We performed a comparison between CrowdStrike Falcon and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"It is stable and scalable."
"The setup is pretty simple."
"The stability is very good."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The solution was relatively easy to deploy."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"We haven't had any infections or down time."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."
"The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials."
"The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management."
"The password rotation and the session recording are the most valuable features."
"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."
"This is the number one product for privilege account security."
"The solution's technical support is good."
"The department management aspect of the solution is the most valuable aspect."
"ZTNA can improve latency."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Cannot be used on mobile devices with a secure connection."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The only minor concern is occasional interference with desired programs."
"FortiEDR can be improved by providing more detailed reporting."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"The installation process for this software needs to be simplified."
"The product could be more accurate in terms of performance."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"We have had some major issues with the tool, but we have worked with the R&D teams and we have worked with support. There is room for improvement, especially on response times. But they're working on it and they're doing the best they can."
"They need much better integration with Azure AD."
"CyberArk Endpoint Privilege Manager can be better by making its UI more consistent."
"The solution's pricing could be better."
"CyberArk meets clients' need very spot-on. It covers everything customers ask for. As for improvements, honestly, the feedback's been really positive. I haven't heard any specific areas that need work."
"Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources."
"The solution is very expensive."
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews. CrowdStrike Falcon is rated 8.8, while CyberArk Endpoint Privilege Manager is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CyberArk Endpoint Privilege Manager is most compared with BeyondTrust Endpoint Privilege Management, Microsoft Defender for Endpoint, CyberArk Privileged Access Manager, Tanium and SentinelOne Singularity Complete. See our CrowdStrike Falcon vs. CyberArk Endpoint Privilege Manager report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
