CrowdStrike Falcon Competitors and Alternatives

Get our free report covering Microsoft, SentinelOne, Palo Alto Networks, and other competitors of CrowdStrike Falcon. Updated: September 2021.
534,226 professionals have used our research since 2012.

Read reviews of CrowdStrike Falcon competitors and alternatives

DS
Enterprise Security Architect at a recruiting/HR firm with 10,001+ employees
Real User
Top 10
Single pane of glass allows us to run a lean team while protecting tens of thousands of endpoints around the world

What is our primary use case?

We use it for endpoint protection. It's an active EDR endpoint protection tool. Think of it as an antivirus and endpoint protection solution with machine learning, like McAfee on steroids. In our company it is deployed in 83 countries and on over 40,000 workstations and servers.

Pros and Cons

  • "SentinelOne also provides equal protection across Windows, Linux, and macOS. I have all of them and every flavor of them you could possibly imagine. They've done a great job because I still have a lot of legacy infrastructure to support. It can support legacy environments as well as newer environments, including all the latest OS's... There are cost savings not only on licensing but because I don't have to have different people managing different consoles."
  • "If it had a little bit more granularity in the roles and responsibilities matrix, that would help. There are users that have different components, but I'd be much happier if I could cherry-pick what functions I want to give to which users. That would be a huge benefit."

What other advice do I have?

Do your homework. I would encourage everybody, if you have the capabilities, to do what I did and test it against everything out there. If you don't have those capabilities and you want to save yourself a lot of time, just go straight to SentinelOne. I cannot imagine any organization regretting that decision. With the news stories you read about, such as hospitals under attack from malware and crypto viruses—with all the bad actors that exist, especially since the pandemic took over—if you want to protect your environment and sleep soundly at night, and if you're in the security industry, I…
Norman Kromberg
VP of Info Security at SouthernCarlson, Inc.
Real User
Top 20
Does a good job of reporting when it detects anomalous behavior

What is our primary use case?

We purchased Morphisec to protect our endpoints from anomalous behavior. The biggest use case would be to prevent ransomware, but also to detect other unnecessary programs running on devices. So, the use case has been endpoint protection, both for servers and endpoints, e.g., laptops and desktops. We do a multi-layered defense in-depth. They are our primary prevention at the endpoints for anomalous behavior. I would classify it as a preventative tool, since Morphisec blocks and prevents execution. So, I would put it at the preventative layer. We have agents on all of our endpoints and servers… more »

Pros and Cons

  • "Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
  • "Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools. For example, they need to get multifactor in place and an API for the major multi-factor systems, e.g., Okta, Duo, Ping, and Microsoft. They don't have them built in yet. They are working on them. It is just not there yet. Also, their stability, customer support, and processes need improvement, which is just part of maturity."

What other advice do I have?

Don't overthink it. Just do it. Follow the directions of Morphisec and go for it, but make sure you understand what your application stack is before you go full bore, so you don't create false positives. However, they are easy to work with in those terms. The reality is nobody ever gets to a single pane of glass or a single dashboard. Those claims are made by vendors, even Morphisec will make it. The problem is you have so many layers in your security stack that you will never get to a single pane of glass. So, I never have that as a requirement because I know it is not attainable. We do not…
SB
Computer Systems Administrator at a university with 10,001+ employees
Real User
Top 5
Lacks next-generation behaviour-based detection, offers terrible technical support, and not as robust as competitors

What is our primary use case?

The use case for the solution was basically this: any computer or anything used for any sort of official business needed to have endpoint protection and needed to have some sort of antivirus protection. The thing was somewhat more than just an antivirus, it also included a firewall that operated in addition to the Windows or Mac firewall. The university policy basically required that all endpoint devices used for official business have to meet certain requirements and one of them was to have an antivirus.

Pros and Cons

  • "The solution detects malware very well."
  • "The stability was not the best. There were times when antivirus updates broke it. It wasn't necessarily self-updating - at least, not in terms of the virus signatures. It updated in terms of the executable files. Therefore, when Windows updates would come out, they often couldn't be installed, or the computer would hang due to the fact that the updates weren't compatible with the antivirus."

What other advice do I have?

The solution is a kind of a mix between an on-premise managed server that managing some machines, and other machines just had an unmanaged client that was distributed to students. It's not actually a cloud, it's a server. It's an on-premises server. It's not a cloud-based server that is being used. The antiviruses report to the server and policies can be set on the server. I'd advise users to be aware that there are better solutions out there than this. I've learned that technology can change and your solution may be great now, but in a few years, it may drop to the bottom of the barrel…
Imad Taha
Group CIO at a construction company with 10,001+ employees
Real User
Top 20
Centralization via the cloud allows us to protect and control people working from home

What is our primary use case?

We started using it to protect our environment from ransomware specifically.

Pros and Cons

  • "You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."
  • "As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation."

What other advice do I have?

My advice is to get enough information about the differences in Carbon Black products from day one. In other words, if Carbon Black is claiming that Carbon Black CB Defense is enough, why are they always promoting the more expensive product, which is Carbon Black Protect? So, you need to be educated well about the differences between the products. Also, look at the roadmap of the product regarding whether there will be good mobile protection for mobile users or not. And be aware of the minimum license purchasing policy. The number of people for maintenance of the solution depends on how your…
VK
VP - Cyber Security at a manufacturing company with 1,001-5,000 employees
Real User
Very scalable and easy to manage but package size is too large

What is our primary use case?

The solution has three primary uses for us. Our environment is Windows-based. We don't have Mac and very little space for Linux systems. We use the solution on all of our Windows devices as a basic antivirus protection. That's our first use case. The second use case for the solution is to be able to have USB restrictions on my endpoints. And the third would be the protection of machines when, especially now in this COVID-19 climate, users connect from home. There are a lot of network-based attacks. When users are connecting from other networks, they're protected from dangers with this solution

Pros and Cons

  • "The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
  • "There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."

What other advice do I have?

I would advise, if somebody's looking at buying a brand new solution fresh or have a solution coming up for renewal, to look at the next generation antivirus products. The next-generation products are far more sophisticated. They might be a little higher in price, but in terms of manageability, updates, and the packet size, they are far superior. McAfee has released something called Envision. It's a next-generation antivirus. In this other solution, they have incorporated a lot of next-generation technologies. It's a different license and a higher-priced license altogether. Overall, I would…
Get our free report covering Microsoft, SentinelOne, Palo Alto Networks, and other competitors of CrowdStrike Falcon. Updated: September 2021.
534,226 professionals have used our research since 2012.