CrowdStrike Falcon and Microsoft Defender are both Extended Detection and Response (XDR) solutions that offer endpoint protection and threat detection capabilities. CrowdStrike Falcon is a standalone platform, whereas Defender XDR integrates seamlessly with Microsoft security products.
The summary above is based on 207 interviews we conducted recently with CrowdStrike Falcon and Microsoft 365 Defender users. To access the review's full transcripts, download our report.
Ever since we turned on the M5 feature set back in June, we have seen a reduced number of potentially malicious clicks and faster alerting when incidents occur.
The CrowdStrike team is very efficient; I would rate them ten out of ten.
You get stuck in low-level support for way longer than you should, instead of them escalating the issue up the chain.
It's critical to escalate SEV B issues immediately to a domestic engineer.
The technical support from Microsoft Defender XDR has been disappointingly slow.
It has adequate coverage and is easy to deploy.
When it comes to scalability, it is entirely based on premium models according to demand.
Microsoft Defender XDR shows tremendous scalability, much more so than on-premises solutions.
It is suitable for enterprise-level deployment but has room for improvement.
I have never seen instability in the CrowdStrike tool.
We are following N-1 versions across our environment, which is stable.
The service has remained consistently online, with any issues isolated to specific components, suggesting a well-designed and modular architecture.
The services within our ecosystem have been reliable, meeting their SLAs.
Simplifying the querying process, such as using double quote queries or directly obtaining logs based on IP addresses or usernames, would be beneficial.
Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options.
Threat prevention should be their first priority.
The licensing process needs improvement and clarification.
Improvements are needed in automated response capabilities.
Some inconsistencies exist between blades, which could be improved for a more seamless user and UI experience.
It is expensive compared to SentinelOne, but as the market leader, it is worth it.
I would rate the pricing as eight out of ten, indicating it is a reasonable cost for the product.
Microsoft purposefully obfuscates this through marketing ploys to hide costs.
There are no issues with pricing, but sometimes, the clarity in licensing is a concern.
I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections.
The machine learning behavior for anomaly detection is a valuable feature.
Real-time response (RTR) is a feature of EDR.
With Microsoft threat intelligence information, it detects various types of threats, including insider attacks, malicious content, and data exfiltration.
It's because endpoint management is my primary focus, and this feature integrates well with my other skills.
The Email Explorer feature has proven invaluable, offering a broader perspective than automated alerts and incidents alone.
CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.
CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features, although some users highlight high pricing, occasional detection delays, and challenges with integration. Frequent alerts and the mobile app's performance are areas for improvement.
What are the key features of CrowdStrike Falcon?
What are the benefits or ROI of CrowdStrike Falcon?
In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.
Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.
It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.
Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.
Watch the Microsoft demo video here: Microsoft Defender XDR demo video.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.