We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"NGAV and EDR features are outstanding."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Ability to get forensics details and also memory exfiltration."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"The initial setup was straightforward."
"The stability is good; we haven't experienced any glitches or bugs."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"The stability is very good."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"I like the overall reports of this solution. They are crisp, and to the point."
"Blackberry Protect offers endpoint protection. It's easy to deploy. It's scalable and stable."
"On the management side, we liked the way it displays things."
"It is extremely simple to manage and deploy."
"CylancePROTECT is very stable - we've had no issues with performance and no errors or bugs."
"The solution is very quick at easily changing the levels of protection for each computer and the server."
"It secures different entry points into the network."
"Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."
"Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We'd like to see more one-to-one product presentations for the distribution channels."
"ZTNA can improve latency."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution should address emerging threats like SQL injection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I haven't seen the use of AI in the solution."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"CrowdStrike should add support for ransomware protection."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"We'd like to see more integration capabilities."
"We sometimes get false positives."
"It should have better support for Windows and Mac."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"The solution should implement AI in the product."
"Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."
"It's a good solution but some features just need to be updated."
"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."
"rom my experience interacting with the primary or the central administrative console, it's quite complex. You would need a fair bit of technical experience to set it up, implement and maintain it. That would be one area for improvement."
"I would like to see them fix the alerting system so that the endpoint reporting is a bit more streamlined."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 40 reviews. CrowdStrike Falcon is rated 8.8, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and VMware Carbon Black Endpoint. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.