We performed a comparison between CrowdStrike Falcon and USM Anywhere based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"NGAV and EDR features are outstanding."
"Ability to get forensics details and also memory exfiltration."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Impressive detection capabilities"
"The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
"I like the overall reports of this solution. They are crisp, and to the point."
"All the features are beneficial."
"It's given me a level of confidence that my network is secure."
"The initial setup is a very fast process."
"Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"The most valuable features are the complete IPS and IDS."
"The best thing about AlienVault USM is it being a “Jack-of-All Trades” solution. It provides SIEM, HIDS/NIDS, FIM, NetFlow, Asset Management, Vulnerability Management, etc., under one USM platform. None of the commercial SIEM vendors like ArcSight, McAfee, etc., can boast of such a diverse feature set."
"It has allowed us to see what is happening on our servers."
"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
"The solution has all the features that we need, however they do not work correctly."
"SIEM log collection is great, and all of the rules that support updates with maintenance."
"This solution can identify many threats inside the organization (compromised endpoints, configuration issues), as well as "outside" threats (botnets, network scanners, web-attacks, etc)."
"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Making the portal mobile friendly would be helpful when I am out of office."
"The support needs improvement."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The dashboard isn't easy to access and manage."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"There is room for improvement in managing multiple customer IDs."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"It does take more time to scan than other solutions."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"We sometimes get false positives."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"We develop additional rules and scripts to make it more usable."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"We've had some stability problems, not a lot, but a few. Updates seem to be the worst. That seems to be when the stability problems come up."
"Its reporting tools need improvements. It would be good if they can provide integration with other ticketing systems. Currently, we only have integration with Slack and Jira. It is also a bit slow, and its replication engine can be improved."
"The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on."
"I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins."
"It would be hard for any legitimate MSSP to use it."
"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while USM Anywhere is ranked 23rd in Endpoint Detection and Response (EDR) with 113 reviews. CrowdStrike Falcon is rated 8.8, while USM Anywhere is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Microsoft Sentinel and Exabeam Fusion SIEM. See our CrowdStrike Falcon vs. USM Anywhere report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.