CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.
$59.99
per endpoint/month (minimum number of endpoints applies)
PortSwigger Burp Suite
Score 9.4 out of 10
N/A
The Burp Suite, from UK-based alcohol-themed software company PortSwigger Web Security, is an application security and testing solution.
N/A
Pricing
CrowdStrike Falcon
PortSwigger Burp Suite
Editions & Modules
Falcon Go (Small Business)
$59.99
per endpoint/month (minimum number of endpoints applies)
Falcon Go (Small Business)
$59.99
Falcon Pro
$99.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise
$184.99
per endpoint/month (minimum number of endpoints applies)
I have evaluated Cortex XDR and SentinelOne Singularity alongside CrowdStrike Falcon, and while all three are capable enterprise-grade solutions, Falcon ultimately stood out due to its cloud-native architecture, broader modular coverage, and stronger identity-focused detection. …
It was just a legacy AV program onboarded during initial setup days. As the org. As it expanded, its threat landscape also grew, and we needed a next-gen solution to protect against evolving threat vectors. Falcon EDR was the one that solved all these in a single place.
Depends on your network architecture.. NDR can be very expensive. EDR works on almost all network architectures, even those segmented networks. However if you rely on centralized switch and older style of network architecture, NDR should be asses and considered, especially if …
It stacks on top. We love the ease of use, the third-party integration, having AI, and the CrowdStrike team was way more helpful with our team, so that adoption was within a couple of months. We also compared prices, and the value was higher, with a faster ROI, which helps our …
There really wasn't a question. CrowdStrike is best in class and really doesn't have an equal in this space, any other threat protection vendor is a compromise in some area, and even though we are paying for the premier service, we can feel comfortable and protected with our …
Sentinelone is bit complicated language use in there console in compare to CrowdStrike Falcon. CrowdStrike Falcon have much big modules and features but sentinelone don't. CrowdStrike Falcon have one single unified agent and in sentinelone bit confused in selection of agent …
CrowdStrike is by far the superior product as we have had zero problems since installing compared to Trend where is positively failed us. We switched and again have had zero issues with the product and it protects our environment as it should without much interaction.
CrowdStrike Falcon is way ahead of Symantec, and covers features that defender XDR doesn't, even if you purchase all the addons. I think the only real competitors are Sentinel One, maybe Palo Alto or Huntress, or Carbon Black.
In my opinion, CrowdStrike Falcon provides superior detection and prevention capabilities over Jamf Protect. At the time we purchased (2017) CrowdStrike Falcon was more advanced than SentinelOne and Microsoft Defender for Endpoint.
CrowdStrike Falcon is an industry leader in this sector and is superior in its low overhead agent, having minimal impact on end-users. We plan to migrate our macOS fleet when our existing contract expires.
Advance detection capability.Overwatch threat hunt team which proactively hunts your environment Interactive sandbox. Reduced false positives & ease of whitelisting to granular level.AI and ML can analyze events to identify subtle patterns that might indicate malicious …
In my opinion, CrowdStrike Falcon does a better job of detection than Carbon black in all forms. Compared to SentinelOne XDR, CrowdStrike Falcon does a better job of finding potential threats even though the machine learning based detection cause more False Positives than the …
It is superior on the following two: Advanced threat detection because AI and ML can analyze vast amounts of data to identify subtle patterns that might indicate malicious activity, even zero-day attacks (previously unknown threats).Reduced false positives because it can help …
At the time of purchase CrowdStrike provided the best featureset and value proposition for the organisation. The cloud first nature of the product and the mix of heuristic and behaviour based detection technologies was better than anything else that we looked at.
In addition to PortSwigger Burp Suite, I have evaluated other web application security tools like OWASP ZAP, Acunetix, and Nessus. While Nessus is excellent for network and infrastructure vulnerability scanning, it lacks the deep, interactive web application testing features …
OWASP Zap is ok, but is open source. I find that PortSwigger Burp Suite is a more feature rich application and continues to come out with new features. PortSwigger Burp Suite also has a much bigger ecosystem for integrations making it worth the price. I feel OWASP ZAP is more …
Burp was getting us more accurate results. This doesn't mean that the other tools are bad. They just didn't suit our company. Since our products had many business logic bases testing requirements, it was hard for other tools to perform. Burp on the other had worked perfectly …
Each tool is specific and are good for what they do. While Burp Suite can perform some level of the same functions, somehow security consultants prefer these tools as additional to the Burp Suite. Maybe due to open source and easy setup when compared to Burp Suite. But Burp …
The only other tool I use that works like Burp Suite is the OWASP ZAP. It works a lot like Burp but just has a different layout. I prefer how Burp has the tabs for Repeater, Intruder, Decoder, ect.
We used Zap by OWASP as well. Zap is not as mature, however, it explained a lot of the scan results better, but was far more difficult to setup for custom applications. Scanning requests and altering headers in Zap was simply not as easy or visually explained as in Burp.
Burp Suite stacks up fairly well against these other two products both of which are quite expensive to license. The best other product I would suggest is OWASP Zed Attack Proxy or ZAP. It performs quite well and the cost of the product is free. ZAP is an Open Source product. …
Burp Suite is more difficult to master, but only because of the extensive functionality and customization options. It is much more affordable than its competition and deserves its recognition as a top tool in the industry.
CrowdStrike Falcon is ideal for large, cloud-native enterprises that prioritize advanced behavioral detection and have a mature SOC to manage their intelligence. However, its cloud-reliant architecture makes it a poor fit for air-gapped or offline networks. Additionally, small organizations with limited staffing may find it difficult to manage, while teams that require integrated SOAR and vulnerability management might be discouraged by the need for additional licensing to unlock those capabilities.
It's great for intercepting and changing login request. For one client i had done testing of their website, and after intercepting and changing the request, I got IDOR vulnerability and it's a very high vulnerability i gave it in the report, and with the BAPP store, I downloaded the IIS TILDE enumeration and got a vulnerability.
The interface is a big problem: No matter how many features a software provides you, if the features are not well presented, you will miss most of them when they are actually required. The presentation of the software should be improvised and made more presentable.
Tutorial videos for beginners: This software lacks a lot in tutorials. A beginner almost wastes most of the time in finding and understanding the features and the implementation of the same. The software vendor should work on providing more in-depth videos so that people can learn and understand the concepts.
Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.
I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.
Easy to use once you learn it; however, the user interface is not very intuitive at first view. Port Swigger does provide a lot of video resources for self-paced learning which helps. Most of the end users for PortSwigger Burp Suite will be technical and should be able to learn the product with the free resources.
Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.
BurpSuite does not have an amazing customer support. All the major help that you will find is from public forums and Google. Although you will find all the required information on Google, still at time professional support helps you solve the problem in much less time and make your operations go smoothly.
There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.
The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.
I have evaluated Cortex XDR and SentinelOne Singularity alongside CrowdStrike Falcon, and while all three are capable enterprise-grade solutions, Falcon ultimately stood out due to its cloud-native architecture, broader modular coverage, and stronger identity-focused detection. Cortex XDR performs very well in environments already heavily invested in the Palo Alto ecosystem, particularly for network-to-endpoint correlation, but it introduces additional complexity and infrastructure overhead. SentinelOne excels in autonomous remediation and offline protection, especially with ransomware rollback, but is more endpoint-centric and comparatively limited in native identity and exposure-risk context. CrowdStrike Falcon provided the best overall balance by combining NGAV, EDR, identity protection, exposure management, threat intelligence, and managed hunting within a single lightweight agent and unified console, enabling better scalability, faster investigations, reduced tool sprawl, and stronger protection against modern identity-driven attacks, making it the most aligned choice for our security and operational objectives.
Burp Suite stacks up fairly well against these other two products both of which are quite expensive to license. The best other product I would suggest is OWASP Zed Attack Proxy or ZAP. It performs quite well and the cost of the product is free. ZAP is an Open Source product. If, however, you do not want to use an open source product I would either go with Burp Suite or look into the more expensive Rapid7 AppSpider.
Due to some of the difficulties with Support and Sales, we are likely looking to change to another vendor. We sometimes don't feel like customers.
When the bluescreen incident occurred (worldwide outage) in July 2024, we were unable to contact support due to the high volume of calls at the same time. We had to figure out how to remediate it ourselves, which we did, and recovered before the vendor's official release of fixes. It shook my confidence in them.
The product itself performed well over the last 2 years, which has kept us safe and productive. The product is good.