We performed a comparison between CrowdStrike Falcon and Cybersixgill based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Ability to get forensics details and also memory exfiltration."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"This is stable and scalable."
"The price is low and quite competitive with others."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"NGAV and EDR features are outstanding."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The scalability is good."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"I like the detection rates of mobile threats."
"At this point what is most valuable is the interface, which is easy to navigate."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"There's almost no maintenance required. It's very low if there's any at all."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"The solution’s approach of using limited open source intelligence and focusing, instead, on the Deep Web and Dark Web is what seals the deal. That is why I like them. I have other tools that I can aggregate all the open source intelligence from. I value Cybersixgill because it provides access to things that no one else does."
"To be diligent for the customer, we usually go into Cybersixgill Investigative Portal to analyze and search things. The solution tells us the reputation of cyber threat actors. So, if someone has a reputation of one, it is a really bad idea to care about what that person is saying. However, if you find someone with a reputation of nine, then there is a high probability that we need to address the problem. You can get information about these type of actors in Cybersixgill Investigative Portal. They have a huge collection, which is like having the rules/goals of the dark web and deep web without having to go there. Our analysts avoid going dark web because they have Cybersixgill Investigative Portal and can get the news from their browser, searching wherever they want."
"The advanced analysis has made our security operations more efficient. It has also potentially given us quicker access to data that we might not have otherwise located."
"They also provide some of the greatest notification capabilities. I put in a customer's company name and domain names, or sometimes I put in their IP addresses as a keyword. Once Sixgill collects information that includes those keywords, they then provide us email notifications. That means we can catch information related to our customers as soon as possible."
"We find the solution to be a bit expensive."
"FortiEDR can be improved by providing more detailed reporting."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I've found that CrowdStrike's technical support could benefit from increased technical expertise."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"CrowdStrike Falcon could improve the EDR functionality. Once the functionality of the solution improves, it will be even better in the market and able to compete with Carbon Black."
"Unfortunately, native applications are not supported."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"Sixgill has strong capabilities based on search queries, but there is some difficulty in using Sixgill. Their querying is very powerful but it can be difficult. It's not hugely complex but you need some skill to use Sixgill querying."
"Regarding their scraping abilities, things could be solidified. There are definitely improvements that could be made on the specificity for setting certain queries."
"We need real-time updated information. If we could have this, it would be amazing. For example, if someone was posting something, then ten second later, it was on the platform. Sometimes, it takes a minute or hours right now, depending on the forum."
"The breadth of access to data is good, but there are gaps. More data would be my suggestion because the platform is good and I have no complaints about the system. I think it is just a case of always trying to get more data sources."
Earn 20 points
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Cybersixgill is ranked 50th in Vulnerability Management. CrowdStrike Falcon is rated 8.8, while Cybersixgill is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Cybersixgill writes "Provides early detection of imminent attacks, and speeds up addressing of vulnerabilities internally because it makes them real". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Cybersixgill is most compared with Recorded Future, Intel 471, ZeroFOX, Digital Shadows and IntSights. See our CrowdStrike Falcon vs. Cybersixgill report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.