We performed a comparison between CrowdStrike Falcon and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Ability to get forensics details and also memory exfiltration."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"The solution offers great stability."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"Falcon's best feature is its detection and blocking of threats."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"It is a scalable solution and very easy to use."
"The product provides a one-click recovery of encrypted files."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The dashboard isn't easy to access and manage."
"The solution should address emerging threats like SQL injection."
"I haven't seen the use of AI in the solution."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Detections could be improved."
"The support needs improvement."
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The pricing structure should allow for some flexibility."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"Trellix does not support Linux and Mac."
"The CPU utilization of the product is quite high compared to its competitors."
"The technical support must be improved."
"The console has a lot of bugs, and it creates many issues."
"The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"The graphical view for nodes must be increased."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, Microsoft Defender for Endpoint and Trend Vision One. See our CrowdStrike Falcon vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.