What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?

Hi @reviewer1799568, Most of these comparisons are opinions and some tests are done in specific conditions that might not suit or reflect your organization's needs and roadmap. Ultimately, the cost of a mistake is a data breach and not just an audit finding or operational discomfort. I mention this because there are no viable shortcuts. I suggest you test the solutions thoroughly in your own environment to see what works for you. The gaming floor is hopefully "air-gapped" and the solution should respect that segregation and still provide great security and visibility. One of the challenges is security updates. For such an environment you would need comprehensive AI and machine learning. I suggest you look at the difference between IOC and IOA. IOA vs IOC: Defining & Understanding The Differences | CrowdStrike. (Please also check other sources). Good luck and stay safe!  

Hi. I am told that Darktrace is a complimentary product that doesn't do any endpoint protection.

I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine learning are very valuable features. Crowdstrike Falcon also successfully prevents malware in real time. I find that Crowdstrike Falcon’s dashboard is very user-friendly; Information is easy to find because of how it is presented and everything is linkable. Stability is fantastic and so is the scalability. You can easily create several endpoints without any issues. In terms of pricing, Crowdstrike Falcon is reasonable for all that it has to offer. I don’t personally have experience using their technical support, so I can’t speak for that. Even though Crowdstrike has a well-recognized reputation, I think Sophos Intercept X is the most secure endpoint product out there for many reasons. Sophos Intercept X is easy to manage, simple to deploy, and catches everything, which I can personally attest to because I have run simulations against Sophos and other products, with Sophos always coming out on top. It successfully detects malware and protects against ransomware. Whatsmore is that Sophos Intercept X has a data loss feature that allows you to monitor and detect whether users are insecurely sharing information. Depending on which industry you are in, this can be especially helpful, if not very much necessary (for example, in the healthcare industry) to ensure company resources are safe and sensitive data and information aren’t compromised or exposed to malicious software. In addition, my experience with customer service has always been great. Conclusion: If you have to choose between the two, I would suggest Sophos Intercept X, since I have been using it for years and have found it to be extremely reliable, responsive, and have had no issues with the software. Especially considering its price, the product is definitely worth it.