What users are saying about
13 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
Top Rated
71 Ratings
13 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9.3 out of 100

CrowdStrike Falcon

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener'>Customer Verified: Read more.</a>
Top Rated
71 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9.2 out of 100

Likelihood to Recommend

Azure Sentinel

Azure Sentinel is an excellent option like SIEM. It has cool, smart features and functionality, and is quite powerful in terms of processing information in the cloud. I recommend it to colleagues because it is very easy to deploy and configure, and learn to use it on a daily basis. The panel is super intuitive and rich in details. When opening Sentinel, it is already possible to analyze the indices that happened and those that deserve further attention and treatment.
Flavio Pereira | TrustRadius Reviewer

CrowdStrike Falcon

CrowdStrike continues to be the leader of where it is today by extending the offerings that is has. While there are a number of downfalls of the product, no one other security vendor can rightfully do what CrowdStrike does. Smaller players in the game are able to "pull a feather" here and there but there is no stopping the behemoth that is CrowdStrike. So long as CrowdStrike continues to deliver on its endpoint protection capabilities and levels up their behavioral detections, they are the best buy all day long. For those looking for a company that is clear about what they are monitoring for and how, rule logic, etc.... CrowdStrike is the exact opposite. They are a complete black box that thinks detect logic is magic and protects it all as if it was intellectual property. For some organizations they will likely not care; however, for others with established security teams, this can prove to be an irritant.
Bryan Bowie | TrustRadius Reviewer

Feature Rating Comparison

Security Information and Event Management (SIEM)

Azure Sentinel
9.4
CrowdStrike Falcon
Centralized event and log data collection
Azure Sentinel
9.8
CrowdStrike Falcon
Correlation
Azure Sentinel
9.3
CrowdStrike Falcon
Event and log normalization/management
Azure Sentinel
9.6
CrowdStrike Falcon
Deployment flexibility
Azure Sentinel
8.4
CrowdStrike Falcon
Integration with Identity and Access Management Tools
Azure Sentinel
9.2
CrowdStrike Falcon
Custom dashboards and workspaces
Azure Sentinel
9.0
CrowdStrike Falcon
Host and network-based intrusion detection
Azure Sentinel
9.2
CrowdStrike Falcon
Data integration/API management
Azure Sentinel
9.8
CrowdStrike Falcon
Behavioral analytics and baselining
Azure Sentinel
9.5
CrowdStrike Falcon
Rules-based and algorithmic detection thresholds
Azure Sentinel
9.8
CrowdStrike Falcon
Response orchestration and automation
Azure Sentinel
9.5
CrowdStrike Falcon
Reporting and compliance management
Azure Sentinel
9.6
CrowdStrike Falcon
Incident indexing/searching
Azure Sentinel
9.6
CrowdStrike Falcon

Endpoint Security

Azure Sentinel
CrowdStrike Falcon
9.1
Anti-Exploit Technology
Azure Sentinel
CrowdStrike Falcon
9.1
Endpoint Detection and Response (EDR)
Azure Sentinel
CrowdStrike Falcon
9.5
Centralized Management
Azure Sentinel
CrowdStrike Falcon
9.5
Hybrid Deployment Support
Azure Sentinel
CrowdStrike Falcon
7.9
Infection Remediation
Azure Sentinel
CrowdStrike Falcon
9.3
Vulnerability Management
Azure Sentinel
CrowdStrike Falcon
9.0
Malware Detection
Azure Sentinel
CrowdStrike Falcon
9.4

Pros

Azure Sentinel

  • Free of charge, because it is a tool to work with MS products
  • Easy to configure MS data sources
  • Edit rules of log analytics
  • KQL language is quite similar to SQL
  • Integration with other MS products
  • Adding new analytical rules
  • Nice data visualization
  • Saves our time, when everything is under one roof
Aleksei Jegorov | TrustRadius Reviewer

CrowdStrike Falcon

  • Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
  • Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.
Randy Munroe | TrustRadius Reviewer

Cons

Azure Sentinel

  • In the WFH world sometimes it would be nice to have a local client version when speed isn't the best from home
  • The ability to alert on a mobile device
  • A mobile app to do an investigation while on the move
Michael Bobo | TrustRadius Reviewer

CrowdStrike Falcon

  • We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.
Mark Sauer | TrustRadius Reviewer

Usability

Azure Sentinel

Azure Sentinel 9.3
Based on 6 answers
It can be a little difficult for someone who is not familiar with SIEM, but otherwise, it's easy to learn. With all the features it can be daunting sometimes, but other than that, we were able to get integrated without much of a headache. Azure's products all around are great and we will continue to be customers!
Anonymous | TrustRadius Reviewer

CrowdStrike Falcon

No score
No answers yet
No answers on this topic

Support Rating

Azure Sentinel

Azure Sentinel 8.4
Based on 6 answers
The support is standard Microsoft support. It's not bad, but far from best in the industry. Compared to not having too many online courses/training available, this can be a roadblock, but in all honesty, deployment and day-to-day operations are easy and the product is intuitive. If you know how to read and understand Windows logs and have basic knowledge in any query language, you won't have much difficulty getting around. If you have some urgent investigation to do and you are stuck in understanding what happened and have difficulty correlating logs from different systems, other products probably will have better support where you can call someone and have screen sharing session/assistance in finding what's going on, but you pay premium for that, so at the end it all depends on your budget, technical skills, and comfort level.
Anonymous | TrustRadius Reviewer

CrowdStrike Falcon

CrowdStrike Falcon 8.6
Based on 13 answers
When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.
Anonymous | TrustRadius Reviewer

Alternatives Considered

Azure Sentinel

Azure Sentinel is much more cost effective and affordable than FortiSIEM and especially compared to Splunk Enterprise. Azure Sentinel is easier and faster to implement and does not require having any on-premises setup. It's purely software. There is no need to install any hardware on your network and you do not need to tap into the network and sniff all the traffic. All the software components of the solutions reside in Azure. You need to send the logs to Azure. The only thing that needs to be done on the servers where you want to monitor logs is install a small, small agent that will have the info of your Log Anaytics and a key to be able to connect and upload the logs. If you are versed in Microsoft technology, there is not much training required to get it going. There is the KQL language for writing queries that might be kind of new but then, on the other hand, any SIEM product has its own subscription language and syntax that needs to be learned, so Azure Sentinel is no different.
Anonymous | TrustRadius Reviewer

CrowdStrike Falcon

[Because of] its cloud-based architecture, complete set of features, LDAP integration and massive deployment options. The open integration with another security solution and it's almost native with all Windows flavors including Windows Server. Its Incident Response Team is a one-and-only kind of solution that makes CrowdStrike a really different competitor and a natural leader in cybersecurity market.
Victor Rivera | TrustRadius Reviewer

Professional Services

Azure Sentinel

Azure Sentinel 5.0
Based on 1 answer
Did not use professional services
Michael Bobo | TrustRadius Reviewer

CrowdStrike Falcon

No score
No answers yet
No answers on this topic

Return on Investment

Azure Sentinel

  • In case you [are] using Microsoft cloud products [and] you need a response about security incidents.
  • Most tasks can be automated, you just need to visit the collected logs to see what's happened.
  • Alerts appear on the dashboard, signaling about threats and violations - constant monitoring of the incidents.
Aleksei Jegorov | TrustRadius Reviewer

CrowdStrike Falcon

  • CrowdStrike has cut our security costs.
  • Has given us more insight into our end points.
  • It has helped with our older PC's CPU usage.
  • Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.
Anonymous | TrustRadius Reviewer

Pricing Details

Azure Sentinel

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Azure Sentinel Editions & Modules

Edition
Azure Sentinel$2.461
100 GB per day$123.002
200 GB per day$221.402
300 GB per day$319.802
400 GB per day$410.002
500 GB per day$492.002
More than 500 GB per day$492.00 + $98.403
  1. per GB ingested
  2. per day
  3. per day/plus each additional 100 GB increment
Additional Pricing Details

CrowdStrike Falcon

General

Free Trial
Yes
Free/Freemium Version
Premium Consulting/Integration Services
Yes
Entry-level set up fee?
No

CrowdStrike Falcon Editions & Modules

Edition
Falcon Pro$6.991
Falcon Enterprise$14.992
Falcon Premium$17.992
  1. per endpoint/month (for 5-250 endpoints, billed annually)
  2. per endpoint/month (minimum number of endpoints applies)
Additional Pricing Details

Rating Summary

Likelihood to Recommend

Azure Sentinel
9.7
CrowdStrike Falcon
9.1

Usability

Azure Sentinel
9.3
CrowdStrike Falcon

Support Rating

Azure Sentinel
8.4
CrowdStrike Falcon
8.6

Professional Services

Azure Sentinel
5.0
CrowdStrike Falcon

Add comparison