We performed a comparison between CrowdStrike Falcon and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Ability to get forensics details and also memory exfiltration."
"Forensics is a valuable feature of Fortinet FortiEDR."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"NGAV and EDR features are outstanding."
"There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers."
"The feature I like the most is the solution's detection."
"I like the dashboard nature of it. Everything is clickable, linkable, and information is easy to obtain and find. How it presents that information is probably the biggest win as far as the information correlation aspect. The presentation of it is very good."
"I like the detection rates of mobile threats."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"The most valuable feature, in my opinion, is the dimension logging platform and the network traffic filtering."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"The analytics are important because if there is an abnormality then it provides that information to us."
"The tool provides automated responses."
"WatchGuard Threat Detection and Response is a reliable solution."
"The solution is very easy to use."
"The most valuable feature is the correlation of logs from different devices."
"The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
"Making the portal mobile friendly would be helpful when I am out of office."
"The only minor concern is occasional interference with desired programs."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"FortiEDR can be improved by providing more detailed reporting."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"ZTNA can improve latency."
"Detections could be improved."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"The management of log aggregation is in need of improvement."
"They respond quickly on the weekdays, but the weekend response times are slower."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"Forensic controls have room for improvement."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"The current database schema presents challenges and has potential for improvement."
"I'd like a few extra features, especially around threat severity assessment."
"WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port."
"This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"The ease of detecting where an issue is should be improved."
"The interface is not the best."
"The solution is a bit confusing and there are unusual complications with setup."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 104 reviews while WatchGuard Threat Detection and Response is ranked 27th in Endpoint Detection and Response (EDR) with 12 reviews. CrowdStrike Falcon is rated 8.6, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas WatchGuard Threat Detection and Response is most compared with SentinelOne Singularity Complete, Darktrace, Bitdefender GravityZone EDR, Intercept X Endpoint and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.