Try our new research platform with insights from 80,000+ expert users

BlackBerry Cylance Cybersecurity vs CrowdStrike Falcon comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
19th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
CrowdStrike Falcon
Ranking in Endpoint Protection Platform (EPP)
2nd
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
126
Ranking in other categories
Security Information and Event Management (SIEM) (6th), Threat Intelligence Platforms (2nd), Endpoint Detection and Response (EDR) (1st), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st), Continuous Threat Exposure Management (CTEM) (2nd)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.5% compared to the previous year. The mindshare of CrowdStrike Falcon is 11.1%, up from 9.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Q&A Highlights

Miriam Tover - PeerSpot reviewer
Jun 27, 2019
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
Chintan-Vyas - PeerSpot reviewer
Easy to set up with good behavior-based analysis but needs a single-click recovery option
Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its setup is simple if you have a Windows device; it is executable."
"Has good RAM capacity for the power I need"
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"It does a good job of protecting us."
"It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect."
"In most cases, the solution's ability to detect in the MITRE framework, and its ability to be able to detect attacks in any one of seven or eight different areas of the life cycle of an attack is very useful."
"The deployment of updates is easy."
"The solution’s AI is its most valuable feature."
"We haven't had any infections or down time."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"The platform is very scalable."
"The product provides good monitoring features."
"Its integration capability is valuable. It integrates easily with any OS."
"EDR is effective in CrowdStrike."
"The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
 

Cons

"The user interface is outdated."
"The stability could be improved."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"The price for this EPP platform is expensive and could be improved."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."
"The security scripting needs improvement. It needs deeper security for scripting."
"The solution’s technical support could be improved."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"CrowdStrike costs a little more than its competitors."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"The pricing structure should allow for some flexibility."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
 

Pricing and Cost Advice

"Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice."
"We went through a third party initially to do the renewal, but we won't be renewing, we will move on to something else."
"We would just add more if there are new users, but right now you just need one license for per user."
"The tool is not that expensive."
"CylancePROTECT is worth the money, but I'm not sure of its exact price. I can't remember off the top of my head."
"It's not so heavily priced; rather, it's average and decent."
"The product cost is about $5, per user, per month."
"The solution provides me with competitive pricing."
"There are three to four licensing models available to choose from for CrowdStrike Falcon. The price of CrowdStrike Falcon depends on the distributor and the reseller partner. The price we received was good."
"Annual licensing."
"The licensing model is straightforward. We choose the features we want and we then can download the package we want."
"The pricing could be reduced. If it was more reasonable that would be great."
"CrowdStrike Falcon is more expensive than other EDR solutions with similar features."
"All I can say about the licensing cost is that it's negotiable."
"The solution isn't very costly; it's affordable."
"We pay 40,000 dirhams per 100 users."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Answers from the Community

Miriam Tover - PeerSpot reviewer
Jun 27, 2019
Jun 27, 2019
Both Cylance and CrowdStrike are amongst the few top of the market in terms or endpoint protection. CrowdStrike was considered among the top 5 in 2017 and Cylance was considered the same in 2019. As they are both highly effective, CrowdStrike is very unique in its user-friendliness, while Cylance is very unique for its minimum utilization of computer's resources. If you compare initial pricing,...
2 out of 3 answers
Dan Brunnquell - PeerSpot reviewer
Jun 25, 2019
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.
AA
Jun 26, 2019
Both Cylance and CrowdStrike are amongst the few top of the market in terms or endpoint protection. CrowdStrike was considered among the top 5 in 2017 and Cylance was considered the same in 2019. As they are both highly effective, CrowdStrike is very unique in its user-friendliness, while Cylance is very unique for its minimum utilization of computer's resources. If you compare initial pricing, you would go with Cylance, but you can always negotiate with both to get the best offers.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Manufacturing Company
12%
Government
8%
Financial Services Firm
7%
Computer Software Company
15%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Blackberry Protect
CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
Information Not Available
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. CrowdStrike Falcon and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.