We performed a comparison between CrowdStrike Falcon and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer CrowdStrike Falcon over Trend Micro XDR for its setup process, lightweight design, efficient resource usage, and accurate threat detection. It also offers useful features like Overwatch and a user-friendly dashboard.
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"Microsoft Defender XDR is scalable."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The integration between all the Defender products is the most valuable feature."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"Since we deployed CrowdStrike, the network has become much calmer, and we now understand the sources of infections, which helps us prevent them from spreading."
"The feature I like the most is the solution's detection."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
"We can scale the product as needed."
"The setup is fairly simple."
"The centralized visibility is good."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"VisionOne offers a clear window into the security posture of our endpoints."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The support team is not competent or responsive."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The mobile app support for Android and iOS is difficult and needs improvement."
"There could be a way to proactively monitor unusual activity ."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."
"In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it."
"Too many false positives."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
"There isn't a lot I'd do to change it. The web interface could be improved to sort of make it a little easier to manage multiple clients out of one location. It could also be made a bit easier to sort of manage the licensing side of it."
"The information captured by Trend Vision One needs to be more detailed."
"The zero trust is a bit complicated compared to other parts of the solution."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"It is very expensive."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. CrowdStrike Falcon is rated 8.8, while Trend Vision One is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Fortinet FortiEDR, whereas Trend Vision One is most compared with Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks and Fortinet FortiEDR. See our CrowdStrike Falcon vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
