CrowdStrike Falcon vs Palo Alto Networks Cortex XDR (Traps)

Likelihood to Recommend

CrowdStrike continues to be the leader of where it is today by extending the offerings that is has. While there are a number of downfalls of the product, no one other security vendor can rightfully do what CrowdStrike does. Smaller players in the game are able to "pull a feather" here and there but there is no stopping the behemoth that is CrowdStrike. So long as CrowdStrike continues to deliver on its endpoint protection capabilities and levels up their behavioral detections, they are the best buy all day long. For those looking for a company that is clear about what they are monitoring for and how, rule logic, etc.... CrowdStrike is the exact opposite. They are a complete black box that thinks detect logic is magic and protects it all as if it was intellectual property. For some organizations they will likely not care; however, for others with established security teams, this can prove to be an irritant.

Read full review

Bryan Bowie

Principal Incident Responder (Sr.)

VerizonSecurity & Investigations, 10,001+ employees

View all 30 answers on this topic

Malware that doesn’t leave files behind has become widely available. Anyone who can afford to reverse this trend should purchase technology. Application whitelisting isn’t for everyone, and Palo Alto Networks Traps can help. Enterprises looking for a low-affected, next-generation solution with high protection should consider it. PAN Traps is a great product at a reasonable price, and I highly recommend it.

Read full review

Mst Rahima Khatun

Marketing Product Management

ClopsmithInformation Technology & Services, 11-50 employees

View all 11 answers on this topic

Feature Rating Comparison

CrowdStrike Falcon

Palo Alto Networks Cortex XDR (Traps)

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

Pros

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 30 answers on this topic

Direct Access to devices via Live Terminal which provides operations with scripting, triage, and preservation of artifacts.
Behavioral Indicators of Compromise which provides alerts on events regarding groups of hosts and their signatures.
Querying complex data sets involving a variety of devices for network connections, hashes, DNS, etc.

Read full review

Verified User

Analyst in Information Technology

Hospital & Health Care Company, 10,001+ employees

View all 11 answers on this topic

Cons

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Mark Sauer

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 30 answers on this topic

Traps doesn't seem to function as a traditional A/V very well, so it's better as another layer to your endpoint protection
Traps can cause issues with some legacy or custom programs, so exceptions may have to be made
Traps falsely identifies things as malicious at times, this is not often though

Read full review

Verified User

Technician in Information Technology

Hospital & Health Care Company, 1001-5000 employees

View all 11 answers on this topic

Support Rating

CrowdStrike Falcon 8.8

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

Palo Alto Networks Cortex XDR (Traps) 10.0

Based on 5 answers

The support we receive from Palo Alto is one of the best aspects of Traps. It is very easy to recommend their support. It seems much easier to connect directly with someone with a deep understanding of the product rather than other companies where you basically have to make an airtight case that it is some kind of non-standard issue that can't be solved with existing documentation. Palo Alto digs deep and helps with advanced troubleshooting to get things working.

Read full review

Verified User

Analyst in Information Technology

Higher Education Company, 1001-5000 employees

View all 5 answers on this topic

Alternatives Considered

[Because of] its cloud-based architecture, complete set of features, LDAP integration and massive deployment options. The open integration with another security solution and it's almost native with all Windows flavors including Windows Server. Its Incident Response Team is a one-and-only kind of solution that makes CrowdStrike a really different competitor and a natural leader in cybersecurity market.

Read full review

Victor Rivera

Senior Information Technology Manager

Grupo VinteConstruction, 1001-5000 employees

View all 30 answers on this topic

Traps is the slickest interface, easy to use and intuitive rule making, and the rest just didn't quite stack up to the performance level of Traps. McAfee and Kaspersky just hog processor and RAM power. I didn't like the interface and functionality of SentinelOne as much as Traps. Palo Alto really put a lot of time into the development of this software, and had some of the founding fathers of IT Security heading the development process. Can't beat that.

Read full review

DeForge, Peter

Systems Support Analyst

GW PlasticsPlastics, 1001-5000 employees

View all 11 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 30 answers on this topic

After putting Palo Alto Networks Cortex XDR on a user's system, users came back with a positive response that there are no performance issues now.
We are able to track and control granular suspicious and malicious activities.
Web controls are missing, which if they would have been there would have been very helpful.

Read full review

Darshil Sanghvi

Presales

Network TechlabInformation Technology & Services, 501-1000 employees

View all 11 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Palo Alto Networks Cortex XDR (Traps) Editions & Modules

—

Additional Pricing Details

—

Rating Summary

CrowdStrike Falcon

Palo Alto Networks Cortex XDR (Traps)

CrowdStrike Falcon

Palo Alto Networks Cortex XDR (Traps)

CrowdStrike Falcon vs Palo Alto Networks Cortex XDR (Traps)