Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
EDR (Endpoint Detection and Response)
September 2022
Get our free report covering McAfee, Microsoft, and other competitors of McAfee Active Response. Updated: September 2022.
635,987 professionals have used our research since 2012.

Read reviews of McAfee Active Response alternatives and competitors

Director of IT at a tech services company with 51-200 employees
Real User
Top 20
Responsive and fast support, easy to deploy, well-tuned to ignore false positives
Pros and Cons
  • "We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
  • "It would be nice if the dashboard had some more information upfront, and looked a little better."

What is our primary use case?

We use this product for endpoint security and threat remediation.

How has it helped my organization?

The fact that this is a cloud-native solution that provides us with flexibility and always-on protection is absolutely important, especially with a good majority of our staff working remotely, now.

We've had security incidents that occurred and within a matter of just a couple of minutes, they were completely remediated and fixed and we didn't even have to think about it. We just got the report after the fact.

Falcon's ability to prevent breaches is excellent. It's affected us in that we haven't had any downtime as a result of breaches or any malware or anything like that. Ultimately, it's given us a lot of our time back. On the IT side, this is at least five to ten hours per week. On the user side, it is probably more.

What is most valuable?

The most valuable feature is threat remediation. We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur.

CrowdStrike takes care of all of the updates, so we don't even think about it or see it. This is great because we definitely spent a lot of time doing that kind of thing with our previous solution. Now that we haven't had to do it in four months, it's not even something we consider anymore.

We use both the endpoint and cloud workload protection and the detection and prevention it provides are excellent. It's tuned well to the fact that there can be a lot of false positives, so there's not a lot of potential issues that we're getting alerted about that aren't real. This means that when we do get alerts, we know that they're real and they're already being remediated for us.

What needs improvement?

It would be nice if the dashboard had some more information upfront, and looked a little better. Having a cooler dashboard is nice to have, although it is not as important as the functionality, which is very good.

For how long have I used the solution?

I have been using CrowdStrike Falcon for approximately four months.

What do I think about the stability of the solution?

The stability is great and we haven't had a single issue.

What do I think about the scalability of the solution?

It was originally deployed to 200 users and we haven't really grown since we started, so I can't speak to scalability. This represents 100% adoption in our organization, and there are no current plans to grow. As we hire more people, our usage will increase.

There are two people who work with it on a daily basis. There is the director of IT and a network administrator.

How are customer service and technical support?

The technical support is excellent. I've only used it a couple of times and they were extremely responsive and very fast.

Which solution did I use previously and why did I switch?

Prior to implementing CrowdStrike, we used BlackBerry Cylance. We switched for the ability to have full remediation so that we didn't have to do it ourselves. Also, this product is pretty much best-in-class for endpoint protection.

The only real difference that we have found with CrowdStrike, compared to Cylance, is that we no longer have to spend time remediating our issues. The detection and prevention capabilities are similar, although, with CrowdStrike, we have fewer false positives.

How was the initial setup?

The initial setup is extremely easy. It took me about five minutes to deploy it to my entire organization of about 200 users. The single-center process is extremely important because it's something that we were worried about, but it turned out to be a non-issue because it only took five minutes and we haven't had to think about it again.

We initially had a plan for deployment but once we found out how easy it really turned out to be, it was basically a one-step plan.

What was our ROI?

Our return on investment comes from the fact that there is less downtime for people that do get malware and other such problems. That is something that can be quantified.

What's my experience with pricing, setup cost, and licensing?

We made use of the free trial and the process for getting set up was extremely easy. We spoke to our sales rep and in our discussions and demos, they offered the free trial. We accepted, they sent me a link and I downloaded the agent. I was then able to install it and login in less than five minutes.

Having the free trial was very important in making our decision to implement CrowdStrike because without being able to test it, it's not something that we would have chosen.

The pricing is definitely high but you get what you pay for, and it's not so high that it prices itself out of the market. That said, it's definitely one of the highest. There are no costs in addition to the standard licensing fees and the fact that it's keeping us safe, and it's proven that it works, is worth it.

Which other solutions did I evaluate?

We evaluated solutions from several vendors including Sophos, Trend Micro, McAfee, Kaspersky, and perhaps another one. A lot of these other endpoint solutions don't offer a full remediation option, and that was a big deal for us.

Also, reputation was important. We had used a couple of others in the past and there were issues where they would make an update that would negatively affect all of our computers. For example, our users could no longer access certain important websites. We haven't had that problem with CrowdStrike.

In terms of ease of use, CrowdStrike is extremely easy. Comparatively, we've had less time in the administration console than we have previously.

What other advice do I have?

My advice for anybody who is looking into implementing CrowdStrike is to go ahead and do it. There is nothing to worry about and they deliver as promised.

I would rate this solution a nine out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Head of Security and Operational Risk at Medianet
User
Great real-time click protection, web filtering, and compatability
Pros and Cons
  • "We are able to manage all our endpoints from a single cloud console."
  • "It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products."

What is our primary use case?

As a financial company, we use the solution to provide security to our CDE environment and compliance with all PCI requirements. This tool enables us to provide security to the endpoints and also, to comply with local and foreign regulations regarding platform security.

We use this solution to protect all our endpoints, including personal computers and mobile phones. 

We have deployed the solution in Windows, Linux servers, workstations, and mobile phones. 

We also use the web filter capabilities both on mobile phones and on corporate computers.  

How has it helped my organization?

We now have so many capabilities we did not have before, as follows:

  • We are able to manage all our endpoints from a single cloud console
  • We don't need adicional on-premise servers to run this solution
  • The time that the endpoint refresh and identify new policies is very short. It takes seconds and this is a great value for us to fight emerging threats
  • We are now able to protect web browsing in all web browsers and also we don't need additional policies to block browsers in private browsing
  • The integratión with our SIEM solution was very smooth and the solution provides valuable information for security analysis

What is most valuable?

The most valuable aspects include:

  • Web Filtering. This feature is easy to manage, and it applies new policies in seconds. 
  • Real-time Click Protection. It protects the user from phishing attacks in real time. 
  • Compatibility with Windows, Linux, Android, and Mac. We don't need additional solution to protect all our endpoint. 
  • Cloud Management. This feature allows us to reduce our operating burden and also improve our TCO.

We now have the ability to block a compromised machine from the network.

We now have the ability to block in near real-time IOC.

What needs improvement?

It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products. 

It would also be great to include FIM capabilities for the Endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products.

It would be great if we could have additional DLP capabilities to identify personal information or any kind of information to comply with regulations that require information protection. 

For how long have I used the solution?

I have been using the solution for about three months.

What do I think about the stability of the solution?

We haven't had any problems or downtime since we acquired the solution. It is stable.

What do I think about the scalability of the solution?

The solution is scalable. It is quite simple to add new endpoints to the solution or add additional features, all with zero downtime. 

How are customer service and support?

Customer support and channel support are also always willing to help. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have been using McAfee Endpoint protection for about ten years. We were missing so many features and needed additional tools and effort to protect our endpoint. 

How was the initial setup?

It took a few minutes to deploy the whole solution.

What about the implementation team?

It was through a vendor. They were experts on the product.

What's my experience with pricing, setup cost, and licensing?

The costs depend on the company size. In my case, I was able to have all the features, including email protection, remote access, mobile protection, and endpoint protection, for a great price. 

Which other solutions did I evaluate?

I evaluated Trend Micro and McAfee.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Simon Otieno - PeerSpot reviewer
General Manager at Kristel
Real User
Thorough detection, great flexibility, and straightforward setup
Pros and Cons
  • "The most valuable features are the solution's thorough detection and ease of use."
  • "In terms of improvement of the solution, it could have better features. For example, having a firewall within. This way we would only need one solution."

What is our primary use case?

We are mainly using the solution for management because it contains a variety of different tools. For example, it has EDR and NTSA which are integrated into the solution enabling it to monitor threats on the network and the endpoint site. Additionally, we are using it because of the Patch Management encryption module tool. It essentially provides what we need in terms of our next-generation endpoint. 

What is most valuable?

The most valuable features are the solution's thorough detection and ease of use. 

What needs improvement?

In terms of improvement of the solution, it could have better features. For example, having a firewall within. This way we would only need one solution.

In a future release, they should include mobile devices within the cloud setup. 

For how long have I used the solution?

I have used Bitdefender GravityZone Ultra for three years. 

What do I think about the stability of the solution?

We find the solution to be stable. We have not experienced anything to be alarmed about during the time we have used it.

What do I think about the scalability of the solution?

The solution is easy to scale. The growth of our company requires only to request for more licenses and does not require additional cost. 

How are customer service and technical support?

The solution has a local technical support office that responds within 30 minutes, which is satisfactory. 

I would rate the technical support of Bitdefender GravityZone Ultra an eight out of ten. 

Which solution did I use previously and why did I switch?

I have used McAfee, Kaspersky, and ESET.

How was the initial setup?

The initial setup of the solution was very simple and straightforward. The installation was finished within a day by our technical team.  

What about the implementation team?

The solution requires a technical team for deployment. The team is able to advance it up to the directory, it is very simple. 

The solution does not require much maintenance because the updates happen automatically. However, there are two engineers involved in administration when there is anything requiring attention. For example, when there is a new feature that we want to enable.

What's my experience with pricing, setup cost, and licensing?

The solution is not expensive but there are cheaper options in the market. In terms of competitiveness, the price is reasonable with no other additional costs besides the licensing fees.  

What other advice do I have?

I recommend the solution because it has great flexibility and the agility of the solution over time is great.

I rate Bitdefender GravityZone Ultra an eight out of ten. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Cem BALIK - PeerSpot reviewer
Information Technologies Manager at VAS Bilisim Teknolojileri A.S
Real User
Reliable, easy to set up and easy to use
Pros and Cons
  • "The product can scale as needed."
  • "Security could always be better."

What is our primary use case?

We primarily use the solution for security purposes. 

What is most valuable?

It's an easy tool and it offers a different experience. It is a new generation product.

The initial setup was easy.

It's stable and reliable.

The product can scale as needed.

What needs improvement?

While I'm sure improvements are necessary, there isn't one specific area I've found to be lacking. 

Security could always be better. It always needs to be adjusted to keep up with what's happening. 

For how long have I used the solution?

I've been using the solution for two years. 

What do I think about the stability of the solution?

We haven't had any issues with stability. It's reliable. there are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

It's scalable. We are using management software on the cloud. Therefore, if we want to install 1,000 agents, it doesn't impact our business now. We can scale and it's got a central implementation method for agents.

How are customer service and support?

Technical support has been very good and we are quite pleased with them. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We actually use regular antivirus solutions as well, such as Sophos and McAfee.

How was the initial setup?

It's a simple, straightforward setup. It is not overly complex or difficult. 

We have a small IT team and have found that we just need to have one person managing the product. 

What about the implementation team?

We deployed it using an outside resource.

What's my experience with pricing, setup cost, and licensing?

I cannot speak to the exact cost. Our managers buy the licenses. That said, it is my understanding that we are using the subscription model and pay for it yearly. I'm not sure if there are any other ancillary fees beyond that.

What other advice do I have?

I'm a customer and end-user. 

I'm not sure which version of the solution I'm using. 

I'd rate the solution eight out of ten. It's a good overall product. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Abrar Khan - PeerSpot reviewer
IT Coordinator at a pharma/biotech company with 51-200 employees
Real User
Services perform well, minimal resources, and synchronizes well with other solution
Pros and Cons
  • "The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources."
  • "This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."

What is our primary use case?

We are not only using Sophos Endpoint with this solution, we are also using Sophos Email Security and firewall. It is a completely synchronized security package.

What is most valuable?

The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources. 

What needs improvement?

This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it. I do not think a lot of companies know about this solution, it could be a lack of marketing that is the reason why it is not at the top.

For how long have I used the solution?

I have been using the solution for two years.

What do I think about the scalability of the solution?

The solution is very good for small-sized businesses.

How are customer service and technical support?

The technical support sometimes is a bit delayed, but sometimes they are responding very fast. Overall they are good but could improve on the times they are having delays.

Which solution did I use previously and why did I switch?

Previously we used McAfee for our endpoint protection for our company. It was very problematic, it was using up a lot of resources and delaying the work of users. Users were not able to do multitasking in the system. It is blocking all access to our server at the time of scanning. We decided to move to some other good antivirus. After analyzing the market, we found Sophos. Sophos is best for the standard configuration PC.

Which other solutions did I evaluate?

Due to some circumstances, we are going to switch from this solution to Symantec. Additionally, we have evaluated Kaspersky before choosing Symantec as the replacement for this solution. Kaspersky has had a very good rating amongst review sites along with Symantec.

What other advice do I have?

I rate Sophos Intercept X a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
EDR (Endpoint Detection and Response)
September 2022
Get our free report covering McAfee, Microsoft, and other competitors of McAfee Active Response. Updated: September 2022.
635,987 professionals have used our research since 2012.