We performed a comparison between AgileBlue and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"In addition to managing the SOC, they offer Endpoint Detection and Response (EDR) capabilities for servers and systems. What stood out for us is the product's lightweight nature, unlike other EDRs we evaluated that tend to be system-intensive. This lightweight feature significantly piqued our interest and influenced our decision to use the solution. The solution is stable. I rate it a seven out of ten. The solution is scalable. I rate it an eight out of ten. The support team is remarkably prompt. They quickly resolve any issues we encounter. The initial setup was straightforward. With strong timings and BSLAs, AgileBlie stands out when compared to competitors."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"The EDR and XDR features have been most valuable."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"Easy to use, intelligent, and stable threat detection software."
"At this point what is most valuable is the interface, which is easy to navigate."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"We should be able to use the product on devices like Apple, Linux, etc."
"There is always room for improvement. There's potential for further enhancement in the capabilities of the EDR. However, there are positive changes we are satisfied with. They revamped the dashboard, addressing a previous issue."
"Forensic controls have room for improvement."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"The management of the solution could improve."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"The performance could be better."
AgileBlue is ranked 25th in Extended Detection and Response (XDR) with 1 review while CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews. AgileBlue is rated 8.0, while CrowdStrike Falcon is rated 8.8. The top reviewer of AgileBlue writes "A Lightweight Solution Offering a Seamless Experience". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". AgileBlue is most compared with SentinelOne Singularity Complete, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
