CrowdStrike Falcon vs. McAfee Total Protection (discontinued) vs. Palo Alto Networks Cortex XDR

Crowdstrike is a unified platform for monitoring endpoint devices, whether they're workstations, servers, cloud-native machines, or even mobile devices. It uses AI/ML to monitor anomalies and suspicious behavior, including zero-day attacks. It is suitable for large organizations but may be costlier or less appropriate for smaller organizations, those who want an on-prem EDR setup, and those who need custom scanning based on compliance requirements.

Incentivized

I think McAfee is great to have whether it's for work or for personal use. While it has some drawbacks, I like the peace of mind of feeling safe when I'm browsing the web/email, especially when my computer has sensitive/confidential information, knowing that McAfee will immediately detect any threats. The UI is extremely easy to navigate, which makes it easy for users regardless of how tech-savvy they are.

Incentivized

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Incentivized

• The Log analysis is very detailed and easy to use.
• Prevent and block all type of malwares.
• Great threat intelligence which is very up-to-date with the recent cyber attacks
• very user friendly in access and management
• Automated feature of detecting, taking action and closing incidents using fusion workflow.

Incentivized

• Excellent protection of all internet connected assets on our VPN.
• Constant updates of needed security patches that ensure our network and systems are protected from current and emerging/potential threats.
• Prompt and reliable customer service that provides needed answers and expertise in a crisis.
• Strategic whitepapers on emerging cyber threats and McAfee solutions to resolve them before they become a problem for my team or our clients.

Incentivized

• Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
• Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
• Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Incentivized

• Support - we are often tasked with running down problems rather than being directed by support.
• The sales staff we have dealt with are not very responsive or timely.
• I believe this is a product built for installations of 300 users or more.

Incentivized

• Price - Extremely high price tag for many of the solutions.

Incentivized

• Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
• Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
• Traps falsely identifies things as malicious at times, this is not often though

Incentivized

Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.

Incentivized

McAfee has consistently delivered on its stated goals of providing comprehensive protection for our networks and systems. Due to their excellent work and follow through I have been, and will continue to be a loyal customer.

Incentivized

I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.

Incentivized

As every attacks get started because of user mistake or employee mistake. they click on any link they open any software without knowing its behavioural. But after Palo Alto Networks Cortex XDR we able to identify what user is doing We can put sudden type of restriction as per our organization policy. If some malicious file is found it can be quarantined. easy remote terminal access for investogation rather going one by one user for endpoint if they are busy then we have to wait but now from console only we can do this all.

Incentivized

Any time we need to engage the Crowdstrike Falcon Complete Team, their response is switch, thorough, and they are sure to not close out any request until the customer confirms that they have provided an acceptable resolution. If I ever need anything from the account team related to the product, I also get a response from them within minutes typically to address my question. Top notch customer service!

Incentivized

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Incentivized

There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.

Incentivized

The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.

Incentivized

Read the documentation

Incentivized

It was just a legacy AV program onboarded during initial setup days. As the org. As it expanded, its threat landscape also grew, and we needed a next-gen solution to protect against evolving threat vectors. Falcon EDR was the one that solved all these in a single place.

Incentivized

I haven't used Norton for a while, but when I did use it I felt that it slowed down my computer and had constant pop-ups, which were both equally frustrating and annoying. It was also very difficult to remove from my computer. Malwarebytes is a great, straightforward program I've used for virus scanning. It's pretty bare bones but I think if you just want something to scan for viruses it gets the job done quickly and reliably. In my opinion McAfee offers similar benefits as Norton but its more intuitive and doesn't impact system performance.

Incentivized

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Incentivized

• CrowdStrike Falcon's proactive threat mitigation has significantly reduced the risk of successful cyber attacks, resulting in tangible savings related to potential data breaches or system compromises.
• The cloud-native architecture and automated features have improved operational efficiency.
• The platform's real-time visibility and threat hunting capabilities have drastically improved incident response times.

Incentivized

• Blocks unsafe websites
• Virus detection and removal
• Protects sensitive data

Incentivized

• After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
• We are able to track and control granular suspicious and malicious activities.
• Web controls are missing, which if they would have been there would have been very helpful.

Incentivized