We performed a comparison between CrowdStrike Falcon and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The price is low and quite competitive with others."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The product's initial setup phase is very easy."
"The solution was relatively easy to deploy."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"I get alerts when scripts are detected in the environment."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"The initial setup was straightforward."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"I like the overall reports of this solution. They are crisp, and to the point."
"It is a scalable solution."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"The product can automate security tasks."
"What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used."
"Palo Alto is easy to use."
"The automation is excellent."
"It is quite scalable. I would rate it a ten out of ten."
"The solution is very reliable."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution is not user-friendly."
"It takes about two business days for initial support, which is too slow in urgent situations."
"I haven't seen the use of AI in the solution."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Detections could be improved."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"Unfortunately, native applications are not supported."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"They should provide us with good visibility for everything."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."
"The solution's correlation rules and playbooks should be improved."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"Its dashboard features need improvement."
"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"It is been decommissioned by Palo Alto."
"It doesn't offer automatic internet reports out of the box."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"The solution is complicated to learn."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. CrowdStrike Falcon is rated 8.8, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Microsoft Sentinel, Fortinet FortiSOAR and Torq.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.