We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Ability to get forensics details and also memory exfiltration."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The product's initial setup phase is very easy."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The UI is simple and self-explanatory. Everything is easy to understand."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"Easy to use, intelligent, and stable threat detection software."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"Scalability hasn't been an issue for us."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."
"One of the best features of the solution is that it's easy to deploy."
"The solution is very quick at easily changing the levels of protection for each computer and the server."
"What's most valuable in CylancePROTECT is the optics feature. I also like its easy-to-use and user-friendly dashboard and monitoring system."
"I find the actual overall endpoint malware protection the most valuable feature of CylancePROTECT."
"The most valuable feature of CylancePROTECT is the support."
"It is extremely simple to manage and deploy."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"I haven't seen the use of AI in the solution."
"The solution should address emerging threats like SQL injection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"ZTNA can improve latency."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The SIEM could be improved."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"CrowdStrike Falcon needs to improve their host management system."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"It should provide more details about the events that they have detected."
"I would like to see them fix the alerting system so that the endpoint reporting is a bit more streamlined."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"CylancePROTECT could be improved in its technical support and communication."
"The solution’s user interface could be improved."
"The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems."
"Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 40 reviews. CrowdStrike Falcon is rated 8.8, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and VMware Carbon Black Endpoint. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.