No more typing reviews! Try our Samantha, our new voice AI agent.

CrowdStrike Falcon vs Zscaler Client Connector comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CrowdStrike Falcon
Ranking in Endpoint Detection and Response (EDR)
1st
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
139
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Protection Platform (EPP) (2nd), Threat Intelligence Platforms (TIP) (2nd), Extended Detection and Response (XDR) (1st), Attack Surface Management (ASM) (2nd), Identity Threat Detection and Response (ITDR) (1st), AI-Powered Cybersecurity Platforms (2nd)
Zscaler Client Connector
Ranking in Endpoint Detection and Response (EDR)
24th
Average Rating
8.8
Reviews Sentiment
5.9
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of CrowdStrike Falcon is 7.4%, down from 13.7% compared to the previous year. The mindshare of Zscaler Client Connector is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
CrowdStrike Falcon7.4%
Cortex XDR by Palo Alto Networks3.6%
Zscaler Client Connector0.7%
Other88.3%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Chetan Bhati - PeerSpot reviewer
Network Security Engineer at Arrow PC Network Pvt Ltd
Cloud-native security has improved real-time threat detection and streamlined daily operations
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful. The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
DA
IT Support Admin at Kuehne & Nagel Inc.
Client activity has been monitored efficiently through in-depth log analysis and traffic filtering
I use the Zscaler speed test, and it is very nice. We use some logs from Zscaler Client Connector to collect data and see what is happening, such as if there is an interruption or something. There is a specific tunnel version that we have to use because, depending on the internet provider, some of them have lower speed, so we have some issues. This is because of the provider, not from Zscaler. We use Office 365 services and Office applications, and because some connections are slow and they do not have full coverage from the internet provider, we have some issues. If the speed is slow for Zscaler Client Connector connection, then we have issues because if the speed is not good, then Zscaler Client Connector goes down. This may be because they put some policy. Of course, if you use Office 365 services such as Outlook, the minimum bandwidth is 5 megabits and more, so this causes issues if the users do not have a good remote connection. This depends on the companies and the users, so they need to fix it. This is not from us or our company. It is very useful, and the logs are very helpful. When we go to logs, we understand what is happening.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a perfect solution. It integrates well into the environment."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure."
"The most valuable for us is the correlation feature."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"It is a simple platform to use."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"The most beneficial part is the active response capability of the product."
"We are happy with CloudStrike's ease of use and touch notification."
"The solution fits well in the organization and took out valuable output as expected from Endpoint Detection and Response solution."
"The product is really good, but there is a lot of additional features that you need to have for it to be a complete solution."
"The EDR feature of CrowdStrike is fantastic."
"CrowdStrike Falcon has helped my customers predict and prevent potential breaches because of its proactive approach."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"The most valuable features are the complete IPS and IDS."
"Zscaler Client Connector has eliminated VPN bottlenecks and outages, improved user productivity with instant secure access, and reduced help desk tickets related to VPN issues, overcoming 60% of VPN-related problems while allowing faster onboarding of remote users and better enforcement of zero-trust security policies."
"The solution operates in the background seamlessly without the user noticing."
"The best features of Zscaler Client Connector are that it gives the client a much more transparent experience, as they don't have to worry about connecting to a VPN."
"It is very useful, and the logs are very helpful; when we go to logs, we understand what is happening."
"The real-time analytics feature in Zscaler Client Connector is another valuable feature called Digital Experience, or ZDX, which can easily identify the root cause of issues accessing public or internal resources and provide good analysis so relevant teams can quickly resolve them, making it a very good tool that helps customers."
"I'd rate the solution nine out of ten."
"It is very important to see what is happening between the user and the applications that we have, and to filter the traffic from outbound traffic and inside traffic."
"Zscaler Client Connector is quite scalable, and I would rate its scalability as nine or ten out of ten."
 

Cons

"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"If he is using a smaller company, he can depend on some other tools because Cortex XDR by Palo Alto Networks is a bit expensive."
"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response."
"I think sometimes Cortex XDR agent automatically stops event capturing from the device, and then even the dashboard does not get any notifications from the agent."
"Based on our experience so far, its implementation is quite complex."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"The management of the solution could improve."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"I would like to see the machine learning feature enhanced."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"This solution is relatively expensive."
"CrowdStrike Falcon needs to improve their host management system."
"This solution lacks basic functionality, such as being able to perform on-demand scanning."
"The stability of Zscaler Client Connector needs improvement, as it often disconnects and reconnects."
"I rate this product nine out of ten because I have seen some minor instability issues after updates and some room for UI improvement for deeper analytics, with instances of major issues after updating the GCC that required rollbacks."
"There is room for improvement regarding the price of Zscaler Client Connector, as it is one of the most expensive solutions available."
"There is a hard learning curve for Zscaler Client Connector; their support isn't the greatest all the time."
"Zscaler Client Connector is not low in cost; it is definitely on the higher side."
"If the speed is slow for Zscaler Client Connector connection, then we have issues because if the speed is not good, then Zscaler Client Connector goes down."
 

Pricing and Cost Advice

"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"Cortex XDR by Palo Alto Networks is an expensive solution."
"I don't like that they have different types of licenses."
"It is "expensive" and flexible."
"Cortex XDR’s pricing is very reasonable."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"The price of CrowdStrike Falcon is expensive."
"The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."
"I would like them to further reduce the price, because it is quite pricey at the moment."
"CrowdStrike is well priced. On a yearly basis, it costs between $60 and $100 per user."
"The pricing is good and there are no costs in addition to the standard licensing fees."
"This solution has a very competitive price."
"Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business."
"CrowdStrike Falcon can be more expensive than some competitors, and its base price doesn't cover every feature."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
11%
Manufacturing Company
10%
Computer Software Company
9%
Government
5%
Manufacturing Company
21%
Financial Services Firm
10%
Government
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business54
Midsize Enterprise34
Large Enterprise63
By reviewers
Company SizeCount
Small Business3
Large Enterprise5
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...
Is Crowdstrike Falcon better than Trend Micro Deep Security?
I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is t...
What is your experience regarding pricing and costs for Zscaler Client Connector?
My experience with pricing, setup cost, and licensing is that the pricing is fair, though it is a bit costly. It oper...
What needs improvement with Zscaler Client Connector?
For Zscaler Client Connector, I would appreciate more granular control over the client update rollout and slightly fa...
What is your primary use case for Zscaler Client Connector?
My main use case of Zscaler Client Connector is to provide secure, seamless access to the internet and internal appli...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface, CrowdStrike Falcon Platform
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Information Not Available
Find out what your peers are saying about CrowdStrike Falcon vs. Zscaler Client Connector and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.