We performed a comparison between CrowdStrike Falcon and Cybereason Endpoint Detection & Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It is an easy product to deploy."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"I like the Overwatch feature the most."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The feature I like the most is the solution's detection."
"CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."
"I haven't had any issues with the solution. Stability-wise, I rate the solution a ten out of ten."
"For me, the technical support is good."
"Cybereason's threat hunting and investigation are the most valuable features. Threat hunting is a user-friendly feature that keeps you safe. Investigation offers an added value that I haven't seen with other EDR services. It allows you to find specific policy problems within your environment."
"They do a very good job of providing multi-stage visualizations of malicious operations that immediately show all attack details across all devices and users. Since it is MalOp-centric model, you can see if there has been a similar operation across multiple machines. If it is the same thing appearing on multiple machines, you see all the machines and users affected in one screen."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"The dashboard is very good and you can consider it as an interactive UI."
"What I like most about Cybereason Endpoint Detection & Response is the support because the support is good. The solution is also easy to use, and it has a dashboard. Everything is good, and there's no problem with it."
"FortiEDR can be improved by providing more detailed reporting."
"The only minor concern is occasional interference with desired programs."
"Cannot be used on mobile devices with a secure connection."
"Detections could be improved."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Too many false positives."
"The portal can be clunky to navigate at times and has room for improvement."
"The ability to receive text alerts natively in the console would be kind of cool."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"There are some areas where some customers would prefer a different service."
"The price is too high."
"The network coverage becomes an issue most of the time."
"The integration with Microsoft solutions and Microsoft capabilities needs to be improved."
"Its Microsoft PowerShell protections still need some compatibility improvements. We have run across just a few. It is compatible with 90% of what we have in our network, but there is that 10% that we are still struggling with as far as compatibility with the type of PowerShell scripts needed to run our day-to-day business."
"They need to improve their technical support services."
"There can be problems with the EDI."
"Compared to our previous endpoint, we have a lot more false positives and a lot more duplication of alerts. So we're chasing more alerts."
"The reporting feature needs improvement."
"Cybereason does not have sandbox functionality."
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews. CrowdStrike Falcon is rated 8.8, while Cybereason Endpoint Detection & Response is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Cybereason Endpoint Detection & Response is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace, SentinelOne Singularity Complete and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.