We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The product's initial setup phase is very easy."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The solution can scale easily."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"Scalability hasn't been an issue for us."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"It's very easy to set up."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"It handles situations that the other threat management tools wouldn't find. It has worked well covering the weaker sides of the other products that we're integrating."
"What's most valuable in CylancePROTECT is the optics feature. I also like its easy-to-use and user-friendly dashboard and monitoring system."
"It does a good job of protecting us."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"I like the AI and mathematical components that they use."
"The most valuable feature of CylancePROTECT is the support."
"The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background."
"The solution is easy to deploy."
"Cannot be used on mobile devices with a secure connection."
"I haven't seen the use of AI in the solution."
"The solution is not stable."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution should address emerging threats like SQL injection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"The pricing is a bit too high."
"They respond quickly on the weekdays, but the weekend response times are slower."
"CrowdStrike costs a little more than its competitors."
"Unfortunately, native applications are not supported."
"While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."
"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."
"It is hard to manage."
"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."
"The user interface is outdated."
"The solution’s user interface could be improved."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 40 reviews. CrowdStrike Falcon is rated 8.8, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and VMware Carbon Black Endpoint. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.