Find out what your peers are saying about Microsoft, CrowdStrike, SentinelOne and others in Endpoint Protection Platform (EPP).
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.
Symantec Endpoint Security filled gaps in our toolset, particularly with the ability to control network firewall on hosts remotely, which was greatly appreciated.
Every vendor has similar support; it depends on how the case is handled and raised.
Their support is efficient and responsive whenever I raise a ticket through my portal.
I would rate technical support from Palo Alto on a scale from one to ten as an eight, as I find it good.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They could improve by initiating calls for high-priority cases instead of just opening tickets.
In some cases, it rates as high as ten out of ten, while in others, it can be as low as eight.
There is no support in the German language, which is a problem for many public tenders.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.
Symantec Endpoint Security is quite scalable, and it is very important for large clients.
The scalability of the servers is good, as it requires computational powers.
Cortex XDR is stable, offering high quality and reliable performance.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The biggest issue occurred when every computer worldwide experienced a blue screen.
I have encountered issues where I had to uninstall and reinstall the product on end users' computers to view the logs again.
Previously, we used to have multiple servers such as GUP servers and numerous servers for pushing updates, but we reduced it and transitioned almost 30,000 devices to CrowdStrike, which was easy to manage.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
Device management is not very good and I am not enabling it in my organization due to security reasons.
I would like to see improvements in the scanning part of the solution, specifically to enhance the CPU and hard disk usage during scanning and updates to prevent disruption during work hours.
It is cumbersome to use, particularly in handling firewall management.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
The licensing cost and setup costs are affordable.
The solution is a bit expensive.
It seems to be half the cost or more affordable than other solutions.
The pricing is very low compared to other companies like SentinelOne and others.
I rate the pricing, setup cost, and licensing around nine out of ten.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
Being an EDR solution, it helps us identify attacks in real-time.
Symantec Endpoint Security offers many valuable features, such as file explosion, application learning, DLP, injection detection, and EDR solutions for traffic control.
The incident response capabilities allow me to resolve authentication and support issues promptly, ensuring the system operates without downtime.
One important feature is the EDR function, necessary for many public customers due to upcoming laws in Germany, which is available through Symantec Endpoint Security Complete.
Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.
Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.
What features does Cortex XDR offer?Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.
CrowdStrike Falcon provides AI-powered endpoint detection and protection with minimal system impact. Its real-time monitoring and cloud-native design support efficient threat analysis and integration with other platforms, enhancing security management and workflow.
CrowdStrike Falcon is renowned for its comprehensive cybersecurity features, offering automatic threat analysis and AI-driven protection. Users appreciate its cloud-native flexibility and seamless integration capabilities. Its real-time monitoring, incident response, and vulnerability assessment deliver detailed insights and threat intelligence. Despite its robust features, improvements in integration with other technologies, dashboard functionalities, log management, and support for outdated systems are desired. Enhanced reporting, detailed malware analysis, and reduced false positives can improve user experiences. Organizations leverage Falcon for endpoint protection, threat detection, ransomware defense, and forensic investigations with its effective AI capabilities.
What are the key features of CrowdStrike Falcon?In finance and healthcare, CrowdStrike Falcon is implemented to protect against advanced threats and ensure compliance. Its AI-driven capabilities aid in real-time threat detection and vulnerability management, making it an essential tool for companies aiming to secure sensitive data and maintain operational continuity. Manufacturing sectors utilize it for securing production systems against potential cyber threats, ensuring uptime and safety. CrowdStrike Falcon's adaptable architecture benefits these industries by providing reliable protection across varied operating environments.
Symantec Endpoint Security is a robust and reliable product that provides complete protection against viruses, malware, Trojans, and malicious files. It offers application and device control, ease of use in deploying and updating, a central control console, stability, scalability, auto-discovery capabilities, patch management, endpoint detection and response capabilities, intrusion detection module.
The Symantec Global Intelligence Network (GIN) provides threat intelligence and detection across endpoints, email, and web traffic. It has helped organizations reduce downtime, increase productivity, and improve security posture. Symantec Endpoint Security is easy to use, has a flexible administration, and offers more value than expected.
