We performed a comparison between Crowdstrike Falcon Endpoint Security and XDR and Tanium based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"Definitely, the best feature for Cisco Secure Endpoint is the integration with Talos. On the backend, Talos checks all the signatures, all the malware, and for any attacks going on around the world... Because Secure Endpoint has a connection to it, we get protected by it right then and there."
"The most valuable feature is signature-based malware detection."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"The solution is silent and sits on your system as one single agent."
"All the features are beneficial."
"The stability is very good."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"This product has issues with the number of false positives that it reports."
"It could be improved in connection with artificial intelligence and IoT."
"The GUI needs improvement, it's not good."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"An improvement would be to extend support to legacy and unsupported servers."
"We can't do scanning audits or device blocking or application control."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"Tighter integration around XDR could be included."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The solution can give a lot of false positives."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"The most painful thing is the interface. It's a bit unclear sometimes."
More Crowdstrike Falcon Endpoint Security and XDR Pricing and Cost Advice →
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
Crowdstrike Falcon Endpoint Security and XDR is ranked 2nd in EDR (Endpoint Detection and Response) with 56 reviews while Tanium is ranked 16th in EDR (Endpoint Detection and Response) with 5 reviews. Crowdstrike Falcon Endpoint Security and XDR is rated 8.6, while Tanium is rated 7.4. The top reviewer of Crowdstrike Falcon Endpoint Security and XDR writes "Speeds up the data collection for our phishing playbooks dramatically". On the other hand, the top reviewer of Tanium writes "Great inventory tool that that scans well for vulnerabilities and offers minimal end-user disruption". Crowdstrike Falcon Endpoint Security and XDR is most compared with Microsoft Defender for Endpoint, SentinelOne, Darktrace, Cortex XDR by Palo Alto Networks and Trend Micro XDR, whereas Tanium is most compared with Microsoft Endpoint Configuration Manager, Microsoft Defender for Endpoint, BigFix, ServiceNow Discovery and SentinelOne. See our Crowdstrike Falcon Endpoint Security and XDR vs. Tanium report.
See our list of best EDR (Endpoint Detection and Response) vendors and best EPP (Endpoint Protection for Business) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.