We performed a comparison between CrowdStrike Falcon and Uptycs based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Protection Platform (EPP)."The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"Probably the most valuable thing to me is the real-time response piece. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. Pretty much no other tool can do all that."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution."
"We haven't had any infections or down time."
"The most valuable features of CrowdStrike Falcon are the AI in detecting and real-time detections."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"They have multiple great features."
"We should be able to use the product on devices like Apple, Linux, etc."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"There is room for improvement in managing multiple customer IDs."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies."
"Tighter integration around XDR could be included."
"Forensic controls have room for improvement."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"We end up facing a lot of issues after upgrades."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while Uptycs is ranked 51st in Endpoint Protection Platform (EPP) with 1 review. CrowdStrike Falcon is rated 8.8, while Uptycs is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Uptycs writes "Great features, good support, and lots of functionality". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Uptycs is most compared with Aqua Cloud Security Platform, Wiz, Orca Security and Lacework.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.