We performed a comparison between Code42 Incydr and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is pretty simple."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The most valuable feature is the analysis, because of the beta structure."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Impressive detection capabilities"
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Code42 Next-Gen DLP is scalable."
"It had the ability to preseed by sending in a data drive and could restore by sending the user a data drive."
"Security tools: Being able to monitor data going in and coming off our endpoints. Seeing what it is and where it's going is awesome."
"Risk factors can be adjusted for all intricate details."
"Works in the background and users are able to perform restores."
"It required very little ongoing maintenance once setup."
"There are a couple of things. One of them is that they have what they call Incydr. Their detection and response solution to the insider threat area is called Incydr. That gives visibility to the clients that have widely dispersed employee bases due to work from home, or that had a dispersed workforce predating any of the work from home requirements. Even though they might not be inside the organization physically, they're inside the organization. It allows us to get some visibility into what people are doing, what the context is, and how to control what might be the potential for intellectual property theft or file exposure."
"Backup and recovery have been great, but I love having the ability to keep the hybrid type build which they offer."
"We like Falcon's network visibility. We can see how threats are evolving on PCS or in the company network. The solution's real-time incident response is very fast."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"Falcon's best feature is its detection and blocking of threats."
"The most valuable feature is its threat analysis."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"It is an easy product to deploy."
"The dashboard isn't easy to access and manage."
"The solution should address emerging threats like SQL injection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution is not stable."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Java, please get rid of Java."
"In a couple of instances, we had a little bit of trouble in getting it distributed throughout the organization. We ultimately managed to do it, but they talk about it being a pretty simple process, and it became a little laborious. It would just turn away. The agents were not being distributed. It was just churning and churning and churning. When we were looking for specific categories of data, it was getting bogged down, but that was not even so much Code42, although some of it was their issue."
"I think one we can improve is the compression."
"Due to recent changes that effectively abandoned an entire segment of their user base, I no longer trust nor can recommend Code42 products."
"More security would be nice, I would love to be able to remotely brick a stolen laptop and it's hard disk drive (HDD)."
"There doesn't seem to be any feature that is lacking."
"I would like to see more flexibility on privileges, perhaps create another kind of admin for regions. Also, I would like the ability to access logs without having to be on the actual device or a super-admin."
"What I think could be improved is how I get support."
"Falcon could include more integrative features."
"The portal can be clunky to navigate at times and has room for improvement."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."
Code42 Incydr is ranked 42nd in Endpoint Detection and Response (EDR) with 78 reviews while CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews. Code42 Incydr is rated 9.0, while CrowdStrike Falcon is rated 8.8. The top reviewer of Code42 Incydr writes "Provides comprehensive visibility and protection, helps in identifying the gaps in security, and comes with excellent onboarding support". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". Code42 Incydr is most compared with Threat Detection, Investigation & Response (TDIR) Platform, Microsoft Purview Data Loss Prevention, Morphisec, Forcepoint Data Loss Prevention and MetaDefender Kiosk, whereas CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint. See our Code42 Incydr vs. CrowdStrike Falcon report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.