We performed a comparison between Forescout Platform and Crowdstrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: The Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Forescout users say the product could be better at resolving connectivity and license issues. Users also want more compatibility with different devices and operating systems, along with better logging and troubleshooting capabilities.
Service and Support: Some users reported positive experiences with Forescout support, but others requested better responsiveness and training. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: The total cost of Forescout Platform can be high depending on the level of customization and integration required. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Forescout Platform yields a solid ROI by improving network access control and overall security. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Forescout Platform is preferred over CrowdStrike Falcon due to its unmatched visibility, device fingerprinting, and configuration options. It is easy to set up, stable, reliable, and affordable. It offers a slew of valuable features like NAC, asset management, and vulnerability remediation.
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The most valuable feature is the network security."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The integration, visibility, vulnerability management, and device identification are valuable."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"At this point what is most valuable is the interface, which is easy to navigate."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"We really like that we get full visibility of devices in the local network."
"The most valuable feature of Forescout Platform is that it has everything that Aruba has at significantly less cost."
"Forescout has a feature that blocks the endpoint at the point of collection. It sets preconditions and will block the system if those aren't met."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"The most valuable features of the Forescout Platform are ease of management and outstanding visibility. The visibility is simple to obtain."
"The standout strength of this solution lies in its unique capability to effectively manage unmanaged switches."
"The actions that the agentless visibility, allow us to perform on the endpoint, are really amazing, especially in the way that it is done."
"I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The mobile app support for Android and iOS is difficult and needs improvement."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Intrusion detection and prevention would be great to have with 365 Defender."
"We can't do scanning audits or device blocking or application control."
"There are some areas where some customers would prefer a different service."
"The price is too high."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"The management reporting functionality needs to be improved."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"Although Forescout manages endpoints and network devices, there is no capability for user management."
"It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"Custom integrations need to be better."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"They need to handle their Tier 1 cases differently. The biggest negative regarding Forescout is their support. Not having the ability to get instantly transferred to a support engineer for Tier 1 cases is pretty ridiculous."
"The cost is too high."
"Search - needs boolean functionality (or pseudo operand now working)."
CrowdStrike Falcon is ranked 2nd in Extended Detection and Response (XDR) with 105 reviews while Forescout Platform is ranked 14th in Extended Detection and Response (XDR) with 69 reviews. CrowdStrike Falcon is rated 8.8, while Forescout Platform is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Armis. See our CrowdStrike Falcon vs. Forescout Platform report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.