CrowdStrike Falcon vs. Microsoft Defender for Endpoint

CrowdStrike Falcon

CrowdStrike Falcon

353 Reviews and Ratings

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint

270 Reviews and Ratings

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
CrowdStrike Falcon	Score 9.1 out of 10	N/A	CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.	$59.99 per endpoint/month (minimum number of endpoints applies)
Microsoft Defender for Endpoint	Score 8.9 out of 10	N/A	Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.	$2.50 per user/per month

Pricing

CrowdStrike Falcon

Microsoft Defender for Endpoint

Editions & Modules

Falcon Go (Small Business): $59.99
per endpoint/month (minimum number of endpoints applies)
Falcon Go (Small Business): $59.99
Falcon Pro: $99.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise: $184.99
per endpoint/month (minimum number of endpoints applies)

Academic: $2.50
per user/per month
Standalone: $5.20
per user/per month

Offerings

Pricing Offerings
CrowdStrike Falcon	Microsoft Defender for Endpoint
Free Trial
Yes	Yes
Free/Freemium Version
No	No
Premium Consulting/Integration Services
Yes	No

Entry-level Setup Fee

No setup fee

No setup fee

Additional Details

—

—

More Pricing Information

Community Pulse
	CrowdStrike Falcon	Microsoft Defender for Endpoint
Considered Both Products	CrowdStrike Falcon Verified User Director Chose CrowdStrike Falcon In my opinion, CrowdStrike Falcon provides superior detection and prevention capabilities over Jamf Protect. At the time we purchased (2017) CrowdStrike Falcon was more advanced than SentinelOne and Microsoft Defender for Endpoint. Incentivized Helpful? Humayoon Khan Team Lead Cyber Security Chose CrowdStrike Falcon It was the easiest to deploy and manage, while the dashboard was also very clear and precise in terms of useful information. Another major reason in selection CrowdStrike Falcon was its AI and ML detection capabilities which really impressed us during evaluation. Other tools … Incentivized Helpful? Verified User Manager Chose CrowdStrike Falcon At the time of purchase CrowdStrike provided the best featureset and value proposition for the organisation. The cloud first nature of the product and the mix of heuristic and behaviour based detection technologies was better than anything else that we looked at. Incentivized Helpful? Verified User Professional Chose CrowdStrike Falcon Since CrowdStrike is a cloud-native platform, it reduces the need to maintain many servers on-premise and worldwide architecture. McAfee uses very high CPU and RAM resources on endpoints and servers. Identity protection feature is a huge step towards zero trust implementation. Helpful? Verified User Analyst Chose CrowdStrike Falcon The logs analysis is very easy to use as it uses splunk in the backend. The automated SOAR features helps to save time and response on the incidents. The threat intelligence is very up-to-date with the recent cyber attacks. Incentivized Helpful? Verified User Manager Chose CrowdStrike Falcon CrowdStrike Falcon Endpoint certainly comes in with a slight price premium compared to other offerings, but when you're talking about your last line of defense against malware it's well worth it. From a feature perspective, many players offer similar feature sets but what sets … Incentivized Helpful? Bryan Bowie Principal Incident Responder (Sr.) Chose CrowdStrike Falcon I was not part of the selection process; however after speaking with the team that did make the call, the following where the key scenarios or features that ultimately made the decision. The number one decision from the support team was the client deployment and management of … Incentivized Helpful?	Microsoft Defender for Endpoint Bhuwan Chandra Business Development Manager Chose Microsoft Defender for Endpoint CrowdStrike Falcon EDR is one the Best solution available in Market ,However, I think they are lack in Threat visibility and Vulnerability assessment& Management for application versions & configurations . Incentivized Helpful? Verified User Vice-President Chose Microsoft Defender for Endpoint CrowdStrike Falcon, and Sentinel One are other big ones that we use a bit. Cisco Secure Endpoint we've evaluated as well. Cisco Secure Endpoint capability-wise doesn't match up to Defender, SentinelOne, and CrowdStrike both do, but the cost profiles are a bit higher. So most of … Incentivized Helpful? SU Shital Ulagadde Senior Cyber Security Consultant Chose Microsoft Defender for Endpoint CrowdStrike Falcon is also a good solution for endpoint protection which offer EDR Soultion, threat hunting and AI driven threat protection. Sophos Intercept X combines next-gen antivirus with advanced EDR capabilities with its deep learning technology, exploit prevention, and … Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is the most cost effective solution considering our Microsoft 365 licensing status. While many 3rd party solutions are great and have been used over the years, in the non-profit world, cost is a huge driving factor of items. Coupled with … Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is on par or exceeds the competitor products and provides an enterprise grade EDR solution. Based on the savings by bundling Microsoft products under the E5 license and the benefits it provides; it is an excellent choice for customers looking for … Incentivized Helpful? Verified User Manager Chose Microsoft Defender for Endpoint Crowdstrike is the more feature complete product but licensing model and cost does not work well with the small business model. ESET PROTECT is considerably more complicated from a licensing perspective but once operational is a fine product. Incentivized Helpful? Verified User Technician Chose Microsoft Defender for Endpoint We use Microsoft Defender for Endpoint along with Crowdstrike on some of our critical systems as it enhances the protection we have for our environment. Incentivized Helpful? PH Paolo Heuer Cybersecurity Director Chose Microsoft Defender for Endpoint We previously used CrowdStrike on our servers. However, the seamless integration of Microsoft Defender (MD) with XDR and the entire Microsoft ecosystem led us to choose Microsoft Defender for Endpoint (MDE). Incentivized Helpful? Joy Dutta Lead Engineer Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is more advantageous in our windows heavy infrastructure and it was unparalled in the ease of integration with windows endpoints. Security breaches, system crashes and outages with other competitors like Crowdstrike made it easier for us to go … Incentivized Helpful? Verified User Administrator Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is unique for its effortless deployment into the Microsoft ecosystem, where it taps the broadest set of threat intelligence from more than 1.5 billion endpoints. Its state-of-the-art AI-powered automated investigation and remediation minimize … Incentivized Helpful? Verified User Employee Chose Microsoft Defender for Endpoint CrowdStrike and SentinelOne. CrowdStrike, you have to deploy it, but it's the defender, it's already baked into the operating system. Same thing with SentinelOne. Incentivized Helpful? Verified User Employee Chose Microsoft Defender for Endpoint Easier to integrate, less hidden fees, easier to maintain, and easier to update. Support is much better on the Microsoft side than CrowdStrike. Incentivized Helpful? Verified User Contributor Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint stacks up well against it competitors. It detects malicious files faster than other tools like CrowdStrike. Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Competitive Pricing Incentivized Helpful? JN Jamil Niazi CIO Chose Microsoft Defender for Endpoint Because this product is easier to use and has a lot of development and Microsoft's behind it. Incentivized Helpful? Verified User Engineer Chose Microsoft Defender for Endpoint I have worked with CrowdStrike and Carbon Black. Because of the performance in Linux environments. Incentivized Helpful? VK VIJAY KANAL NATIONAL PRODUCT MANAGER Chose Microsoft Defender for Endpoint Microsoft comes as a bundle suite and for other solutions the purchasing needs to be done separately. Helpful? RK RUSHABH KADCHHUD Associate Director - Practice Lead, Network and Systems Engineering Chose Microsoft Defender for Endpoint Enterprise Endpoint Protection: Microsoft Defender for Endpoint is well suited for large organizations with numerous endpoints, such as desktops, laptops, and servers, as it provides centralized management and monitoring of security across the entire network. Microsoft … Incentivized Helpful? Rahul Deshmukh Security Solutions Architect Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is east to deploy, hence safed lot of efforts in implementation and management. When I evaluated CrowdStrike I found that not all threats are identified in it, which was a matter of concern for us. We also had issues with configuration and … Incentivized Helpful? WH William Huang Lead Security Architect Chose Microsoft Defender for Endpoint I would say Microsoft Defender for Endpoint is a little behind compared to those two market leaders in the space. However, Microsoft Defender for Endpoint is easy to deploy and manage for windows devices and the cost is more reasonable. Incentivized Helpful? Verified User Team Lead Chose Microsoft Defender for Endpoint Mostly it runs smoothly on host without impacting performance as other AVs like Symantec's impacts performance issue of host. Also because it's still a good product overall price range. Can upgrade to EDR solution with not much difficulty & onboarding on tool is not that … Incentivized Helpful? Verified User Consultant Chose Microsoft Defender for Endpoint CrowdStrike and Sentinel One, I believe. I think Microsoft's products far superior. Incentivized Helpful?

Features

CrowdStrike Falcon

Microsoft Defender for Endpoint

Endpoint Security

Comparison of Endpoint Security features of Product A and Product B
	CrowdStrike Falcon 8.7 96 Ratings 3% above category average	Microsoft Defender for Endpoint 8.7 77 Ratings 3% above category average
Anti-Exploit Technology	9.087 Ratings	8.874 Ratings
Endpoint Detection and Response (EDR)	9.294 Ratings	9.176 Ratings
Centralized Management	8.995 Ratings	8.876 Ratings
Hybrid Deployment Support	8.24 Ratings	7.210 Ratings
Infection Remediation	8.991 Ratings	9.074 Ratings
Vulnerability Management	7.671 Ratings	8.671 Ratings
Malware Detection	9.394 Ratings	9.175 Ratings

Best Alternatives
	CrowdStrike Falcon	Microsoft Defender for Endpoint
Small Businesses	ThreatLocker Score 9.4 out of 10	ThreatLocker Score 9.4 out of 10
Medium-sized Companies	BlackBerry Protect (CylancePROTECT) Score 9.1 out of 10	BlackBerry Protect (CylancePROTECT) Score 9.1 out of 10
Enterprises	BeyondTrust Endpoint Privilege Management Score 9.9 out of 10	BeyondTrust Endpoint Privilege Management Score 9.9 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	CrowdStrike Falcon	Microsoft Defender for Endpoint
Likelihood to Recommend	9.1 (99 ratings)	8.9 (136 ratings)
Likelihood to Renew	10.0 (3 ratings)	8.4 (10 ratings)
Usability	10.0 (2 ratings)	8.7 (11 ratings)
Availability	- (0 ratings)	9.1 (1 ratings)
Performance	- (0 ratings)	9.1 (1 ratings)
Support Rating	10.0 (9 ratings)	9.0 (7 ratings)
In-Person Training	9.0 (1 ratings)	- (0 ratings)
Implementation Rating	10.0 (1 ratings)	7.3 (1 ratings)
Configurability	- (0 ratings)	8.2 (1 ratings)
Product Scalability	- (0 ratings)	9.1 (1 ratings)

User Testimonials
	CrowdStrike Falcon	Microsoft Defender for Endpoint
Likelihood to Recommend	CrowdStrike CrowdStrike Falcon is well suited for any size of environment. Large to small, CrowdStrike Falcon does an amazing job. The ability to have the same security as a fortune 500 company and have a solution that sees the same threats that they are seeing is amazing. I do not think that there is a company or environment that wouldn't benefit from the CrowdStrike Falcon solution. Incentivized Verified User Anonymous Read full review	Microsoft It is well integrated with the Microsoft Admin center providing a quick way to find everything you're looking for. However, if there is a problem that needs addressed, you may have to click through a few more pages to find the solution. It will definitely let you know what's going on in your environment. Incentivized Verified User Anonymous Read full review
Pros	CrowdStrike The Log analysis is very detailed and easy to use. Prevent and block all type of malwares. Great threat intelligence which is very up-to-date with the recent cyber attacks very user friendly in access and management Automated feature of detecting, taking action and closing incidents using fusion workflow. Incentivized Verified User Anonymous Read full review	Microsoft One, it's crazy lightweight, so compared to some of the competitors that we also have used with our security services, it's really lightweight and so I don't have a lot of overhead on the system that it's running on. It does really fantastic PowerShell integration. Incentivized Verified User Anonymous Read full review
Cons	CrowdStrike Support - we are often tasked with running down problems rather than being directed by support. The sales staff we have dealt with are not very responsive or timely. I believe this is a product built for installations of 300 users or more. Incentivized Verified User Anonymous Read full review	Microsoft So the fact that Defender for Endpoint still works with signatures is actually, I don't know, a little difficult for us because, I mean, since Microsoft trusts those signatures, you can easily inject code. And we've done it many times. To show that you can inject code through vulnerabilities like CV 2013, 99, and 33 but still keep the signature. So because of the trust of those signatures, the malware just kind of slides into the environment without Defender knowing. That's the first part. The second part is that the behavioral analysis is not precisely its Prime. It's not Defender's best capability for endpoints. So, Defender does not identify all behaviors considered by other EDRs in the market. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	CrowdStrike Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI. Incentivized Verified User Anonymous Read full review	Microsoft Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market Incentivized Verified User Anonymous Read full review
Usability	CrowdStrike I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers. Incentivized FM Fotis Mastakas Fotis Mastakas Read full review	Microsoft It offers multiple security features and integrates well with Microsoft ecosystems. A workflow for threat detection, investigation, automated remediation, and a centralized dashboard is an added advantage. This application is mainly designed for experienced users; new users may feel challenged. Incentivized Verified User Anonymous Read full review
Reliability and Availability	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed. Incentivized Verified User Anonymous Read full review
Performance	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint is easy on memory and resources on clients. Incentivized Verified User Anonymous Read full review
Support Rating	CrowdStrike Any time we need to engage the Crowdstrike Falcon Complete Team, their response is switch, thorough, and they are sure to not close out any request until the customer confirms that they have provided an acceptable resolution. If I ever need anything from the account team related to the product, I also get a response from them within minutes typically to address my question. Top notch customer service! Incentivized Verified User Anonymous Read full review	Microsoft The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session Incentivized Joe Aldeguer IT Director Read full review
In-Person Training	CrowdStrike There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Online Training	CrowdStrike The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Implementation Rating	CrowdStrike Read the documentation Incentivized Verified User Anonymous Read full review	Microsoft Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out. Incentivized Verified User Anonymous Read full review
Alternatives Considered	CrowdStrike It stacks on top. We love the ease of use, the third-party integration, having AI, and the CrowdStrike team was way more helpful with our team, so that adoption was within a couple of months. We also compared prices, and the value was higher, with a faster ROI, which helps our finance department start the project promptly. Incentivized Verified User Anonymous Read full review	Microsoft Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get many of the control features (disabling USB drives) that Sophos offered out of the box. Incentivized MM Michael Miller IT Engineer Read full review
Scalability	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint is easily scaled from small orgs to giant enterprises. Incentivized Verified User Anonymous Read full review
Return on Investment	CrowdStrike CrowdStrike Falcon's proactive threat mitigation has significantly reduced the risk of successful cyber attacks, resulting in tangible savings related to potential data breaches or system compromises. The cloud-native architecture and automated features have improved operational efficiency. The platform's real-time visibility and threat hunting capabilities have drastically improved incident response times. Incentivized James Dilley System Administrator Read full review	Microsoft Reduced incidents of security breaches lead to lower remediation costs and avoid potential financial losses and reputational damage. Reduces the need for additional third-party security solutions and training, thereby lowering overall security management costs. Increased efficiency and productivity of IT staff lead to better allocation of resources and cost savings. Reduces the risk of fines and sanctions associated with non-compliance, ensuring business continuity and protecting revenue. Incentivized CF Carlos Eduardo Faquinello IT Solutions Architect Read full review
ScreenShots		Microsoft Defender for Endpoint Screenshots