We performed a comparison between CrowdStrike Falcon and Darktrace based on our users’ reviews in five categories. After reading all the collected data, you can find our conclusion below.
Comparison Results: Both products received very positive reviews. CrowdStrike Falcon users appear more satisfied with its security levels and with the price of the product.
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The stability is very good."
"The product detects and blocks threats and is more proactive than firewalls."
"The most valuable feature is the analysis, because of the beta structure."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The setup is pretty simple."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"This is stable and scalable."
"Since we deployed CrowdStrike, the network has become much calmer, and we now understand the sources of infections, which helps us prevent them from spreading."
"The solution is silent and sits on your system as one single agent."
"Scalability hasn't been an issue for us."
"It's very easy to set up."
"The feature I like the most is the solution's detection."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"The solution can scale."
"The most valuable feature is that it works autonomously."
"The solution is outstanding from a monitoring perspective."
"The product can scale."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"The platform has many modules, and each module examines a different situation in the behavior."
"The models, triggers, and alerts are customizable."
"The dashboard isn't easy to access and manage."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"FortiEDR can be improved by providing more detailed reporting."
"The support needs improvement."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"This solution could be improved with greater scope for admins to make changes to the solution."
"It can be expensive depending on the features you select."
"Falcon could include more integrative features."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"Darktrace could improve by being more user-friendly."
"It's a very complex platform."
"There is a high ratio of false positive information."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"The pricing is a bit high for the region."
"The price point for the product was too high for what our possible use case could be."
"Darktrace could improve its features, such as monitoring and detecting ransomware."
"In the next version, I'd like to see penetration testing."
Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.
Fortinet FortiEDR Features
Fortinet FortiEDR has many valuable key features, including:
Fortinet FortiEDR Benefits
Some of the key benefits of using Fortinet FortiEDR include:
Reviews from Real Users
Below are some reviews and helpful feedback written by Fortinet FortiEDR users.
An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”
Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”
Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.
CrowdStrike Falcon is a comprehensive endpoint protection platform, primarily designed to meet the evolving cybersecurity needs of modern enterprises. It employs machine learning, behavioral analytics, and integrated threat intelligence to combat a wide range of cyber threats. CrowdStrike Falcon stands out for its cloud-native architecture, ensuring real-time protection and threat intelligence, essential for safeguarding dynamic environments. Its lightweight agent architecture minimizes system performance impact while offering extensive network visibility.
CrowdStrike Falcon offers robust, user-friendly cybersecurity measures that are crucial for protecting digital assets and minimizing the risk of data breaches and cyberattacks. Its proactive threat detection and mitigation help maintain business continuity and protect brand reputation. Additionally, its scalability and ease of use contribute to cost-effectiveness by reducing the need for extensive IT resources and training. The platform's seamless integration with existing IT infrastructures makes it a versatile choice for diverse IT environments.
During our conversations with CrowdStrike's users, they highly regard CrowdStrike Falcon for its efficiency in detecting and responding to threats, ease of use, and minimal system impact. It's praised for its comprehensive coverage, extending beyond traditional antivirus solutions, with strong customer support and continuous improvements.
General Feedback and Recommendations:
Key Features and Advantages:
CrowdStrike Falcon offers various pricing plans based on endpoints and required features. The plans cater to different organizational sizes and needs, from basic endpoint protection to comprehensive protection with advanced capabilities. Additional features like DLP, UBA, Endpoint Sandboxing, and MDR are available, with pricing upon request.
CrowdStrike Falcon emerges as a sophisticated solution for enterprise cybersecurity, offering advanced threat detection, scalability, and user-friendly design. It's well-suited for both IT professionals and business executives, protecting against current cyber threats and adaptable to future challenges in the cybersecurity landscape. For a more detailed understanding, especially concerning its use cases and weaknesses, a manual review of user feedback might be necessary.
Darktrace (DARK.L), a global leader in cyber security artificial intelligence, delivers complete AI-powered solutions in its mission to free the world of cyber disruption. Breakthrough innovations from the Darktrace Cyber AI Research Centre in Cambridge, UK and its R&D centre in The Hague, The Netherlands have resulted in over 135 patent applications filed and significant research published to contribute to the cyber security community. Darktrace’s technology continuously learns and updates its knowledge of 'you' for an organization and applies that understanding to achieve an optimal state of cyber security. It is delivering the first ever Cyber AI Loop, fuelling a continuous end-to-end security capability that can autonomously prevent, detect, and respond to novel, in-progress threats in real time. Darktrace employs over 2,200 people around the world and protects over 8,400 organizations globally from advanced cyber-threats. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021.
LOOP overview - PREVENT, DETECT & RESPOND, HEAL
Darktrace Cyber AI Loop™
The first-ever, adaptive feedback system with a deep, interconnected understanding of the enterprise. The Darktrace Cyber AI Loop represents a first-mover innovation, creating a virtuous cycle in which each capability interacts to strengthen and harden the entire security ecosystem. It allows organizations to not just prevent, detect, respond, and heal from cyber-attacks – but to do all of these all at once.
● Empowers bespoke and continuously evolving security solutions based on mathematical models unique to each organization, regardless of size or complexity.
● Delivers an end-to-end solution accessing the core Self-Learning AI technology, which provides visibility into the entire, ever-changing digital ecosystem.
● Integrates AI engines in each product family to augment all others as the organization changes. The whole is at all times greater than the sum of the parts.
● Continually learns and updates its knowledge of how an organization operates, enabling it to spot zero days, insider threats, and novel threats that get through most defenses.
● Lifts up security teams by elevating decisions and delivering threat analysis as always-on solutions work autonomously in the background to deliver at the scale of the enterprise.
Proactive AI engine to predict and pre-empt the highest priority cyber-attacks, working inside the organization
and outside on the attack surface. Part of the Darktrace Cyber AI Loop™.
● Harden defenses proactively
● Identify and prioritize risks
● Conduct continuous around-the-clock testing
● Emulate attacks to test vulnerabilities
● Continuously communicate outcomes to the AI Loop
Darktrace DETECT™ + RESPOND™
Built on patented AI that learns you, using the unique footprints of your everyday operations to identify any unusual behavior that could indicate an attack. Responds instantly to contain any attacks detected. Part of the Darktrace Cyber AI Loop™.
● Works across entire digital ecosystem
● Protect from known and unknown attacks
● Gets stronger as it learns
● Feeds insight into the AI Loop
Darktrace/Email defends the network against malicious emails that evade the email gateway, introducing intelligent autonomous response into the flow of email traffic. Darktrace’s rich understanding of user relationships, communications, and network activity allows Darktrace/Email to quickly contextualize events, and respond only to genuine threats, stopping them before they reach the user.
Darktrace’s endpoint capability extends Darktrace Detect and Respond to those devices which have left the network, protecting them from known and novel attackers as well as mitigating the risk of accidental or intentional data theft, compliance issues, use of non-approved software etc.
Darktrace/Apps stops insider threats, account takeovers, and critical misconfigurations. As a cloud-native solution powered by AI, it can continuously analyse behaviours and relationships across diverse cloud platforms and services, from AWS and Azure, to Salesforce, Dropbox, and Office 365. This enterprise-wide context enables the system to only act on high-confidence threats as they emerge within ephemeral workloads and diverse multi-cloud environments.
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 49 reviews while Darktrace is ranked 13th in Email Security with 38 reviews. CrowdStrike Falcon is rated 8.6, while Darktrace is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Vision One, whereas Darktrace is most compared with Vectra AI, SentinelOne Singularity Complete, Cisco Secure Network Analytics, Cortex XDR by Palo Alto Networks and Rapid7 InsightIDR.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.