We performed a comparison between CrowdStrike Falcon and Palo Alto Networks Cortex XSOAR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The solution was relatively easy to deploy."
"Fortinet is very user-friendly for customers."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Forensics is a valuable feature of Fortinet FortiEDR."
"This is stable and scalable."
"The stability is very good."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It is an easy product to deploy."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"The features I like the most are the response time and the dashboard are both excellent."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The anomaly detection is the most valuable feature."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"The product can automate security tasks."
"The most valuable feature is automation."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"We use the solution to automate our SIEM tools and incidents."
"I am satisfied with the product overall."
"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I haven't seen the use of AI in the solution."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We'd like to see more one-to-one product presentations for the distribution channels."
"FortiEDR can be improved by providing more detailed reporting."
"The SIEM could be improved."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The current database schema presents challenges and has potential for improvement."
"CrowdStrike Falcon needs to improve their host management system."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"I would like to see the machine learning feature enhanced."
"The portal can be clunky to navigate at times and has room for improvement."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"We'd like to see more integration capabilities."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"It is been decommissioned by Palo Alto."
"There is room for improvement in support. The response time could be faster."
"The dashboard could be better."
"The price of the solution could be improved."
"Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations."
"The solution should be made a bit cheaper."
"There should be an on-premise version available for customers to have different choices."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews. CrowdStrike Falcon is rated 8.8, while Palo Alto Networks Cortex XSOAR is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Microsoft Sentinel, Fortinet FortiSOAR and Exabeam Fusion SIEM.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.