We performed a comparison between AgileBlue and CrowdStrike Falcon based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The summarization of emails is a valuable feature."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"It has great stability."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The comprehensiveness of Microsoft's threat detection is good."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"In addition to managing the SOC, they offer Endpoint Detection and Response (EDR) capabilities for servers and systems. What stood out for us is the product's lightweight nature, unlike other EDRs we evaluated that tend to be system-intensive. This lightweight feature significantly piqued our interest and influenced our decision to use the solution. The solution is stable. I rate it a seven out of ten. The solution is scalable. I rate it an eight out of ten. The support team is remarkably prompt. They quickly resolve any issues we encounter. The initial setup was straightforward. With strong timings and BSLAs, AgileBlie stands out when compared to competitors."
"We haven't had any infections or down time."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The threat intelligence is the most valuable feature."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The feature I like the most is the solution's detection."
"It is an easy product to deploy."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The logs could be better."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The solution does not offer a unified response and standard data."
"There could be a way to proactively monitor unusual activity ."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"There is always room for improvement. There's potential for further enhancement in the capabilities of the EDR. However, there are positive changes we are satisfied with. They revamped the dashboard, addressing a previous issue."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"It would be nice if they did have some sort of Active Directory tie-in, whether that be Azure or on-prem. Sometimes, it is difficult for us to determine if we are missing any endpoints or servers in CrowdStrike. We honestly don't have a great inventory, but it would be nice if CrowdStrike had a way to say this is everything in your environment, Active Directory-wise, and this is what doesn't have sensors. They try to do that now with a function that they have built-in, but I have been unsuccessful in having it help us identify what needs a sensor. So, better visibility of what doesn't have a sensor in our environment would be helpful."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"It does take more time to scan than other solutions."
"Some of Falcon's features are a bit pricey."
"They should provide us with good visibility for everything."
AgileBlue is ranked 25th in Extended Detection and Response (XDR) with 1 review while CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews. AgileBlue is rated 8.0, while CrowdStrike Falcon is rated 8.8. The top reviewer of AgileBlue writes "A Lightweight Solution Offering a Seamless Experience". On the other hand, the top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". AgileBlue is most compared with SentinelOne Singularity Complete, whereas CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
