We performed a comparison between CrowdStrike Falcon and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's initial setup phase is very easy."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The solution was relatively easy to deploy."
"The most valuable feature is the analysis, because of the beta structure."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"This is stable and scalable."
"Impressive detection capabilities"
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"The sandbox functionality is fantastic."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"Every single feature has been invaluable."
"The great thing is that if you get a malicious email and you try to run something, ThreatLocker is not going to let it do anything. It is not going to let anything infect your network."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution is not stable."
"Making the portal mobile friendly would be helpful when I am out of office."
"I haven't seen the use of AI in the solution."
"Detections could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The dashboard isn't easy to access and manage."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"It can be expensive depending on the features you select."
"I would like to see a more accurate integration and an option to check the local machine."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"The Integration with tools, SOC tools, could be better."
"The reporting could be improved."
"Adding applications to the allowlist can sometimes feel overwhelming."
"More visibility in the built-ins would be nice."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"There are some times when applications get submitted, the hashes don't really line up."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"ThreatLocker Allowlisting needs to improve its user interface and overall workflow."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while ThreatLocker Protect is ranked 26th in Endpoint Protection Platform (EPP) with 13 reviews. CrowdStrike Falcon is rated 8.8, while ThreatLocker Protect is rated 9.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Huntress, GravityZone Business Security and Fortinet FortiClient. See our CrowdStrike Falcon vs. ThreatLocker Protect report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.