We performed a comparison between AgileBlue and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The summarization of emails is a valuable feature."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"In addition to managing the SOC, they offer Endpoint Detection and Response (EDR) capabilities for servers and systems. What stood out for us is the product's lightweight nature, unlike other EDRs we evaluated that tend to be system-intensive. This lightweight feature significantly piqued our interest and influenced our decision to use the solution. The solution is stable. I rate it a seven out of ten. The solution is scalable. I rate it an eight out of ten. The support team is remarkably prompt. They quickly resolve any issues we encounter. The initial setup was straightforward. With strong timings and BSLAs, AgileBlie stands out when compared to competitors."
"The initial setup is a very fast process."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"The features I like the most are the response time and the dashboard are both excellent."
"We haven't had any infections or down time."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"Falcon's best feature is its detection and blocking of threats."
"It's very easy to set up."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"There is always room for improvement. There's potential for further enhancement in the capabilities of the EDR. However, there are positive changes we are satisfied with. They revamped the dashboard, addressing a previous issue."
"This solution is relatively expensive."
"The pricing is a bit too high."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"Forensic controls have room for improvement."
"The ability to receive text alerts natively in the console would be kind of cool."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
AgileBlue is ranked 25th in Extended Detection and Response (XDR) with 1 review while CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 105 reviews. AgileBlue is rated 8.0, while CrowdStrike Falcon is rated 8.8. The top reviewer of AgileBlue writes "A Lightweight Solution Offering a Seamless Experience". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". AgileBlue is most compared with SentinelOne Singularity Complete, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.