CrowdStrike Falcon and Cortex XDR by Palo Alto Networks are leading products in the cybersecurity space, focusing on endpoint protection and threat detection. Based on comparisons, while both have strong features, CrowdStrike Falcon tends to have the upper hand due to its seamless integrations and user-friendly cloud-native platform.
Features: CrowdStrike Falcon excels in sandbox analysis, real-time monitoring, and offers a robust machine learning-driven threat intelligence for anomaly detection. Cortex XDR utilizes strong integration with Palo Alto solutions and is praised for its behavioral analysis-based threat detection. It provides top-notch endpoint protection with tools like user behavioral analytics and a single-pane management view.
Room for Improvement: CrowdStrike Falcon could improve by adding device control, enhancing cybersecurity reports, and simplifying query language. It lacks certain advanced features like remote wipe capabilities and attack simulation. Cortex XDR can benefit from expanding mobile OS support, introducing a sandbox feature, and better third-party integration. Its high number of false positives indicates a need for refined threat detection strategies.
Ease of Deployment and Customer Service: CrowdStrike Falcon is versatile, supporting public, hybrid, and private cloud environments with generally efficient customer support, though some users report inconsistent response times. Having a Technical Account Manager can enhance support experience. Cortex XDR supports multiple cloud deployments and benefits from integration with other Palo Alto products, though users occasionally encounter challenges with technical support and knowledgeable representatives.
Pricing and ROI: CrowdStrike Falcon is seen as a premium product with a high cost justified by its strong feature set and excellent security benefits, offering good ROI by decreasing operational costs and downtime. Cortex XDR is also priced on the higher side, but its comprehensive threat detection features justify the expense. Both solutions provide significant ROI by enhancing security posture, although cost may be a consideration for smaller organizations.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.
Every vendor has similar support; it depends on how the case is handled and raised.
Their support is efficient and responsive whenever I raise a ticket through my portal.
I would rate technical support from Palo Alto on a scale from one to ten as an eight, as I find it good.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They could improve by initiating calls for high-priority cases instead of just opening tickets.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.
Cortex XDR is stable, offering high quality and reliable performance.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The biggest issue occurred when every computer worldwide experienced a blue screen.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
The licensing cost and setup costs are affordable.
The solution is a bit expensive.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
Being an EDR solution, it helps us identify attacks in real-time.
Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.
Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.
What features does Cortex XDR offer?Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.
CrowdStrike Falcon provides AI-powered endpoint detection and protection with minimal system impact. Its real-time monitoring and cloud-native design support efficient threat analysis and integration with other platforms, enhancing security management and workflow.
CrowdStrike Falcon is renowned for its comprehensive cybersecurity features, offering automatic threat analysis and AI-driven protection. Users appreciate its cloud-native flexibility and seamless integration capabilities. Its real-time monitoring, incident response, and vulnerability assessment deliver detailed insights and threat intelligence. Despite its robust features, improvements in integration with other technologies, dashboard functionalities, log management, and support for outdated systems are desired. Enhanced reporting, detailed malware analysis, and reduced false positives can improve user experiences. Organizations leverage Falcon for endpoint protection, threat detection, ransomware defense, and forensic investigations with its effective AI capabilities.
What are the key features of CrowdStrike Falcon?In finance and healthcare, CrowdStrike Falcon is implemented to protect against advanced threats and ensure compliance. Its AI-driven capabilities aid in real-time threat detection and vulnerability management, making it an essential tool for companies aiming to secure sensitive data and maintain operational continuity. Manufacturing sectors utilize it for securing production systems against potential cyber threats, ensuring uptime and safety. CrowdStrike Falcon's adaptable architecture benefits these industries by providing reliable protection across varied operating environments.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
