CrowdStrike Falcon vs. Palo Alto Networks Cortex XSOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CrowdStrike Falcon
Score 9.1 out of 10
N/A
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.
$6.99
per endpoint/month (for 5-250 endpoints, billed annually)
Palo Alto Networks Cortex XSOAR
Score 8.8 out of 10
N/A
Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.N/A
Pricing
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Editions & Modules
Falcon Pro
$6.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise
$14.99
per endpoint/month (minimum number of endpoints applies)
Falcon Premium
$17.99
per endpoint/month (minimum number of endpoints applies)
No answers on this topic
Offerings
Pricing Offerings
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Considered Both Products
CrowdStrike Falcon
Chose CrowdStrike Falcon
XDR and Crowdstrike were about even for us. Carbon Black was the agent we were replacing due to failures.
Palo Alto Networks Cortex XSOAR

No answer on this topic

Top Pros
Top Cons
Features
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
CrowdStrike Falcon
9.2
34 Ratings
Palo Alto Networks Cortex XSOAR
-
Ratings
Anti-Exploit Technology9.428 Ratings00 Ratings
Endpoint Detection and Response (EDR)9.833 Ratings00 Ratings
Centralized Management9.334 Ratings00 Ratings
Hybrid Deployment Support8.24 Ratings00 Ratings
Infection Remediation9.334 Ratings00 Ratings
Vulnerability Management9.028 Ratings00 Ratings
Malware Detection9.634 Ratings00 Ratings
User Ratings
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
9.4
(37 ratings)
8.6
(8 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(1 ratings)
Support Rating
9.6
(13 ratings)
-
(0 ratings)
Implementation Rating
-
(0 ratings)
10.0
(1 ratings)
User Testimonials
CrowdStrike FalconPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
CrowdStrike
Anyone who is looking for a leader in endpoint protection should consider CrowdStrike Falcon for sure, regardless of specific use cases. Anybody who is operating on a very lean security team that doesn't have the capability to provide 24x7x365 coverage should absolutely consider Falcon Complete. I've worked with various MSSP's in the past, but Falcon Complete is one I would definitely not lose any sleep at night knowing we're in good hands.
Read full review
Palo Alto Networks
XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a
problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click
of a button.
●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real
emails, resulting in compromise through human error.
●Security Teams aren’t able to follow set processes while responding to phishing alerts.
They must coordinate across email inboxes, threat intel, NGFW, ticketing, and
other tools. Each tool has different consoles, data conventions, and contexts,
making it difficult for security teams to fill in the gaps while minimizing
errors. XSOAR is less suited for analyzing traffic.
Read full review
Pros
CrowdStrike
  • Endpoint Isolation - instead of hoping an adversary was blocked in time. CrowdStrike locks down the endpoint beyond using the Windows Firewall. Allowing a whitelist of IPs brings additional management of that endpoint to another level that most other tools don't have.
  • Rich Data Recording - CrowdStrike is best described as a giant tape recorder in the sky. When it lands on the box, it truly provides insight into the those that other tools could only dream of.
  • Extensive APIs - CrowdStrike understands that they are not your only security vendor, so they have API usage for everything in their platform to automate and integrate to your heart's desire.
  • Cloud Visibility - CrowdStrike's cloud monitoring capabilities are agnostic of cloud platform. No longer does one need to worry about putting all their eggs in one basket because the endpoint tool prefers one platform over another.
Read full review
Palo Alto Networks
  • Automation with immediate security responses.
  • Comprehensive phishing protection and increased email protection.
  • Analysis and reporting feature.
  • Intuitive and easy-to-view panels.
  • Alerts by email and sms of incidents for the administration.
  • Centralized monitoring.
Read full review
Cons
CrowdStrike
  • The ability to do a system-level scan like a traditional AV is missing and isn't a feature CrowdStrike is planning on implementing. Old school IT guys are going to be curious about this.
  • Host management and deletion are clunky and take 45 days for a machine to fall off your subscription license.
Read full review
Palo Alto Networks
  • The XSOAR bot creates a lot of noise on the summary page of any XSOAR incident. Although the filter is available to reduce the view, by default this should not be visible cluttering the whole scenario.
  • The interface has too much data on a single pane. I would love to have many buttons to just click and do stuff.
  • Also, I would love to have search areas more interactive and easier to navigate.
Read full review
Likelihood to Renew
CrowdStrike
No answers on this topic
Palo Alto Networks
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Read full review
Support Rating
CrowdStrike
When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.
Read full review
Palo Alto Networks
No answers on this topic
Implementation Rating
CrowdStrike
No answers on this topic
Palo Alto Networks
It was much easier than we all anticipated.
Read full review
Alternatives Considered
CrowdStrike
Crowdstrike Falcon Endpoint protection is based on AIML enhanced technology,l. It's cloud-based so users don't need to connect to their office network to get their policy synchronization done from Server to endpoints agents. Also, the Crowdstrike Falcon agent size is small and it consumes fewer resources of the machine.
Read full review
Palo Alto Networks
The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
Read full review
Return on Investment
CrowdStrike
  • CrowdStrike has cut our security costs.
  • Has given us more insight into our end points.
  • It has helped with our older PC's CPU usage.
  • Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.
Read full review
Palo Alto Networks
  • Demisto has Eased malware analysis and threat hunting
  • With Demisto, it is simple to create playbooks and scripts
  • This is helped automate policy configurations on our PA firewalls through Panorama
Read full review