We performed a comparison between CrowdStrike Falcon and Group-IB Threat Intelligence based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The product's initial setup phase is very easy."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"NGAV and EDR features are outstanding."
"The product detects and blocks threats and is more proactive than firewalls."
"It is stable and scalable."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"I like the feature called RTC, the remote time connector."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"The EDR and XDR features have been most valuable."
"The automatic alert feature is the most important feature of the solution."
"The solution can scale easily."
"It's given me a level of confidence that my network is secure."
"At this point what is most valuable is the interface, which is easy to navigate."
"Threat Intelligence's best feature is threat activation."
"We have found the site intelligence features to be the most valuable."
"The most valuable Group-IB Threat Intelligence features are their detections, especially in terms of account and card information leakage. This data sets Group-IB apart from some of the competition."
"The tool's most valuable feature is the sandbox."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Cannot be used on mobile devices with a secure connection."
"Making the portal mobile friendly would be helpful when I am out of office."
"The solution is not stable."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"Forensic controls have room for improvement."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"The detection time has room for improvement."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"They should provide us with good visibility for everything."
"They respond quickly on the weekdays, but the weekend response times are slower."
"The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often."
"The web intelligence could be improved. It is not as good as the intelligence from other solutions."
"Threat Intelligence's OT security could be improved."
"Group-IB Threat Intelligence should improve integration for SIEM and SOAR solutions."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Group-IB Threat Intelligence is ranked 8th in Threat Intelligence Platforms with 4 reviews. CrowdStrike Falcon is rated 8.8, while Group-IB Threat Intelligence is rated 8.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Group-IB Threat Intelligence writes "Easy to setup, highly stable and scalable and efficiently tracks threat actors and analyze their tactics". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Group-IB Threat Intelligence is most compared with Recorded Future, Kaspersky Threat Intelligence Services, Mandiant Advantage, Anomali ThreatStream and LogRhythm SIEM. See our CrowdStrike Falcon vs. Group-IB Threat Intelligence report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.