We performed a comparison between CrowdStrike Falcon and Symantec Endpoint Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution was relatively easy to deploy."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The stability is very good."
"Ability to get forensics details and also memory exfiltration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The product detects and blocks threats and is more proactive than firewalls."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The stability is good; we haven't experienced any glitches or bugs."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"The detection is very reliable. Also, OverWatch is a great feature."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"We haven't had any infections or down time."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"The solution is stable."
"The Detection vulnerability is very effective."
"The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network."
"A great feature of this solution is that it is very well-integrated with antivirus software. Other ADR solutions are implemented as single technologies and are not integrated with the provider, but Symantec offers AV plus ADR."
"The solution can scale well."
"The solution does its job with no issues."
"There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good."
"The interface is quite easy to use."
"The solution should address emerging threats like SQL injection."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The only minor concern is occasional interference with desired programs."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We find the solution to be a bit expensive."
"Making the portal mobile friendly would be helpful when I am out of office."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"Technical support could be better than what is currently offered."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"Unfortunately, native applications are not supported."
"I would like to see the machine learning feature enhanced."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"We'd like to see more integration capabilities."
"The solution can always be more stable and more secure."
"It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product."
"While they are quite dynamic, they need to ensure they are detecting threats faster in the future to keep people safer."
"The GUI could be better."
"In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
"Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
"It should be easier to deploy Symantec's client for end-users."
"The network forensics feature could be improved."
More Symantec Endpoint Detection and Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Symantec Endpoint Detection and Response is ranked 25th in Endpoint Detection and Response (EDR) with 28 reviews. CrowdStrike Falcon is rated 8.8, while Symantec Endpoint Detection and Response is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Symantec Endpoint Detection and Response writes "A highly stable and affordable solution for detecting and preventing security threats". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Symantec Endpoint Detection and Response is most compared with Microsoft Defender for Endpoint, Trend Vision One, Kaspersky Endpoint Detection and Response Expert, Bitdefender GravityZone EDR and Trellix Endpoint Security (ENS). See our CrowdStrike Falcon vs. Symantec Endpoint Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.