We performed a comparison between Anomali ThreatStream and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out what your peers are saying about Recorded Future, Microsoft, Check Point Software Technologies and others in Threat Intelligence Platforms."The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The initial setup is a very fast process."
"The anomaly detection is the most valuable feature."
"The solution can scale easily."
"The detection and response console is the most valuable feature."
"The most valuable features are the complete IPS and IDS."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"Less code in integration would be nice when building blocks."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"This solution could be improved with greater scope for admins to make changes to the solution."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time."
"Some of Falcon's features are a bit pricey."
Anomali ThreatStream is ranked 6th in Threat Intelligence Platforms with 1 review while CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 110 reviews. Anomali ThreatStream is rated 7.0, while CrowdStrike Falcon is rated 8.6. The top reviewer of Anomali ThreatStream writes "Easy and quick credential monitoring; tech support could be improved". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". Anomali ThreatStream is most compared with Recorded Future, ThreatConnect Threat Intelligence Platform (TIP), ThreatQ, Splunk Enterprise Security and Group-IB Threat Intelligence, whereas CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Trend Vision One.
We monitor all Threat Intelligence Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
