrike Falcon

Compared 3% of the time

Darktrace vs CrowdStrike Falcon

Compared 2% of the time

SentinelOne Singularity Complete vs CrowdStrike Falcon

Compared 2% of the time

More CrowdStrike Falcon Competitors

Kaspersky Endpoint Detection and Response Expert vs Symantec Endpoint Detection and Response

Compared 12% of the time

Kaspersky Endpoint Security Cloud vs Symantec Endpoint Detection and Response

Compared 10% of the time

Trellix Endpoint Security Platform vs Symantec Endpoint Detection and Response

Compared 8% of the time

Fortinet FortiEDR vs Symantec Endpoint Detection and Response

Compared 7% of the time

SentinelOne Singularity Complete vs Symantec Endpoint Detection and Response

Compared 7% of the time

More Symantec Endpoint Detection and Response Competitors

Product Reports

Download CrowdStrike Falcon product report

CrowdStrike Falcon

January 2026

Symantec Endpoint Detection and Response

December 2025

Symantec Endpoint Detection and Response report

Download Symantec Endpoint Detection and Response product report

Also Known As

CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform

No data available

Overview

CrowdStrike Falcon provides cutting-edge endpoint detection with automatic alerts, real-time monitoring, and seamless integration capabilities. Cloud-native architecture and AI-driven processes ensure scalable protection and efficient threat remediation.

CrowdStrike Falcon is recognized for its robust EDR and threat intelligence features that enhance security and streamline operations. Its lightweight agent minimizes system impact while offering real-time monitoring and detailed reporting. This platform uses cloud-native architecture for scalable, consistent protection, significantly reducing administrative demands. AI and machine learning empower precise threat hunting and behavioral analysis, which mitigates false positives and boosts cybersecurity efficiency. Users seek improvements in integration with other systems, reporting functions, and compatibility with specific operating systems. While the solution handles malware mitigation and threat response efficiently, suggestions for on-demand scanning, enhanced visibility, and better dashboard features are noted.

What are the key features of CrowdStrike Falcon?

Automatic Alert System: Provides instant alerts to enhance threat detection.
Robust EDR: Offers advanced endpoint detection capabilities.
Threat Intelligence: Delivers detailed insights for proactive security measures.
Real-time Monitoring: Enables continuous security assessments.
Seamless Integration Options: Streamlines operations with existing infrastructure.
Lightweight Agent: Minimizes system impact, maintaining performance efficiency.
Cloud-native Architecture: Provides scalable, consistent protection against threats.
AI and ML-driven Processes: Offers accurate threat hunting and behavioral analysis.

What benefits or ROI should users expect from CrowdStrike Falcon?

Enhanced Security: Comprehensive protection for endpoints using cutting-edge technologies.
Reduced Administrative Burden: Simplifies management of security incidents.
Efficient Threat Remediation: Minimizes downtime with quick threat response actions.
Improved Threat Visibility: Provides detailed reports and insights.
Scalable Protection: Ensures adaptable security measures across multiple devices.

In technology sectors, CrowdStrike Falcon commonly supports endpoint protection and threat response initiatives, allowing companies to replace traditional antivirus systems with more advanced solutions. In finance, it secures sensitive data across multiple platforms, ensuring compliance. In healthcare, real-time security analysis protects patient data on critical devices like servers and laptops, utilizing AI to enhance cybersecurity defenses.

CrowdStrike

Symantec Endpoint Detection and Response (EDR) is a powerful security solution designed to help organizations proactively detect, investigate, and mitigate advanced threats across their endpoint environments. As part of Broadcom's cybersecurity portfolio, Symantec EDR provides comprehensive visibility into endpoint activities, enabling security teams to quickly identify and respond to threats that evade traditional defenses.

Symantec EDR leverages machine learning, behavioral analysis, and global threat intelligence from Symantec's vast network to detect sophisticated threats, including zero-day attacks, ransomware, and advanced persistent threats (APTs). This allows organizations to identify malicious activities early and respond swiftly to mitigate potential damage. The solution offers automated response options that enable security teams to contain and remediate threats quickly.

Symantec EDR provides detailed forensic capabilities, allowing security analysts to dive deep into endpoint data, investigate incidents thoroughly, and understand the scope and impact of attacks. Features such as timeline analysis, incident graphing, and the ability to isolate endpoints enhance investigative efforts and support effective remediation strategies.

With its centralized management console, Symantec EDR offers visibility across the entire endpoint environment, regardless of the operating systems or whether endpoints are on-premise or remote. Symantec EDR seamlessly integrates with other Symantec security solutions, enhancing its detection capabilities and enabling a unified approach to threat management. Its scalable architecture ensures that businesses of all sizes can benefit from its advanced security features without compromising performance.

Quickly discover and resolve threats with deep endpoint visibility and superior detection analytics, reducing mean time to remediation. Overcome cyber security skills shortages and streamline SOC operations with extensive automation and built-in integrations for sandboxing, SIEM, and orchestration.

Fortify security teams with the unmatched expertise and global scale of Symantec Managed Endpoint Detection and Response services.
Roll out Endpoint Detection and Response (EDR) across Windows, macOS, and Linux devices using Symantec Endpoint Protection (SEP)-integrated EDR or a dissolvable agent.

Broadcom