We performed a comparison between CrowdStrike Falcon and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet is very user-friendly for customers."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It is stable and scalable."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The most valuable feature is the analysis, because of the beta structure."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"There's almost no maintenance required. It's very low if there's any at all."
"We haven't had any infections or down time."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"Scalability is good. We have had no issues with it."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"We like Falcon's network visibility. We can see how threats are evolving on PCS or in the company network. The solution's real-time incident response is very fast."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"ThreatLocker Allowlisting has all of these features integrated into one console, making it effective."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"Using ThreatLocker is effortless because I can access it from an app on my phone, so I can help clients after hours. My client had an issue while I was at dinner, and I didn't have a tech on the problem, but I could deal with it from my phone. I can see what the client is doing and approve or deny it. It helps me deliver better service to my clients when they need it."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"The interface is clean and well-organized, making it simple to navigate and find what we need."
"The support needs improvement."
"FortiEDR can be improved by providing more detailed reporting."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Cannot be used on mobile devices with a secure connection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution should address emerging threats like SQL injection."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"The Integration with tools, SOC tools, could be better."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"The snapshots used in the ThreatLocker University portal are outdated snippets and have not been updated in conjunction with the portal itself."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"Adding applications to the allowlist can sometimes feel overwhelming."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"We identified several areas that we would like to see improved."
"The reporting could be improved."
"One area I see for improvement is in the visibility of support tickets within the ThreatLocker ticketing system."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while ThreatLocker Protect is ranked 26th in Endpoint Protection Platform (EPP) with 13 reviews. CrowdStrike Falcon is rated 8.8, while ThreatLocker Protect is rated 9.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Huntress, GravityZone Business Security and Fortinet FortiClient. See our CrowdStrike Falcon vs. ThreatLocker Protect report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Ransomware Protection vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
