Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Protection Platform (EPP).
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
In Cortex XDR by Palo Alto Networks, most of the remediation is automated and the accuracy is quite good.
CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.
It's very easy to deploy without many IT admins, saving time.
SentinelOne Singularity Complete has helped reduce my organization's mean time to detect by fifty percent.
If I engage five engineers for this project and implement SentinelOne, then only one resource is needed to manage the dashboard and criticality alerts.
Since then, I have not faced any intrusions, which is one reason I chose SentinelOne over ESET.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
They could improve by initiating calls for high-priority cases instead of just opening tickets.
If we get stuck at midnight, any other TAC team will be in GMT or Europe or America, and they will assign our support engineer and suddenly schedule a call for us and resolve the issue.
We are using the automated email process for support, and they respond within an hour or two hours sometimes.
A chat service would be beneficial.
Regarding the technical support of Broadcom, they are responsive and helpful.
You can onboard 10,000 endpoints in just hours, which demonstrates the excellent scalability of this product.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
I think scalability for Cortex XDR by Palo Alto Networks is good.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.
It's all auto-scale and auto-categorized, configuring automatically.
SentinelOne Singularity Complete is very scalable.
SentinelOne Singularity Complete is very scalable for our needs.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR is stable, offering high quality and reliable performance.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The biggest issue occurred when every computer worldwide experienced a blue screen.
Even if the agent disconnects from our console, it will still protect the desktop or laptop.
We get real-time alerts that arrive as incidents occur.
This indicates room for improvement in stability when interacting with other solutions.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
The only thing that prevented the attack from succeeding was a free version of Malwarebytes.
SentinelOne Singularity Complete doesn't have data security solutions such as Forcepoint DLP or 48 layer; SentinelOne Singularity Complete doesn't have that DLP solution.
Providing a single pane of visibility for the end user would be beneficial.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
The licensing cost and setup costs are affordable.
The solution is a bit expensive.
If you want protection, you have to pay the price.
There are other products that are less expensive, but I tell my clients that in security, they cannot cut corners or look for the cheapest solution.
Reputation and quality are important, but especially in today’s economy, price is a significant factor.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
Being an EDR solution, it helps us identify attacks in real-time.
I have an advanced app providing visibility of all my endpoints, which was not the case before.
SentinelOne has a feature to decommission automatically, which has been fantastic.
There's also automation that gives my team free time, preventing them from having to look for every alert.
I assess VMware Carbon Black Endpoint's machine learning capabilities in detecting unknown threats as fantastic.
| Product | Mindshare (%) |
|---|---|
| CrowdStrike Falcon | 6.6% |
| SentinelOne Singularity Complete | 4.4% |
| Cortex XDR by Palo Alto Networks | 3.5% |
| VMware Carbon Black Endpoint | 1.8% |
| Other | 83.7% |
| Company Size | Count |
|---|---|
| Small Business | 44 |
| Midsize Enterprise | 20 |
| Large Enterprise | 47 |
| Company Size | Count |
|---|---|
| Small Business | 50 |
| Midsize Enterprise | 33 |
| Large Enterprise | 62 |
| Company Size | Count |
|---|---|
| Small Business | 95 |
| Midsize Enterprise | 48 |
| Large Enterprise | 78 |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 9 |
| Large Enterprise | 31 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
CrowdStrike Falcon provides cutting-edge endpoint detection with automatic alerts, real-time monitoring, and seamless integration capabilities. Cloud-native architecture and AI-driven processes ensure scalable protection and efficient threat remediation.
CrowdStrike Falcon is recognized for its robust EDR and threat intelligence features that enhance security and streamline operations. Its lightweight agent minimizes system impact while offering real-time monitoring and detailed reporting. This platform uses cloud-native architecture for scalable, consistent protection, significantly reducing administrative demands. AI and machine learning empower precise threat hunting and behavioral analysis, which mitigates false positives and boosts cybersecurity efficiency. Users seek improvements in integration with other systems, reporting functions, and compatibility with specific operating systems. While the solution handles malware mitigation and threat response efficiently, suggestions for on-demand scanning, enhanced visibility, and better dashboard features are noted.
What are the key features of CrowdStrike Falcon?In technology sectors, CrowdStrike Falcon commonly supports endpoint protection and threat response initiatives, allowing companies to replace traditional antivirus systems with more advanced solutions. In finance, it secures sensitive data across multiple platforms, ensuring compliance. In healthcare, real-time security analysis protects patient data on critical devices like servers and laptops, utilizing AI to enhance cybersecurity defenses.
SentinelOne Singularity Complete delivers advanced endpoint protection leveraging AI-driven threat detection and behavior analysis for efficient malware and ransomware response. Its standout features enhance security insights and ensure comprehensive endpoint management.
SentinelOne Singularity Complete provides robust ransomware recovery through unique rollback capabilities and seamless integration with various security solutions. Its machine learning enhances endpoint protection, minimizing false positives and automating responses. While praised for real-time threat monitoring, incident management, and asset management, it faces challenges in managing the console, customizing UI, and maintaining policy flexibility. Some users report difficulties with deployment and integration with existing systems, and enhanced reporting, alert management, and documentation are desired. Its appeal extends to deploying across multiple operating systems, offering comprehensive security coverage and facilitating cybersecurity compliance.
What standout features does SentinelOne Singularity Complete offer?Industries implement SentinelOne Singularity Complete for its AI capabilities in advanced endpoint protection, particularly against malware and ransomware. It's utilized across diverse operating systems, aiding in real-time threat monitoring and facilitating compliance. Organizations use it for vulnerability assessments and asset management, ensuring optimal protection in complex IT environments.
VMware Carbon Black Endpoint enhances endpoint security with its robust EDR, threat detection, and live response features. The cloud-based architecture supports remote management and easy setup while behavioral monitoring and dynamic grouping minimize security risks.
VMware Carbon Black Endpoint is designed for those seeking comprehensive endpoint protection. With its cloud-based deployment, organizations experience streamlined remote control and simplified rollout processes. Its behavioral monitoring, incident response capabilities, and firewall integration deliver advanced security measures. Although it addresses many security challenges, areas like manual alert management, on-demand scanning, and integration with systems like AlienVault USM require refinement. Improved UI, EDR components, and flexible pricing models would enhance user satisfaction. On-premise deployment infrastructure and compatibility issues with some operating systems need attention. Enhanced reporting, container security, and multi-tenancy support are also essential for fulfilling industry needs. AI-driven analysis and threat isolation empower companies by fostering proactive management.
What are the key features of VMware Carbon Black Endpoint?
What benefits should users look for when evaluating VMware Carbon Black Endpoint?
VMware Carbon Black Endpoint finds extensive application in industries focused on stringent security requirements. Managed security service providers leverage its capabilities to deliver comprehensive protection to multiple clients worldwide. Organizations use it primarily for antivirus protection and incident management, integrating it with their existing security frameworks to strengthen endpoint visibility and real-time threat prevention. Its advanced detection and application control features make it a preferred choice in industries that prioritize robust security measures. However, it requires improvements in terms of system compatibility and customization flexibility to better serve diverse industry environments.
