We performed a comparison between CrowdStrike Falcon and Open EDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Ability to get forensics details and also memory exfiltration."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Forensics is a valuable feature of Fortinet FortiEDR."
"NGAV and EDR features are outstanding."
"The most valuable feature is the analysis, because of the beta structure."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"Scalability hasn't been an issue for us."
"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The SIEM could be improved."
"ZTNA can improve latency."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The dashboard isn't easy to access and manage."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"FortiEDR can be improved by providing more detailed reporting."
"Detections could be improved."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"An improvement would be to extend support to legacy and unsupported servers."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"The performance could be better."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"Comodo includes a firewall and antivirus in one solution. I also like the ability to remotely manage update packages on your systems. Comodo can even find a lost device and secure it remotely."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Open EDR is ranked 46th in Endpoint Detection and Response (EDR) with 1 review. CrowdStrike Falcon is rated 8.8, while Open EDR is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Open EDR writes "I also like the ability to remotely manage update packages on your systems, and the fact that there is an open source version". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Open EDR is most compared with Trellix Endpoint Security (ENS), SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Sangfor Endpoint Secure and Bitdefender GravityZone Ultra Plus.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.