CrowdStrike Falcon vs. Microsoft Defender for Cloud vs. Microsoft Defender for Endpoint

Crowdstrike is a unified platform for monitoring endpoint devices, whether they're workstations, servers, cloud-native machines, or even mobile devices. It uses AI/ML to monitor anomalies and suspicious behavior, including zero-day attacks. It is suitable for large organizations but may be costlier or less appropriate for smaller organizations, those who want an on-prem EDR setup, and those who need custom scanning based on compliance requirements.

Incentivized

Microsoft is well-suited with its definitive cloud, and I also like its Microsoft Intune ID. The conditional policies are great with that, and they're really good and well situated, so you can't beat them at that conditional policy level. Less appropriate, as I said, some of these low-hanging fruit features, like being good in phishing campaigns, and then I feel like maybe doing better at their seam products. So we'll see how that goes.

Incentivized

I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well.

• The Log analysis is very detailed and easy to use.
• Prevent and block all type of malwares.
• Great threat intelligence which is very up-to-date with the recent cyber attacks
• very user friendly in access and management
• Automated feature of detecting, taking action and closing incidents using fusion workflow.

Incentivized

• I like that with Microsoft Defender for Cloud you can track your secure score to see how well you are doing with your security controls.
• There are remediation steps for findings with the platform and some can be fix automatically with a few clicks.
• There are recommendations for exactly what controls to put in place to ensure a more secure environment for Azure.

Incentivized

• Definitely on the threat action and response. We didn't have a stress-response option before, but the dependent brand point provided it instantly. Also, it's doing UVA and machine learning, which we didn't have before. So it's definitely providing more sophisticated threat-detection capabilities than we had before.

Incentivized

• Support - we are often tasked with running down problems rather than being directed by support.
• The sales staff we have dealt with are not very responsive or timely.
• I believe this is a product built for installations of 300 users or more.

Incentivized

• Granular permissions and role-based access management could improve security. This would enable organizations to control who has access to and can set specific features.
• While it offers integration with various Microsoft services, expanding support for third-party cloud platforms and applications would enhance its versatility. Many organizations use multiple cloud providers, and broader compatibility would be advantageous.
• The cost structure could be more transparent, especially for larger organizations with extensive cloud resources. Clearer cost breakdowns and predictions would help organizations budget more effectively.

Incentivized

• The only thing is sometimes, because Microsoft has so many platforms, it gets a little confusing, like am I in the security platform? Am I in Purview? Where am I at right now? Because there's so many sites that are kind of doing a lot of the same thing, and so that does get a little confusing from time to time, but outside of that, it's a pretty good product.

Incentivized

Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.

Incentivized

It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform

Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market

Incentivized

I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.

Incentivized

My visibility is limited because I'm only doing very small pieces of what the overall org does. And also, we have limitations on what we're allowed to use. It's not like we get a new product as users or leadership level users, and everything is on, and we can just do whatever we want. We're very restricted in what we can use any tooling within the org because of the different levels of regulatory constraints we have, because of just the nature of who we are inherently. So that's why. I don't think it's necessarily the product. I think it's more or less of what we're able to do with the product.

Incentivized

Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened

Incentivized

Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.

Incentivized

Microsoft Defender for Endpoint is easy on memory and resources on clients.

Incentivized

Any time we need to engage the Crowdstrike Falcon Complete Team, their response is switch, thorough, and they are sure to not close out any request until the customer confirms that they have provided an acceptable resolution. If I ever need anything from the account team related to the product, I also get a response from them within minutes typically to address my question. Top notch customer service!

Incentivized

The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session

Incentivized

There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.

Incentivized

The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.

Incentivized

Read the documentation

Incentivized

Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.

Incentivized

It was just a legacy AV program onboarded during initial setup days. As the org. As it expanded, its threat landscape also grew, and we needed a next-gen solution to protect against evolving threat vectors. Falcon EDR was the one that solved all these in a single place.

Incentivized

Microsoft Defender for Cloud is definitely the choice with the latest market trend and attacks that are currently happening. Microsoft has been able to safe guard a lot after the recent serious attacks happening globally in the digital world. There is a trust in this software and with the latest updates and machine learning capabilities, Microsoft Defender for Cloud should be the choice.

Incentivized

Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding additional agents. Some of the other vendors and their agents, for a while, would compete with CPU usage. And so it actually slowed down the machines. Because Microsoft Defender for Endpoint is built into the Windows product, Microsoft is going to ensure that it does not affect the other productivity tools that a user may use.

Incentivized

Microsoft Defender for Endpoint is easily scaled from small orgs to giant enterprises.

Incentivized

• CrowdStrike Falcon's proactive threat mitigation has significantly reduced the risk of successful cyber attacks, resulting in tangible savings related to potential data breaches or system compromises.
• The cloud-native architecture and automated features have improved operational efficiency.
• The platform's real-time visibility and threat hunting capabilities have drastically improved incident response times.

Incentivized

• It simplifies security management and saves time. I'm not sure, but I'm very confident it saved me a couple of paychecks by centralizing the data I need to secure the cloud environment.
• I also utilize the inventory overview to monitor my team's activities and verify they are following internal regulations, as well as cost overruns.
• The recommendations can be utilized as a valuable instructional tool. I have the team explain why they are receiving them, why they are not following them, and what they are doing differently.

Incentivized

• Reduced incidents of security breaches lead to lower remediation costs and avoid potential financial losses and reputational damage.
• Reduces the need for additional third-party security solutions and training, thereby lowering overall security management costs.
• Increased efficiency and productivity of IT staff lead to better allocation of resources and cost savings.
• Reduces the risk of fines and sanctions associated with non-compliance, ensuring business continuity and protecting revenue.

Incentivized