We performed a comparison between CrowdStrike Falcon and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet is very user-friendly for customers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The setup is pretty simple."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"We have seen a reduction to the performance hit to our operating systems."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"It's very easy to set up."
"The features I like the most are the response time and the dashboard are both excellent."
"The detection is very reliable. Also, OverWatch is a great feature."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"We use the solution to automate our SIEM tools and incidents."
"I have no complaints about Cortex's stability."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"It was useful as a ticketing tool."
"The pricing is very good."
"The product is quite easy to use."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Detections could be improved."
"We find the solution to be a bit expensive."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Forensic controls have room for improvement."
"In a future release, I would like to see more integrations for data breaches and security features."
"We sometimes get false positives."
"Some of Falcon's features are a bit pricey."
"The current database schema presents challenges and has potential for improvement."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"The user interface could be a bit better."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"XSOAR could have more integration options."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
"The dashboard performance could be improved."
"The solution's correlation rules and playbooks should be improved."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. CrowdStrike Falcon is rated 8.8, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Microsoft Sentinel, Fortinet FortiSOAR and Torq.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.