We performed a comparison between CrowdStrike Falcon and CylancePROTECT based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is stable and scalable."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"I get alerts when scripts are detected in the environment."
"The product's initial setup phase is very easy."
"Fortinet is very user-friendly for customers."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The stability is very good."
"The solution was relatively easy to deploy."
"The initial setup is a very fast process."
"I like the overall reports of this solution. They are crisp, and to the point."
"The scalability is good."
"The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
"The threat intelligence is the most valuable feature."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"At this point what is most valuable is the interface, which is easy to navigate."
"The detection is very effective."
"The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations."
"The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background."
"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."
"The deployment of updates is easy."
"It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect."
"It provides good insight into the programs, applications, or websites that may need attention."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"It secures different entry points into the network."
"I haven't seen the use of AI in the solution."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not user-friendly."
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"They respond quickly on the weekdays, but the weekend response times are slower."
"Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs."
"Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal."
"The product does not do a lot of reporting on what it is taking care of. Enhanced reporting would be a welcome improvement."
"I would like to see them fix the alerting system so that the endpoint reporting is a bit more streamlined."
"The stability could be improved."
"It is hard to manage."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"It's a good solution but some features just need to be updated."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while CylancePROTECT is ranked 23rd in Endpoint Protection Platform (EPP) with 41 reviews. CrowdStrike Falcon is rated 8.8, while CylancePROTECT is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of CylancePROTECT writes "Ensures advanced AI-driven threat detection to provide robust endpoint security, effectively preventing both known and unknown threats with minimal impact on system performance". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas CylancePROTECT is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and Symantec Endpoint Security. See our CrowdStrike Falcon vs. CylancePROTECT report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I had a great experience having deployed CrowdStrike to tens of thousands of endpoints. It's easy to deploy and operationalize. It has provided protection against threats that other engines did not catch based on its powerful heuristics and AI.
CrowdStrike does invest heavily in R&D and provides advisory services on endpoint protection.
I never used Cylance. We installed CrowdStrike on 6/6/19 and aside from a test file have had zero hits. CrowdStrike has some additional features available (at a cost). One that I am looking at is device control for USB storage devices for policy enforcement. Syslogs are being absorbed by my SIEM as well.