We performed a comparison between CrowdStrike Falcon and Forescout XDR based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The integration between all the Defender products is the most valuable feature."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The most valuable feature is the network security."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The threat intelligence is excellent."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"We are happy with CloudStrike's ease of use and touch notification."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"Unfortunately, native applications are not supported."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"Tighter integration around XDR could be included."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"It can be expensive depending on the features you select."
"The product could be more accurate in terms of performance."
"The product is more expensive than other vendors in terms of features."
CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Forescout XDR is ranked 29th in Extended Detection and Response (XDR) with 1 review. CrowdStrike Falcon is rated 8.8, while Forescout XDR is rated 6.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Forescout XDR writes "Provides efficient network access control, but its support services need improvement". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Forescout XDR is most compared with Arctic Wolf Managed Detection and Response.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.