We performed a comparison between CrowdStrike Falcon and LogRhythm SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The most valuable feature is the analysis, because of the beta structure."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"NGAV and EDR features are outstanding."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is an easy product to deploy."
"I like the Overwatch feature the most."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"It's given me a level of confidence that my network is secure."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"AXON has the ability to add and compare use cases."
"SOAR is integrated with the dashboard that we use for threat management. Because it's all integrated, it is useful for us when we deploy something on-prem."
"LogRhythm NextGen SIEM is customizable, simple to manage, and there are many features. The solution does not require an expert to be able to use it, anyone can use it."
"It seems like it will scale easily with the way our environment is set up."
"NextGen SIEM's most valuable feature is its user-friendliness."
"The artificial intelligence engine."
"LogRhythm has increased productivity because all the tools that we need are in the web UI, allowing us to find threats on our network fast and efficiently."
"I find LogRhythm's log management capabilities to be beneficial."
"FortiEDR can be improved by providing more detailed reporting."
"Making the portal mobile friendly would be helpful when I am out of office."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The SIEM could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"They should provide us with good visibility for everything."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"We sometimes get false positives."
"CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good."
"An improvement would be to extend support to legacy and unsupported servers."
"We've tried to work with a couple of engineering department guys there. We've called them and called them but we never hear anything back."
"LogRhythm NextGen SIEM is currently based only on the Windows platform. This means that some of our customers have to purchase a Windows license elsewhere. If LogRhythm can move to a Linux platform or a proprietary platform, it would be very helpful."
"For our market, the solution is quite expensive. It would be ideal if they could work on and improve their existing pricing plans to help make it more affordable in our country."
"I would like to see more integration with more products that are out there within the same security field."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"The customer support system is time-consuming."
"The initial setup is complex. We are using a LogRhythm partner, at least for the first three years, to help with the monitoring and the deployment of it. We are not a big enough environment where we have people that we can dedicate to it right now."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while LogRhythm SIEM is ranked 6th in Security Information and Event Management (SIEM) with 166 reviews. CrowdStrike Falcon is rated 8.8, while LogRhythm SIEM is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of LogRhythm SIEM writes "The solution reduced our investigation time from days to hours and assists in managing our workflows". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas LogRhythm SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Microsoft Sentinel, Wazuh and Rapid7 InsightIDR.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.