CrowdStrike Falcon and Cortex XSIAM both compete in the cybersecurity solution space, with CrowdStrike having a stronger emphasis on interactive endpoint security and Cortex focusing on integration and automation. CrowdStrike currently holds the upper hand in endpoint security, whereas Cortex leads in integration capabilities.
Features: CrowdStrike Falcon stands out for its robust EDR capabilities, AI-driven features, and minimal system impact, which secure endpoints effectively. Cortex XSIAM excels in extensive third-party integration and automated forensic analysis, making it a strong contender in network security operations. Both platforms provide comprehensive security solutions.
Room for Improvement: CrowdStrike Falcon should enhance report functionalities, improve native application support, and reduce false positives. Cortex XSIAM could benefit from performance optimization and expanding integration options. Both solutions require enhancements in different areas, with Falcon focusing on integration and reporting, and Cortex on performance optimization.
Ease of Deployment and Customer Service: CrowdStrike Falcon offers deployment flexibility across public, private, and hybrid clouds, including on-premises, but has mixed feedback on customer support, needing improvement in response times and ownership of cases. Cortex XSIAM mainly deploys on public cloud platforms and is noted for competent technical support.
Pricing and ROI: CrowdStrike Falcon, although more expensive, provides good value for larger enterprises with operational savings and integration flexibility. Cortex XSIAM has high pricing but offers reasonable value given its advanced features and integration abilities. Both platforms justify their costs through robust security benefits, with Falcon delivering more direct ROI and Cortex offering a comprehensive security suite.
It is ineffective in terms of responding to basic queries and addressing future requirements.
The Palo Alto support team is fully responsive and helpful.
On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
Without proper integration, scaling up with more servers is meaningless.
Cortex XSIAM is highly scalable.
It has adequate coverage and is easy to deploy.
In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it.
When it comes to scalability, it is entirely based on premium models according to demand.
The product was easy to install and set up and worked right.
Overall, Cortex XSIAM is stable.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
I find CrowdStrike to be stable; there are no issues, although there was one instance when we had an outage for updating the Falcon Agent.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
Cortex could improve the detection and online resolution of security vulnerabilities.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
The flexibility for creating manual workflows stands out.
Its signature-less subscriptions and robust detection power stand out in improving threat detection.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.
The machine learning behavior for anomaly detection is a valuable feature.
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.
What are Cortex XSIAM's key features?
What benefits are evident in Cortex XSIAM reviews?
Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.
CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.
CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features.
What are the key features of CrowdStrike Falcon?
What are the benefits or ROI of CrowdStrike Falcon?
In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
