We performed a comparison between CrowdStrike Falcon and Cybereason Endpoint Detection & Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The price is low and quite competitive with others."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The most valuable feature is the analysis, because of the beta structure."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
"CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."
"The anomaly detection is the most valuable feature."
"For me, the technical support is good."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"The interface is user-friendly."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"It gives all the information in a clear response."
"The solution should address emerging threats like SQL injection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I haven't seen the use of AI in the solution."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Making the portal mobile friendly would be helpful when I am out of office."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The pricing is a bit too high."
"The current database schema presents challenges and has potential for improvement."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"As the company has grown, the technical support has felt less personal."
"They don't really have anything when it comes to scanning attachments."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"The price is too high."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"I feel that the product lacks reporting features and needs improvement."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"The reporting feature needs improvement."
"There can be problems with the EDI."
"They need to improve their technical support services."
"While the product is very good, there are still some areas for improvement. The initial triage area could be a bit simpler. They get into the weeds real fast; it gets very detailed very fast. I am still looking for an easier triage layer on top with the ability to dig deeper."
"The deployment on individual endpoints is more geared toward larger organizations. It might prove to be a bit too complicated for a smaller organization. You need to know what you're doing when you're deploying the sensor."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews. CrowdStrike Falcon is rated 8.8, while Cybereason Endpoint Detection & Response is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Cybereason Endpoint Detection & Response is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace, SentinelOne Singularity Complete and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.