We compared CrowdStrike Falcon and Darktrace based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: In comparing CrowdStrike Falcon to Darktrace, their setup experiences differ as CrowdStrike Falcon is generally easier and more straightforward, while Darktrace's setup can be more challenging and time-consuming. CrowdStrike Falcon is praised for its ability to identify and update threats without signatures, while Darktrace is valued for its diverse range of threat detection models and autonomous network monitoring. However, CrowdStrike Falcon lacks certain capabilities like on-demand scanning and ransomware protection, while Darktrace could improve by reducing false positives and simplifying configuration. The pricing for CrowdStrike Falcon is considered a good value for its provided features, while Darktrace's pricing is generally seen as expensive but justifiable. Both products have generally positive feedback regarding their technical support, but there are some areas that could be improved.
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"This is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"The scalability is good."
"The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."
"The stability is very good."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"The initial setup is very simple."
"I find the complete portfolio to be excellent."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"t was pretty as far as the granularity of what you were getting out of it."
"We liked their approach to identifying intrusions or network anomalies using AI."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"The product can scale."
"The solution is outstanding from a monitoring perspective."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"Making the portal mobile friendly would be helpful when I am out of office."
"Cannot be used on mobile devices with a secure connection."
"FortiEDR can be improved by providing more detailed reporting."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The only minor concern is occasional interference with desired programs."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"It takes about two business days for initial support, which is too slow in urgent situations."
"CrowdStrike should add support for ransomware protection."
"They should provide us with good visibility for everything."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"CrowdStrike costs a little more than its competitors."
"Technical support could be better than what is currently offered."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"In the next version, I'd like to see penetration testing."
"The solution can improve the reporting."
"A reporting portal could be a great addition to help customize reports."
"It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"It's a very complex platform."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Darktrace is ranked 11th in Email Security with 65 reviews. CrowdStrike Falcon is rated 8.8, while Darktrace is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and VMware Carbon Black Endpoint, whereas Darktrace is most compared with Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi @reviewer1799568,
Most of these comparisons are opinions and some tests are done in specific conditions that might not suit or reflect your organization's needs and roadmap. Ultimately, the cost of a mistake is a data breach and not just an audit finding or operational discomfort.
I mention this because there are no viable shortcuts. I suggest you test the solutions thoroughly in your own environment to see what works for you.
The gaming floor is hopefully "air-gapped" and the solution should respect that segregation and still provide great security and visibility. One of the challenges is security updates.
For such an environment you would need comprehensive AI and machine learning. I suggest you look at the difference between IOC and IOA.
IOA vs IOC: Defining & Understanding The Differences | CrowdStrike. (Please also check other sources).
Good luck and stay safe!
The pros and cons of Darktrace vs Crowdstrike Falcon vs alternative EPP solutions are something worth looking at before making a decision on which one is the best fit for your particular needs.
Darktrace is an AI-based cyber security solution that uses machine learning to identify threats faster and with greater accuracy than traditional approaches. It works by continuously scanning the network, learning its normal behavior, and then detecting anomalies or malicious activities in real-time. This can provide your business with an early warning system to alert you to potential attacks before they have a chance to do major damage. One of the biggest advantages of Darktrace is that it’s able to work without relying on vulnerable signatures, meaning no matter how complex or sophisticated an attack may be, it will still be detected. The other benefit here is the scalability—Darktrace can quickly scale up as needed in order to protect larger networks rapidly changing over time.
CrowdStrike Falcon is another popular endpoint protection platform touted for its cloud-based architecture and advanced threat prevention capabilities. Similar to Darktrace, it has some powerful detection technologies but differs slightly in terms of how it works as well as what kind of threats it’s designed for. While Darktrace focuses mainly on malware protection, Falcon primarily focuses on preventing data exfiltration attempts or unauthorized accesses from outside sources such as remote hackers or phishing emails trying to steal information stored inside your system files or databases etcetera CrowdStrike also offers a cloud-native approach which means they can update their signature database nearly instantaneously against any new forms of attack so you don’t need to worry about attackers finding ways around their protections even if they manage one vulnerability first time round. The downside here though could be a lack of control in terms of what type/level updates you choose – this varies depending upon the subscription level chosen by users.
Alternative EPP solutions include those offered by vendors such as Symantec Endpoint Protection (SEP) and McAfee, these often have greater coverage when compared with software like CrowdStrike, however, you should bear in mind that these providers tend not only to charge more expensively but they also come bundled with additional features like anti-virus software, etc., which depending upon your desired goal may prove superfluous thus leading ultimately into cost waste rather than efficiency gain. SEP notably boosts robust customization abilities whereby customers are given generous freedom within setup policies - allowing them fine grain authority over endpoints rules set up e.g. whether particular application file types can run, allowing internet connection, etc. (elements not quite present within CrowdStrike) – although again there comes significant added expense via extra licenses required plus paywall obscurity associated with product tiers being unclear until we eventually reach checkout point.
In conclusion, all three services outlined here offer good suite options for businesses seeking out endpoint protection platforms. Each has respective strengths and weaknesses so careful analysis should help weigh out the pros and cons faced overall - consider particularly well whether the price tag is commensurate with potential user experience value gained meanwhile considering deeply what levels customizability offered suits own demands perfectly prior to forging ahead towards whichever choice deemed most suitable!
Hi.
I am told that Darktrace is a complimentary product that doesn't do any endpoint protection.