Hi community members,
I work as the Director of Information Technology at a legal firm and I'm looking at replacing our Symantec EDR with either SentinelOne or CrowdStrike but can't seem to get any balanced views other than those from each vendor.
Currently, I'm doing a POC on both and am interested to know: has anyone already gone through the same dilemma and which solution did you end up with?
We RFI/POC'd them all.
Sentinel One came out on top for every aspect of the requirements that we needed to fulfill from our architect.
That said, CrowdStrike is a good tool as well but I think ends up being more expensive. The best bang for the buck was S1.
Hi Ron - SentinelOne without a doubt - it has not been breached.
We are currently in the process of looking for "new tools" in regards to endpoint security. We use McAfee at the moment and we lean more towards S1.
But I am interested how your POCs go. Please come back with some insight!
It really depends what you want as outcomes, reporting integration with other security technologies. Be happy to discuss.
Better, I would suggest moving it to Microsoft Defender for Endpoint, which will help more in feature.
S1 for sure.
Disconnect Falcon from the internet and it looses its ability to do anything. Falcon is still a fine product, for EDR I'd go S1.