We performed a comparison between CrowdStrike Falcon and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have FortiEDR installed on all our systems. This protects them from any threats."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The solution was relatively easy to deploy."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The product's initial setup phase is very easy."
"The product detects and blocks threats and is more proactive than firewalls."
"The feature I like the most is the solution's detection."
"All the features are beneficial."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"It is an easy product to deploy."
"The initial setup is very simple."
"The most valuable feature is its threat analysis."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"The interface is clean and well-organized, making it simple to navigate and find what we need."
"ThreatLocker Allowlisting has all of these features integrated into one console, making it effective."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"Every single feature has been invaluable."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"The great thing is that if you get a malicious email and you try to run something, ThreatLocker is not going to let it do anything. It is not going to let anything infect your network."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The support needs improvement."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Cannot be used on mobile devices with a secure connection."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The pricing is a bit too high."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"Adding applications to the allowlist can sometimes feel overwhelming."
"Something we have come up against a couple of times is that we have two clients that are software developers. They create software that doesn't have digital signatures and that's not easy to categorize or whitelist with ThreatLocker. We have to go in and make custom rules to allow them to do their work and to be protected from malicious threats."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"The reporting could be improved."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"We identified several areas that we would like to see improved."
"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while ThreatLocker Protect is ranked 26th in Endpoint Protection Platform (EPP) with 13 reviews. CrowdStrike Falcon is rated 8.8, while ThreatLocker Protect is rated 9.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Huntress, GravityZone Business Security and Fortinet FortiClient. See our CrowdStrike Falcon vs. ThreatLocker Protect report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.