

CrowdStrike Falcon and Devo are prominent in the cybersecurity domain, catering to different aspects of threat detection and management. CrowdStrike Falcon has a slight edge in endpoint management, while Devo excels in providing customizable analytics.
Features: CrowdStrike Falcon is noted for its endpoint visibility, AI-driven threat analysis, and minimal impact on system performance. Its cloud-native architecture provides flexibility and robust EDR capabilities. Devo, however, excels in real-time analytics, high-speed search, and multi-tenant architecture, allowing businesses to separate data across various departments. It also offers flexible, customizable dashboards that facilitate comprehensive data analysis.
Room for Improvement: CrowdStrike Falcon could enhance integration with other technologies, improve reporting, and accelerate support response times. Users also desire smoother integration with legacy systems. Devo, on the other hand, could benefit from better pre-built monitoring solutions and enhanced integration capabilities for comprehensive reporting. There's also a need for improvement in dashboard customization and providing ready-to-use monitoring applications. Both would gain from more user-friendly interfaces and improved customer communication.
Ease of Deployment and Customer Service: CrowdStrike Falcon offers straightforward deployment across various environments, although support response times could be faster. Users appreciate its comprehensive tech support. Devo is praised for its simple pricing model and ease of setup. While customer support is generally satisfactory, some users suggest it could be more responsive. CrowdStrike emphasizes personalized support, while Devo provides clear assistance during deployment.
Pricing and ROI: CrowdStrike Falcon is regarded as a high-cost but valuable investment, offering extensive security that justifies its price, especially in terms of ROI linked to reduced staffing needs. Devo's pricing based on data ingestion is transparent, though metadata charges can be unpredictable. Despite this, users find it cost-effective due to its robust analytics and support services.
Based on our experience and industry benchmarks, I can say that we have seen around a thirty to forty percent improvement in time spent on endpoint security operations.
CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.
It's very easy to deploy without many IT admins, saving time.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They could improve by initiating calls for high-priority cases instead of just opening tickets.
I rate the customer support a nine out of ten because of their timely technical guidance and responsiveness during the deployment and troubleshooting periods.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.
Devo is a unified SIEM solution designed to handle growing log volumes and enterprise-scale monitoring requirements.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The biggest issue occurred when every computer worldwide experienced a blue screen.
It is stable and reliable for our security operations.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
This is particularly evident when dealing with failed login attempts and determining true versus false positives.
UI improvements, a simplified dashboard, or an easier reporting workflow could further improve analyst productivity.
The cost is a little higher compared to other tools such as DataDog or Elasticsearch, so they could work on reducing costs.
For example, the basic plan starts at a certain price per endpoint per year, while advanced plans with more features cost higher.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
The licensing cost and setup costs are affordable.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
Being an EDR solution, it helps us identify attacks in real-time.
When they see a spike in a line chart for a failed login, which could be a true or false attempt, they can click that spike, and a table widget on the same active board instantly populates with raw logs of data for those specific failed logins.
When the analyst uses queries to search, it pulls the data quickly, in a second, which aids us greatly with the investigation.
It utilizes 400 days of hot data, allowing queries to run very fast and yield results quicker than other tools in terms of security and SIEM capability.
| Product | Mindshare (%) |
|---|---|
| CrowdStrike Falcon | 2.8% |
| Devo | 1.2% |
| Other | 96.0% |

| Company Size | Count |
|---|---|
| Small Business | 54 |
| Midsize Enterprise | 34 |
| Large Enterprise | 63 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 5 |
| Large Enterprise | 12 |
CrowdStrike Falcon provides cutting-edge endpoint detection with automatic alerts, real-time monitoring, and seamless integration capabilities. Cloud-native architecture and AI-driven processes ensure scalable protection and efficient threat remediation.
CrowdStrike Falcon is recognized for its robust EDR and threat intelligence features that enhance security and streamline operations. Its lightweight agent minimizes system impact while offering real-time monitoring and detailed reporting. This platform uses cloud-native architecture for scalable, consistent protection, significantly reducing administrative demands. AI and machine learning empower precise threat hunting and behavioral analysis, which mitigates false positives and boosts cybersecurity efficiency. Users seek improvements in integration with other systems, reporting functions, and compatibility with specific operating systems. While the solution handles malware mitigation and threat response efficiently, suggestions for on-demand scanning, enhanced visibility, and better dashboard features are noted.
What are the key features of CrowdStrike Falcon?In technology sectors, CrowdStrike Falcon commonly supports endpoint protection and threat response initiatives, allowing companies to replace traditional antivirus systems with more advanced solutions. In finance, it secures sensitive data across multiple platforms, ensuring compliance. In healthcare, real-time security analysis protects patient data on critical devices like servers and laptops, utilizing AI to enhance cybersecurity defenses.
Devo offers powerful visual analytics, real-time data querying, and log integration capabilities within a cloud-native, multi-tenant architecture, supporting extended data retention ideal for long-term analysis and compliance.
Devo is recognized for its Activeboards, which facilitate visual analytics. High-speed search capabilities and real-time analytics enable efficient data manipulation and querying. Its multi-tenant architecture supports effective data segregation and customization tailored to distinct business needs, enhancing its value for handling complex log integrations. With extended data retention of 400 days and a cloud-native architecture, Devo is a robust platform for long-term analysis and compliance requirements. Though opportunities exist to improve browser stability on large searches, SOAR integrations, and its parser capabilities, Devo remains essential for incident response and security monitoring, offering centralized data storage and analysis.
What are Devo's most important features?Devo is extensively used in industries focused on incident response and digital forensics, centralizing data for security monitoring across hybrid environments. Organizations benefit from its ability to store and analyze aggregated logs, creating alerts and dashboards to enhance visibility for network and endpoint activities in multi-domain settings.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.