We performed a comparison between CrowdStrike Falcon and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Ransomware Protection solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The stability is very good."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The price is low and quite competitive with others."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"We have seen a reduction to the performance hit to our operating systems."
"The anomaly detection is the most valuable feature."
"CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts."
"We haven't had any infections or down time."
"It is an easy product to deploy."
"It provides very good protection and the ability to crosscheck environments."
"The stability is very good."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"The most valuable feature is selective elevation, which allows elevating an individual process to admin privilege without granting admin privilege to that user, which has been by far the most useful feature outside of the overall solution itself."
"Using ThreatLocker is effortless because I can access it from an app on my phone, so I can help clients after hours. My client had an issue while I was at dinner, and I didn't have a tech on the problem, but I could deal with it from my phone. I can see what the client is doing and approve or deny it. It helps me deliver better service to my clients when they need it."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"While it can be frustrating at times, we appreciate the low-level security provided by the application whitelist."
"The most valuable feature is probably the ability to block programs from running. ThreatLocker has some built-in features that make it super easy. You can also contact their support within the program. If you're having issues, you can click on that button and connect with someone in five to 10 seconds."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"Every single feature has been invaluable."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The solution is not stable."
"Cannot be used on mobile devices with a secure connection."
"The only minor concern is occasional interference with desired programs."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"CrowdStrike costs a little more than its competitors."
"It can be expensive depending on the features you select."
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"There is room for improvement in managing multiple customer IDs."
"CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"The reporting could be improved."
"The snapshots used in the ThreatLocker University portal are outdated snippets and have not been updated in conjunction with the portal itself."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"We identified several areas that we would like to see improved."
"There are some times when applications get submitted, the hashes don't really line up."
"Something we have come up against a couple of times is that we have two clients that are software developers. They create software that doesn't have digital signatures and that's not easy to categorize or whitelist with ThreatLocker. We have to go in and make custom rules to allow them to do their work and to be protected from malicious threats."
"One area I see for improvement is in the visibility of support tickets within the ThreatLocker ticketing system."
CrowdStrike Falcon is ranked 1st in Ransomware Protection with 105 reviews while ThreatLocker Protect is ranked 6th in Ransomware Protection with 13 reviews. CrowdStrike Falcon is rated 8.8, while ThreatLocker Protect is rated 9.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, GravityZone Business Security, Huntress and Fortinet FortiClient. See our CrowdStrike Falcon vs. ThreatLocker Protect report.
See our list of best Ransomware Protection vendors and best Endpoint Protection Platform (EPP) vendors.
We monitor all Ransomware Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.