No more typing reviews! Try our Samantha, our new voice AI agent.

Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro vs Red Canary comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on May 17, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Dell Trusted Device powered...
Ranking in Endpoint Detection and Response (EDR)
32nd
Average Rating
9.6
Reviews Sentiment
6.2
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Red Canary
Ranking in Endpoint Detection and Response (EDR)
37th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
7
Ranking in other categories
Advanced Threat Protection (ATP) (24th), Managed Detection and Response (MDR) (12th), Risk-Based Vulnerability Management (16th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro is 0.4%, up from 0.0% compared to the previous year. The mindshare of Red Canary is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro0.4%
Red Canary0.7%
Other95.3%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Tom Cichosz - PeerSpot reviewer
System Engineer at a healthcare company with 501-1,000 employees
Integrated device protection has secured bios-level threats and preserves user performance
The features of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro that I appreciate most are the real-time analytics in CrowdStrike and the ability to detect anomalies in the computer at the BIOS level, which is excellent to have. You would not normally see that with standard antivirus or regular security software; it would not integrate with the BIOS, but the fact that it does means that you get an enhanced layer of protection with CrowdStrike, more than you would see with another product. My perception of chip-level recovery is that it is a beautiful thing. Normally you are dependent on the OS for recovery actions, but in this case, you do not need that because it happens at the chip level. It happens out of band, before the OS is booted; you can make recovery choices, and that is extremely important. You always need an out of band solution, and on end user devices especially, if that is possible, that changes the whole landscape. Normally out of band is only for server-level devices, but this changes that; this adds an extra layer of protection that you would not normally see. I view the critical feature of Advanced Memory Scanning by CrowdStrike as incredible; the fact that it can actively scan memory without any performance hit on the PC or server devices is remarkable. Previously, in years before 2020, we would see a performance hit from this type of software, but the fact that CrowdStrike integrated with Dell does not cause any performance hit on the end user or the overall performance of the computer is an amazing thing. It is probably the best performing antivirus software I have actually seen.
JH
Head of Information Security and Privacy at Ovative Group
Gained trusted 24/7 threat coverage and now focus security efforts on architecture and design
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues. The Red Canary team's expertise stands out compared to others I've worked with because their team is organized into smaller pods that support a given number of clients, so they're not just a bevy of operators going around the clock. The teams themselves have coordination and cohesion, and they get to know us. Their integrations into the different platforms and systems that we use all line up with our needs, whereas a number of other platforms offered a different variety of integrations that did not line up with our requirements. Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization. With the freed-up resources, we've been able to implement CSPM, SAST, software testing tooling, and engage much more closely with our developers and engineers to focus on secure architecture and design.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"They did what they said, and this solution could apply to any scenario."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"It is a simple platform to use."
"The solution's most valuable feature is the user interface."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"If you are considering protecting your Dell endpoints and your Dell infrastructure with CrowdStrike, it is a no-brainer."
"Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro has helped us immensely."
"The fact that CrowdStrike and Dell have gotten to a point where it has no user effect, or virtually zero user effect, is absolutely game-changing."
"The features of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro that I like the most include its ability to recover quickly."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"I am satisfied with this solution and it is very competitive with other similar EDR or MDR solutions because it provides very impressive information about the root cause of the threat, such as malware."
"Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"The most valuable feature of the solution is its automation part."
"I recommended Red Canary to my friends who work in other organizations."
"The solution works well for what we use it for and the support and protection are good."
"Red Canary has impacted my organization positively because we treat any ticket triggered by them as high priority due to the fact that 99 percent of the time it is a true positive."
 

Cons

"However, if you do not have Palo Alto in your environment, you are paying these additional services just for Cortex XDR by Palo Alto Networks, so it is not a cost-effective solution."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"There are some limitations on the Traps agents."
"The solution lags to the real-time scenarios here and there."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance."
"It is an enterprise-level solution. Its price could be less expensive."
"The downside to the solution is that there are a large number of false positives."
"The biggest thing I would do to improve Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro is add that agentic AI to it at the highest level and allow it to start to deploy and do things ourselves."
"The room for improvement that I would recommend to make it a 10 is that it might be beneficial to scale out to include servers."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
"The price could always be better."
"In general, the solution currently fails to provide a summary to its users."
"Red Canary's pricing spectrum may not be ideal for smaller financial institutions."
"I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representation to easily identify what happened."
"Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including the types of data they're looking at and the types of systems that they're integrating with."
 

Pricing and Cost Advice

"I feel it is fairly priced."
"The pricing is okay, although direct support can be expensive."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"This is an expensive solution."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
Information not available
"The solution could vary in price depending on how many endpoints a company has."
"Red Canary MDR I use is an open-source tool."
"I have not compared Red Canary to other solutions to know if the price is high or low. However, I have found the price of this solution fair and reasonable, it cost approximately $100 per year, per device. If they could provide the solution for $50 per year, per device, it would be better."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
15%
Comms Service Provider
11%
Hospitality Company
11%
Recreational Facilities/Services Company
9%
Financial Services Firm
9%
Construction Company
8%
Manufacturing Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
No data available
By reviewers
Company SizeCount
Small Business6
Large Enterprise2
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
My experience with the pricing, setup cost, and licensing of the platform has been fairly simple. Licensing has been ...
What needs improvement with Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
The room for improvement that I would recommend to make it a 10 is that it might be beneficial to scale out to includ...
What is your primary use case for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
Our main use cases for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro involve having a pretty expan...
What needs improvement with Red Canary MDR?
Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including ...
What is your primary use case for Red Canary MDR?
My main use case for Red Canary is to ensure I can sleep at night by getting 24/7 coverage by a capable team to inves...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Red Canary Managed Detection and Response (MDR)
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
DuPont, Quanta Services, Microchip Technology, Hopkins Public Schools, Henny Penny, Schumacher Homes
Find out what your peers are saying about Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro vs. Red Canary and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.