CrowdStrike Falcon vs Microsoft Defender XDR comparison

CrowdStrike and Microsoft are both solutions in the Extended Detection and Response (XDR) category. CrowdStrike is ranked #1 with an average rating of 8.8, while Microsoft is ranked #5 with an average rating of 8.4. CrowdStrike holds a 22.0% mindshare in XDR, compared to Microsoft’s 10.2% mindshare. Additionally, 97% of CrowdStrike users are willing to recommend the solution, compared to 97% of Microsoft users who would recommend it.

CrowdStrike Falcon

Read 122 CrowdStrike Falcon reviews

20,814 Views
15,381 Comparison Views

97% willing to recommend

Microsoft Defender XDR

Read 89 Microsoft Defender XDR reviews

7,029 Views
5,340 Comparison Views

97% willing to recommend

CrowdStrike Falcon

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 5, 2024

CrowdStrike Falcon and Microsoft Defender are both Extended Detection and Response (XDR) solutions that offer endpoint protection and threat detection capabilities. CrowdStrike Falcon is a standalone platform, whereas Defender XDR integrates seamlessly with Microsoft security products.

Features: CrowdStrike excels in advanced threat detection with machine learning algorithms for proactive threat hunting and customizable alert settings. Defender XDR prioritizes a streamlined incident response experience with automation capabilities. CrowdStrike provides more granular control over alerts and offers a wider range of integrations with third-party security tools. Defender XDR integrates seamlessly with other Microsoft security products for a unified experience within the Microsoft ecosystem.
Pricing and ROI: Pricing structures for both solutions can be complex and depend on factors like organization size and features needed. However, CrowdStrike pricing is competitive but generally has a higher upfront cost. Both platforms offer significant improvements in security posture, potentially leading to a positive ROI through reduced breaches and faster incident response.
Room for Improvement: CrowdStrike users mention complexities in customizing alerts and reports, and some reviewers find its pricing less flexible compared to Defender XDR. Microsoft Defender users desire better threat detection and improved integration with other tools outside the Microsoft ecosystem.
Deployment and Setup: CrowdStrike Falcon is a cloud-native solution, offering a faster and easier deployment process. Microsoft Defender XDR leverages existing Microsoft infrastructure, but setup might require more configuration for organizations with limited Microsoft product usage.
Customer Support: CrowdStrike users consistently rank customer support as highly responsive and knowledgeable. While Defender XDR support receives positive marks, some users might miss the dedicated account management offered by CrowdStrike.

The summary above is based on 207 interviews we conducted recently with CrowdStrike Falcon and Microsoft 365 Defender users. To access the review's full transcripts, download our report.

To learn more, read our detailed CrowdStrike Falcon vs. Microsoft Defender XDR Report (Updated: October 2024).

Buyer's Guide

CrowdStrike Falcon vs. Microsoft Defender XDR

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

CrowdStrike Falcon

Ranking in Endpoint Detection and Response (EDR)

1st

Ranking in Extended Detection and Response (XDR)

1st

Average Rating

8.6

Reviews Sentiment

8.3

Number of Reviews

122

Ranking in other categories

Endpoint Protection Platform (EPP) (3rd), Identity Management (IM) (5th), Threat Intelligence Platforms (2nd), Active Directory Management (2nd), Attack Surface Management (ASM) (1st), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (2nd)

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

5th

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Microsoft Security Suite (2nd)

Mindshare comparison

As of November 2024, in the Extended Detection and Response (XDR) category, the mindshare of CrowdStrike Falcon is 22.0%, down from 23.1% compared to the previous year. The mindshare of Microsoft Defender XDR is 10.2%, up from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Chintan-Vyas

Associate Director at KPMG

May 29, 2022

Easy to set up with good behavior-based analysis but needs a single-click recovery option

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Read full review

Desray Liu

Project Manager at Freedom Systems Inc.

Nov 28, 2023

A time-saving and easy-to-integrate product that needs to offer a control center to users

As a part of Microsoft's attempt to reduce costs, there has been a direct cut down of the local technical support team. Sometimes, you have to use the technical support offered by Microsoft from other countries, but at times, we speak different languages, just like how people speak in Chinese or Mandarin, but there are still some differences between them. The front-line support from Microsoft has only limited technical abilities or access to their internal system. Sometimes, my company cannot even escalate an issue to Microsoft's senior team members. The support team of Microsoft is nice as they attempt to solve the problems together with you, but I believe that due to some cost-related issues, they don't have enough permissions. Sometimes, users might feel blocked when trying to connect with the support team. I rate the technical support a seven out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Scalability is good. We have had no issues with it."

"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."

"CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."

"I like the Overwatch feature the most."

"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."

"The threat intelligence is the most valuable feature."

"It's given me a level of confidence that my network is secure."

"The most useful feature is that we do not need to install or keep signature files. Regular scanning that consumes a lot of computer resources is not needed."

More CrowdStrike Falcon pros

"The best feature is probably the alert generation. When I do a security reset, the other session triggers instantly from the Defender console, and I can work on it. The policies are three times, but they are also ready to install it."

"The solution is well integrated with applications. It is easy to maintain and administer."

"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."

"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."

"The most valuable features are machine learning, AI, and auto-remediation of none malicious alerts."

"The integration with other Microsoft solutions is the most valuable feature."

"The ability to integrate and observe a more cohesive narrative across the products is crucial."

"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."

More Microsoft Defender XDR pros

Cons

"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."

"The console is a little cluttered and at times, finding what you're looking for is not intuitive."

"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."

"We'd like to see more integration capabilities."

"An improvement would be to extend support to legacy and unsupported servers."

"We can't do scanning audits or device blocking or application control."

"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."

"Falcon could include more integrative features."

More CrowdStrike Falcon cons

"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

"The web filtering solution needs to be improved because currently, it is very simple."

"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."

"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."

"There could be a way to proactively monitor unusual activity ."

"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."

"The licensing is a nightmare and has room for improvement."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"We pay between $30-50 per user for a yearly license, which is more expensive than SentinelOne or Bitdefender. However, CrowdStrike gives better value for money."

"As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing."

"The solution's pricing is great for us."

"The pricing and licensing are fairly good. It is definitely not a cheap product, but I have felt that it is worth the money that we spent. So, we have discussed it in the past, and were like, "Yes, it is probably pricier than some other solutions, but we also feel they really are the leader. We are very comfortable with their level of expertise. So, it's kind of worth the price that we pay.""

"When comparing to Microsoft, CrowdStrike Falcon is more expensive."

"Annual licensing."

"The cost is usually a challenge in the industry. I think we pay around sixty-eight dollars."

"Different components are additional price points. We got the components that were right for us, but other organizations may require more (or less) components to suit their needs."

More CrowdStrike Falcon pricing and cost advice

"Microsoft Defender XDR is priced high."

"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."

"The solutions price is fair for what they offer."

"Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."

"For Defender, they have Endpoint Plan 1 and Endpoint Plan 2, but I don't know on what basis they have classified Endpoint Plan 1 and Plan 2, but it has given me enough pain to pick and design Endpoint Plan 1 or Endpoint Plan 2 for my organization. In fact, we are still struggling with it. Too many SKUs are confusing. There should not be too many SKUs, and they shouldn't charge for every new feature."

"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."

"The solution is too expensive."

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

11%

Manufacturing Company

Government

Computer Software Company

17%

Financial Services Firm

10%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is reasonable. It's cheaper than other options.

See all answers

What needs improvement with Microsoft 365 Defender?

The solution could enhance the threat Intelligence feature by making it more relevant to specific industries. Much of the threat intelligence information isn't directly applicable to our environmen...

See all answers

Comparisons

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 5% of the time

Darktrace vs CrowdStrike Falcon

Compared 4% of the time

Kaspersky Endpoint Detection and Response vs CrowdStrike Falcon

Compared 4% of the time

Symantec Endpoint Security vs CrowdStrike Falcon

Compared 3% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 3% of the time

More CrowdStrike Falcon Competitors

Wazuh vs Microsoft Defender XDR

Compared 8% of the time

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 8% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 4% of the time

Fortinet FortiEDR vs Microsoft Defender XDR

Compared 3% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

CrowdStrike Falcon

November 2024

Download CrowdStrike Falcon product report

Buyer's Guide

Microsoft Defender XDR

November 2024

Download Microsoft Defender XDR product report

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Learn More

CrowdStrike

Microsoft

Overview

CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.

CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features, although some users highlight high pricing, occasional detection delays, and challenges with integration. Frequent alerts and the mobile app's performance are areas for improvement.

What are the key features of CrowdStrike Falcon?

Real-time Threat Detection: Provides immediate threat identification and response.
Lightweight Agent: Minimal impact on system performance.
Cloud-native Architecture: Ensures flexibility and scalability.
Advanced AI Capabilities: Enhances threat detection and prevention.
Comprehensive Endpoint Visibility: Complete insight into endpoint activities.
Detailed Reporting: Facilitates compliance and forensic analysis.
Security Tool Integration: Seamless integration with other tools.
Efficient Customer Support: Robust support services.

What are the benefits or ROI of CrowdStrike Falcon?

Improved Threat Detection: Identifies sophisticated threats, reducing risk.
Enhanced System Performance: Lightweight agent ensures minimal disruption.
Faster Response Times: Swift reaction to incidents minimizes damage.
Better Compliance: Detailed logs meet regulatory requirements.
Streamlined Deployment: Easy to implement with minimal downtime.

In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Sample Customers

Information Not Available

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

CrowdStrike Falcon vs. Microsoft Defender XDR

October 2024

Free Report: CrowdStrike Falcon vs. Microsoft Defender XDR

Find out what your peers are saying about CrowdStrike Falcon vs. Microsoft Defender XDR and other solutions. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. Microsoft Defender XDR report.

See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.