We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"This is stable and scalable."
"Ability to get forensics details and also memory exfiltration."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"The scalability is good."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint."
"Very easy to deploy. It can be done one by one or deployed by customizing an MSI file for GPO push."
"Even if an endpoint loses connection to the Internet, I know that endpoint is protected against 99.99% of the threats in the wild today."
"The Application Guard and ByteGuard are useful features."
"The solution is easy to deploy."
"Blackberry Protect offers endpoint protection. It's easy to deploy. It's scalable and stable."
"Centralized dashboard online which can be used for managing a huge product."
"On the management side, we liked the way it displays things."
"CylancePROTECT is very stable - we've had no issues with performance and no errors or bugs."
"We find the solution to be a bit expensive."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Making the portal mobile friendly would be helpful when I am out of office."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We can't do scanning audits or device blocking or application control."
"The installation process for this software needs to be simplified."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"This solution could be improved with greater scope for admins to make changes to the solution."
"They respond quickly on the weekdays, but the weekend response times are slower."
"The management of log aggregation is in need of improvement."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs."
"They could improve on the false positives, reporting and whitelisting features."
"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."
"It is hard to manage."
"Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal."
"The AI of CylancePROTECT has room for improvement. I'm on a trial license of SentinelOne, and its AI is much better than what's on CylancePROTECT."
"An area for improvement in CylancePROTECT is its pricing, as it's a bit costly."
"The security scripting needs improvement. It needs deeper security for scripting."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 39 reviews. CrowdStrike Falcon is rated 8.8, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and VMware Carbon Black Endpoint. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.