We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"This is stable and scalable."
"Fortinet is very user-friendly for customers."
"The price is low and quite competitive with others."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Scalability hasn't been an issue for us."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
"This solution has made the lives of the IT staff much easier, compared to the previous one."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The malware protection is the most valuable feature of CrowdStrike Falcon."
"The threat intelligence is the most valuable feature."
"The EDR and XDR features have been most valuable."
"The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality and cloud functionality as well."
"I rate the tool a ten out of ten when it comes to the ease of use or management part."
"Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."
"The solution is pretty easy to scale."
"The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations."
"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."
"The initial setup of CylancePROTECT is very easy."
"The most valuable feature of CylancePROTECT is the support."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The support needs improvement."
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"An improvement would be to extend support to legacy and unsupported servers."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"The Integration with tools, SOC tools, could be better."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"It needs real analysis of quarantined files. The EDR product isn't showing much right now."
"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."
"If they can add more features on top of their Persona feature that would be ideal."
"Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."
"It is hard to manage."
"CylancePROTECT's dashboard could be more user-friendly."
"An area for improvement in CylancePROTECT is its pricing, as it's a bit costly."
"The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 104 reviews while CylancePROTECT is ranked 27th in Endpoint Protection Platform (EPP) with 39 reviews. CrowdStrike Falcon is rated 8.6, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.