Cisco Secure Endpoint (formerly Cisco AMP) vs CrowdStrike Falcon

Likelihood to Recommend

Specific tool for specific need. If you have a gap in your security infrastructure (protection from malware) you might think to use Cisco Advanced Malware Protection (AMP) for Endpoints to make sure your company's devices are safe. But also you can go beyond and enforce your SOC with Cisco AnyConnect where Cisco Advanced Malware Protection (AMP) for Endpoints is used as one of modules.

Read full review

Oleksandr Tsapenko

IT Project Manager

SvitSoftInformation Technology & Services, 11-50 employees

View all 9 answers on this topic

It's a great solution with a massive deployment scenario with a lot of endpoints, and where the time is an issue and you need to be protected ASAP - thanks to its cloud-based architecture you will be up and running in almost 10 minutes (literally). There are no signatures, further refinements, or additional hardware and servers required. An always or almost always offline [scenario] is not well-suited for Falcon Pro.

Read full review

Victor Rivera

Senior Information Technology Manager

Grupo VinteConstruction, 1001-5000 employees

View all 20 answers on this topic

Feature Rating Comparison

Cisco Secure Endpoint (formerly Cisco AMP)

CrowdStrike Falcon

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

Pros

lightweight connector
great integration with other security products
highly effective
will also alert for vulnerable software being used on your systems

Read full review

Wouter Hindriks

Technical Team Lead Network & Security

Missing Piece BVInformation Technology and Services, 11-50 employees

View all 9 answers on this topic

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 20 answers on this topic

Cons

Sometimes during whitelisting, other files from security tools get isolated even if it's not user intended.
Re-syncing policies also take some time, albeit in a straightforward process.
As with all security software, false-positives are still detected.
Hoping that once the library is expanded further, the false positives will be fewer.

Read full review

Ericson Aragoza

Unified Communications Engineer

VisionsConnectedTelecommunications, 501-1000 employees

View all 9 answers on this topic

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Mark Sauer

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 20 answers on this topic

Usability

Cisco Secure Endpoint (formerly Cisco AMP) 8.5

Based on 4 answers

I give it a very good score due to its simplicity in deployment, actually being able to do everything remotely is very good. Also noteworthy is the low consumption of resources compared to other competitive products.

Cisco support is really very remarkable and the tool has a good integration with other products, a very good work dashboard and very useful reporting.

Read full review

Sebastián Sarasate

Infrastructure Manager

Grupo Logístico AndreaniLogistics and Supply Chain, 5001-10,000 employees

View all 4 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

Cisco Secure Endpoint (formerly Cisco AMP) 8.1

Based on 12 answers

We have needed very little support, but anytime we need to reach out for assistance they have always been helpful and knowledgeable about the product and helped us resolve any issues or needs we may have

Read full review

Nicole McMillian

Cyber Security Analyst

Associated Wholesale GrocersWholesale, 1001-5000 employees

View all 12 answers on this topic

CrowdStrike Falcon 8.6

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

Alternatives Considered

AMP is far superior to Symantec in my opinion. It is much more robust and customizable. It is much easier to manage systems and to spot trouble areas. Deploying and upgrading clients is much simpler. It is a much more lightweight client on the desktop. Overall a much better product in my opinion.

Read full review

Verified User

Engineer in Information Technology

Education Management Company, 1001-5000 employees

View all 9 answers on this topic

Overall I found CrowdStrike Falcon's EDR capabilities superior to their competitors. Also, the user interface has taken its time to mature and is very intuitive and has a natural flow. Policy configuration and assignment as well as the features and settings within the config were more complete and met all our requirements. Lastly, the agent plays nice with everything else running on systems. We hardly ever have issues of Falcon interfering with users or services, and false positives are kept at a minimum.

Read full review

David Reyes

Sr Systems Engineer

InnovaSystemsComputer Software, 201-500 employees

View all 20 answers on this topic

Return on Investment

HAMP has allowed the team to focus on value added activities instead of constant cleanup of workstations and servers.
AMP is probably not the most cost effective solution, but is very good at protecting your systems.

Read full review

Scott Shipley

Senior IT Manager - Global Infrastructure

Tennant CompanyMachinery, 1001-5000 employees

View all 9 answers on this topic

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 20 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Cisco Secure Endpoint (formerly Cisco AMP) Editions & Modules

—

Additional Pricing Details

—

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

Rating Summary

Cisco Secure Endpoint (formerly Cisco AMP)

CrowdStrike Falcon

Cisco Secure Endpoint (formerly Cisco AMP)

CrowdStrike Falcon

Cisco Secure Endpoint (formerly Cisco AMP)

CrowdStrike Falcon

Cisco Secure Endpoint (formerly Cisco AMP) vs CrowdStrike Falcon