We performed a comparison between CrowdStrike Falcon Complete and Sophos MDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The case interface is Binary Defense MDR's most valuable feature."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"Binary Defense has a human service department that provides live monitoring for our systems."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"What I found most valuable in CrowdStrike Falcon Complete is that it has a lot of monitoring dashboards and use cases, and I saw that it's a very good product, but my company has only tested it, so it's not been used for real use cases. My company hasn't tested the complete license for CrowdStrike Falcon Complete, so the team hasn't checked the open fiber rooms for zero-day attacks, IOAs and IOCs, or any indicators of fraudulent activities. I was also amazed at the solution and its licensing. My company did a competitive analysis of many EDR solutions, but it went with CrowdStrike Falcon Complete. It's one of the top-rated solutions on CyberRatings as well."
"I find the incident management feature valuable because it identifies new types of viruses and sends an alert to the console administrator to check the hardware."
"The most valuable feature of Falcon Complete is that it is a full security operations center (SOC) as well as a SIEM solution, and it is fully managed. Their security teams are working 24/7 and analyzing everything happening on all endpoints. They also take care of the instant response, which includes disconnecting endpoints, taking over the endpoints and fixing them, and ransomware protection. All of these things are most valuable because it is very difficult to get all the resources in-house to do all of that yourself. So, if you can leverage the experience of a global corporation with the best reputation in the market, and it is fully managed, that's the best."
"Technical support is helpful."
"CrowdStrike Falcon Complete's most valuable features are efficient dashboards and their ease of management."
"I am not a CrowdStrike fanboy, but as an IT leader, they make my life easy. I like proactive monitoring and remediation, so I do not have to guess or run around. They are doing everything for me."
"The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution."
"The initial setup was easy."
"The user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents."
"There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks."
"The solution is stable."
"The most valuable feature of the Sophos Managed Threat Response is the central management capabilities and monitoring."
"It is a scalable solution."
"The product’s most valuable feature is ease of use."
"The product’s most valuable features are integration and endpoint protection."
"The product’s most valuable feature is rapid response."
"It's hard to think of anything that they need to improve on, but just to point out something, I would like to see them provide advanced XDR."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The current reporting system could benefit from improvement."
"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."
"I would like to get more reports from Binary Defense about what they're blocking."
"In a future release, it would be ideal if they could add reporting and action histories to their suite of features."
"Like any other solution, a lower price would make CrowdStrike Falcon Complete more appealing."
"Some dashboards can be very complex, but once you get to know them, it is very logical."
"Falcon could use more SIEM capabilities, like a central place to monitor all our clients."
"The logging features aren't robust and the information isn't kept long enough."
"The solution should be lighter because it currently uses a lot of computing sources."
"We have a problem with the CrowdStrike Falcon Complete agent. It was closing the communication with the network or other computers."
"Instead of a single dashboard with an overload of information, I favor a more user-friendly approach with an interactive dashboard."
"It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more."
"Multitenancy features of Sophos Managed Threat Response should be improved. You cannot use the solution for multiple clients."
"They should improve XDR and threat protection capabilities for zero-day attacks."
"It could be more secure."
"The reports should be more comprehensive and easier to organize."
"Sophos MDR's support and basic training of their devices could be improved."
"Threat intelligence is an area for improvement for MDR."
"Sophos MDR’s pricing is the biggest factor that needs improvement per customers and technical professionals."
CrowdStrike Falcon Complete is ranked 1st in Managed Detection and Response (MDR) with 75 reviews while Sophos MDR is ranked 5th in Managed Detection and Response (MDR) with 21 reviews. CrowdStrike Falcon Complete is rated 8.6, while Sophos MDR is rated 8.6. The top reviewer of CrowdStrike Falcon Complete writes "Great next-generation antivirus with breach warranty and good intrusion protection". On the other hand, the top reviewer of Sophos MDR writes "Proactive protection, scalability, and cloud-based efficiency". CrowdStrike Falcon Complete is most compared with Arctic Wolf Managed Detection and Response, Blackpoint Cyber MDR, Secureworks Taegis ManagedXDR, Red Canary and Huntress, whereas Sophos MDR is most compared with SentinelOne Vigilance, Arctic Wolf Managed Detection and Response, Trend Micro Managed XDR, Bitdefender MDR and Microsoft Defender Experts for Hunting. See our CrowdStrike Falcon Complete vs. Sophos MDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
