We performed a comparison between CrowdStrike Falcon and Kaspersky Endpoint Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet is very user-friendly for customers."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Ability to get forensics details and also memory exfiltration."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"I like the detection rates of mobile threats."
"We haven't had any infections or down time."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"One of the good features is the provider's Faulting capability. If any of our systems detect malware, we can check the behavior of the malware by sending it to Kaspersky's sandbox environment. This helps us assess how destructive the malware is. After analyzing it, we can create use cases and protection measures based on that behavior. So, this is the best feature of Kaspersky."
"Kaspersky EDR is far superior to other products. It gives detailed information about malware, geolocation, and more. Also, the agent itself is very lightweight compared to other products. The packages and updates were quite small in size, just a few KBs."
"Stability-wise, I rate the solution a ten out of ten."
"From my point of view, one of the best aspects of Kaspersky Endpoint Detection and Response is its high detection rate, which surpasses many other solutions. Its valuable features include behavior detection, threat prevention, device control, adaptive anomaly control, and centralized protection detection."
"It is a stable solution...It is a very scalable solution."
"We have a concept of working from home. Most endpoints are not in the domain. It is our first line of defense. While we had Kaspersky deployed, it gave good insight into the upcoming challenge or threat."
"The advanced detection features are valuable."
"The product's initial setup phase was easy."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The solution should address emerging threats like SQL injection."
"FortiEDR can be improved by providing more detailed reporting."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The SIEM could be improved."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The overall cost of CrowdStrike Falcon could be reduced."
"Some of Falcon's features are a bit pricey."
"They should provide us with good visibility for everything."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"This solution could be improved with greater scope for admins to make changes to the solution."
"The detection time has room for improvement."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"There is room for improvement in its user interface."
"There are certain shortcomings with the UI of the solution. The UI is not at all user-friendly."
"It needs improvement in communication between the network and endpoint, as well as between endpoint and server."
"Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security."
"The solution must provide better security."
"I want to be able to use the product as a patch management tool for my endpoints since it is an area that is not working effectively for me."
"The main issue was compatibility with the cloud itself. The CPU usage immediately spiked, causing the machines to hang and sometimes even forcing server or computer restarts."
"Incorporating an AI protection tool with the capability to detect and prevent zero-day threats, particularly those with a five-star rating in terms of severity would be beneficial."
More Kaspersky Endpoint Detection and Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Kaspersky Endpoint Detection and Response is ranked 24th in Endpoint Detection and Response (EDR) with 16 reviews. CrowdStrike Falcon is rated 8.8, while Kaspersky Endpoint Detection and Response is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Kaspersky Endpoint Detection and Response writes "Provides the ability to send detected malware to Kaspersky's sandbox environment for behavioral analysis". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Kaspersky Endpoint Detection and Response is most compared with Sangfor Endpoint Secure. See our CrowdStrike Falcon vs. Kaspersky Endpoint Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
