We compared CrowdStrike Falcon and Darktrace based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: In comparing CrowdStrike Falcon to Darktrace, their setup experiences differ as CrowdStrike Falcon is generally easier and more straightforward, while Darktrace's setup can be more challenging and time-consuming. CrowdStrike Falcon is praised for its ability to identify and update threats without signatures, while Darktrace is valued for its diverse range of threat detection models and autonomous network monitoring. However, CrowdStrike Falcon lacks certain capabilities like on-demand scanning and ransomware protection, while Darktrace could improve by reducing false positives and simplifying configuration. The pricing for CrowdStrike Falcon is considered a good value for its provided features, while Darktrace's pricing is generally seen as expensive but justifiable. Both products have generally positive feedback regarding their technical support, but there are some areas that could be improved.
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The setup is pretty simple."
"It is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The solution was relatively easy to deploy."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"This is stable and scalable."
"Fortinet is very user-friendly for customers."
"The most valuable feature is its threat analysis."
"The initial setup is very simple."
"The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"I find the complete portfolio to be excellent."
"A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"FortiEDR can be improved by providing more detailed reporting."
"I haven't seen the use of AI in the solution."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution is not stable."
"I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."
"The detection time has room for improvement."
"The management of log aggregation is in need of improvement."
"CrowdStrike Falcon could improve if it became an XDR. When we look only to an end-point, we lost the context of the environment. I know it's another line of design of the product. However, if CrowdStrike becomes an XDR, it could be very good."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"CrowdStrike should add support for ransomware protection."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"The interface is too mathematical and it should be simplified."
"The pricing is a bit high for the region."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"I think there is some MSSP missing."
"I believe their network monitoring device licensing module could use some improvement."
"Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."
"Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Darktrace is ranked 13th in Email Security with 65 reviews. CrowdStrike Falcon is rated 8.8, while Darktrace is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and VMware Carbon Black Endpoint, whereas Darktrace is most compared with Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi @reviewer1799568,
Most of these comparisons are opinions and some tests are done in specific conditions that might not suit or reflect your organization's needs and roadmap. Ultimately, the cost of a mistake is a data breach and not just an audit finding or operational discomfort.
I mention this because there are no viable shortcuts. I suggest you test the solutions thoroughly in your own environment to see what works for you.
The gaming floor is hopefully "air-gapped" and the solution should respect that segregation and still provide great security and visibility. One of the challenges is security updates.
For such an environment you would need comprehensive AI and machine learning. I suggest you look at the difference between IOC and IOA.
IOA vs IOC: Defining & Understanding The Differences | CrowdStrike. (Please also check other sources).
Good luck and stay safe!
The pros and cons of Darktrace vs Crowdstrike Falcon vs alternative EPP solutions are something worth looking at before making a decision on which one is the best fit for your particular needs.
Darktrace is an AI-based cyber security solution that uses machine learning to identify threats faster and with greater accuracy than traditional approaches. It works by continuously scanning the network, learning its normal behavior, and then detecting anomalies or malicious activities in real-time. This can provide your business with an early warning system to alert you to potential attacks before they have a chance to do major damage. One of the biggest advantages of Darktrace is that it’s able to work without relying on vulnerable signatures, meaning no matter how complex or sophisticated an attack may be, it will still be detected. The other benefit here is the scalability—Darktrace can quickly scale up as needed in order to protect larger networks rapidly changing over time.
CrowdStrike Falcon is another popular endpoint protection platform touted for its cloud-based architecture and advanced threat prevention capabilities. Similar to Darktrace, it has some powerful detection technologies but differs slightly in terms of how it works as well as what kind of threats it’s designed for. While Darktrace focuses mainly on malware protection, Falcon primarily focuses on preventing data exfiltration attempts or unauthorized accesses from outside sources such as remote hackers or phishing emails trying to steal information stored inside your system files or databases etcetera CrowdStrike also offers a cloud-native approach which means they can update their signature database nearly instantaneously against any new forms of attack so you don’t need to worry about attackers finding ways around their protections even if they manage one vulnerability first time round. The downside here though could be a lack of control in terms of what type/level updates you choose – this varies depending upon the subscription level chosen by users.
Alternative EPP solutions include those offered by vendors such as Symantec Endpoint Protection (SEP) and McAfee, these often have greater coverage when compared with software like CrowdStrike, however, you should bear in mind that these providers tend not only to charge more expensively but they also come bundled with additional features like anti-virus software, etc., which depending upon your desired goal may prove superfluous thus leading ultimately into cost waste rather than efficiency gain. SEP notably boosts robust customization abilities whereby customers are given generous freedom within setup policies - allowing them fine grain authority over endpoints rules set up e.g. whether particular application file types can run, allowing internet connection, etc. (elements not quite present within CrowdStrike) – although again there comes significant added expense via extra licenses required plus paywall obscurity associated with product tiers being unclear until we eventually reach checkout point.
In conclusion, all three services outlined here offer good suite options for businesses seeking out endpoint protection platforms. Each has respective strengths and weaknesses so careful analysis should help weigh out the pros and cons faced overall - consider particularly well whether the price tag is commensurate with potential user experience value gained meanwhile considering deeply what levels customizability offered suits own demands perfectly prior to forging ahead towards whichever choice deemed most suitable!
Hi.
I am told that Darktrace is a complimentary product that doesn't do any endpoint protection.