We compared CrowdStrike Falcon and Darktrace based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: In comparing CrowdStrike Falcon to Darktrace, their setup experiences differ as CrowdStrike Falcon is generally easier and more straightforward, while Darktrace's setup can be more challenging and time-consuming. CrowdStrike Falcon is praised for its ability to identify and update threats without signatures, while Darktrace is valued for its diverse range of threat detection models and autonomous network monitoring. However, CrowdStrike Falcon lacks certain capabilities like on-demand scanning and ransomware protection, while Darktrace could improve by reducing false positives and simplifying configuration. The pricing for CrowdStrike Falcon is considered a good value for its provided features, while Darktrace's pricing is generally seen as expensive but justifiable. Both products have generally positive feedback regarding their technical support, but there are some areas that could be improved.
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The product detects and blocks threats and is more proactive than firewalls."
"This is stable and scalable."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"NGAV and EDR features are outstanding."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The price is low and quite competitive with others."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"The most valuable features are the complete IPS and IDS."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"What I like about Darktrace, is that you can quickly identify threats."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"We liked their approach to identifying intrusions or network anomalies using AI."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We find the solution to be a bit expensive."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Cannot be used on mobile devices with a secure connection."
"The solution is not stable."
"The only minor concern is occasional interference with desired programs."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"The Integration with tools, SOC tools, could be better."
"They don't really have anything when it comes to scanning attachments."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"The price point for the product was too high for what our possible use case could be."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"A reporting portal could be a great addition to help customize reports."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"The interface is too mathematical and it should be simplified."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 101 reviews while Darktrace is ranked 13th in Email Security with 65 reviews. CrowdStrike Falcon is rated 8.6, while Darktrace is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Darktrace is most compared with Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi @reviewer1799568,
Most of these comparisons are opinions and some tests are done in specific conditions that might not suit or reflect your organization's needs and roadmap. Ultimately, the cost of a mistake is a data breach and not just an audit finding or operational discomfort.
I mention this because there are no viable shortcuts. I suggest you test the solutions thoroughly in your own environment to see what works for you.
The gaming floor is hopefully "air-gapped" and the solution should respect that segregation and still provide great security and visibility. One of the challenges is security updates.
For such an environment you would need comprehensive AI and machine learning. I suggest you look at the difference between IOC and IOA.
IOA vs IOC: Defining & Understanding The Differences | CrowdStrike. (Please also check other sources).
Good luck and stay safe!
The pros and cons of Darktrace vs Crowdstrike Falcon vs alternative EPP solutions are something worth looking at before making a decision on which one is the best fit for your particular needs.
Darktrace is an AI-based cyber security solution that uses machine learning to identify threats faster and with greater accuracy than traditional approaches. It works by continuously scanning the network, learning its normal behavior, and then detecting anomalies or malicious activities in real-time. This can provide your business with an early warning system to alert you to potential attacks before they have a chance to do major damage. One of the biggest advantages of Darktrace is that it’s able to work without relying on vulnerable signatures, meaning no matter how complex or sophisticated an attack may be, it will still be detected. The other benefit here is the scalability—Darktrace can quickly scale up as needed in order to protect larger networks rapidly changing over time.
CrowdStrike Falcon is another popular endpoint protection platform touted for its cloud-based architecture and advanced threat prevention capabilities. Similar to Darktrace, it has some powerful detection technologies but differs slightly in terms of how it works as well as what kind of threats it’s designed for. While Darktrace focuses mainly on malware protection, Falcon primarily focuses on preventing data exfiltration attempts or unauthorized accesses from outside sources such as remote hackers or phishing emails trying to steal information stored inside your system files or databases etcetera CrowdStrike also offers a cloud-native approach which means they can update their signature database nearly instantaneously against any new forms of attack so you don’t need to worry about attackers finding ways around their protections even if they manage one vulnerability first time round. The downside here though could be a lack of control in terms of what type/level updates you choose – this varies depending upon the subscription level chosen by users.
Alternative EPP solutions include those offered by vendors such as Symantec Endpoint Protection (SEP) and McAfee, these often have greater coverage when compared with software like CrowdStrike, however, you should bear in mind that these providers tend not only to charge more expensively but they also come bundled with additional features like anti-virus software, etc., which depending upon your desired goal may prove superfluous thus leading ultimately into cost waste rather than efficiency gain. SEP notably boosts robust customization abilities whereby customers are given generous freedom within setup policies - allowing them fine grain authority over endpoints rules set up e.g. whether particular application file types can run, allowing internet connection, etc. (elements not quite present within CrowdStrike) – although again there comes significant added expense via extra licenses required plus paywall obscurity associated with product tiers being unclear until we eventually reach checkout point.
In conclusion, all three services outlined here offer good suite options for businesses seeking out endpoint protection platforms. Each has respective strengths and weaknesses so careful analysis should help weigh out the pros and cons faced overall - consider particularly well whether the price tag is commensurate with potential user experience value gained meanwhile considering deeply what levels customizability offered suits own demands perfectly prior to forging ahead towards whichever choice deemed most suitable!
Hi.
I am told that Darktrace is a complimentary product that doesn't do any endpoint protection.