We performed a comparison between CrowdStrike Falcon and OpenText EnCase eDiscovery based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"The stability is very good."
"Fortinet is very user-friendly for customers."
"The product's initial setup phase is very easy."
"This is stable and scalable."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Ability to get forensics details and also memory exfiltration."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The EDR and XDR features have been most valuable."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"The threat intelligence is the most valuable feature."
"The initial setup was straightforward."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"The solution is very stable."
"The most important feature we've found is the Enscripts. That is one powerful feature that I, personally, love to use."
"It indexes much faster, and is more reflexive because of the Enscripts."
"Data Recovery: Its ability to repair damaged partitions and uncover hidden partitions from within the tool, and allow further analysis."
"The technical support is excellent."
"I like the processing feature on the product because it does everything at once, i.e, indexing, recovery, keyword searches, etc."
"It speeds up the process, so I can meet my deadlines."
"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Detections could be improved."
"The support needs improvement."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The dashboard isn't easy to access and manage."
"The overall cost of CrowdStrike Falcon could be reduced."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible."
"There are some areas where some customers would prefer a different service."
"I would like to see the machine learning feature enhanced."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"The management of log aggregation is in need of improvement."
"This solution could be improved with greater scope for admins to make changes to the solution."
"The reporting is a bit unreliable. It needs to be better."
"Sometimes the application can take more time to complete the image processing or fail at the end of the process."
"In the past, incident response time for tech support was slow."
"There were minor UI bugs."
"We have come across problems with the end-case. We could not find an email discovery type of module and there was not flexibility with the email."
"I would like to see a capability to ingest and absorb more data. That would be really good. It currently is lacking this function."
"Ease of use and learning curve need improvement."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while OpenText EnCase eDiscovery is ranked 6th in eDiscovery with 8 reviews. CrowdStrike Falcon is rated 8.8, while OpenText EnCase eDiscovery is rated 7.8. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of OpenText EnCase eDiscovery writes "A stable and scalable hybrid solution with easy setup". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas OpenText EnCase eDiscovery is most compared with Nuix eDiscovery, Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), Microsoft Purview eDiscovery and kCura Relativity. See our CrowdStrike Falcon vs. OpenText EnCase eDiscovery report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.