We performed a comparison between CrowdStrike Falcon and Palo Alto Networks AutoFocus based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The product detects and blocks threats and is more proactive than firewalls."
"The product's initial setup phase is very easy."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It is stable and scalable."
"Fortinet is very user-friendly for customers."
"NGAV and EDR features are outstanding."
"The solution was relatively easy to deploy."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"It is an easy product to deploy."
"I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The most valuable feature is its threat analysis."
"The solution is silent and sits on your system as one single agent."
"Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
"The logs play a crucial role as they contribute to blocking unwanted Internet traffic."
"The feature that I like best is the dashboard."
"It integrates well with other solutions and provides good threat intelligence in terms of external threats."
"I am impressed with the tool's integration of Palo Alto products which serves as a platform for security."
"The most valuable feature is alerting."
"The solution is not user-friendly."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The only minor concern is occasional interference with desired programs."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution is not stable."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"CrowdStrike Falcon needs to improve their host management system."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"The detection time has room for improvement."
"They respond quickly on the weekdays, but the weekend response times are slower."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"The management reporting functionality needs to be improved."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"It is a completely cloud-based product at present."
"I would like to have more technical documentation that contains greater detail on the types of threats that are occurring."
"It would be better if they used the threat intelligence feeds directly from their side and changing the verdict instead of us requesting it."
"It would be helpful to have better documentation for configuring and installing the solution."
"I would like the tool to see more integration with Cortex XDR. There is no real reason to keep them separate."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 110 reviews while Palo Alto Networks AutoFocus is ranked 11th in Threat Intelligence Platforms with 5 reviews. CrowdStrike Falcon is rated 8.6, while Palo Alto Networks AutoFocus is rated 7.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Palo Alto Networks AutoFocus writes "Impressive performance and monitoring capabilities but lacks in documentation". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Palo Alto Networks AutoFocus is most compared with ThreatConnect Threat Intelligence Platform (TIP), Anomali ThreatStream, VirusTotal, LogRhythm SIEM and Cisco Threat Grid. See our CrowdStrike Falcon vs. Palo Alto Networks AutoFocus report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
