CrowdStrike Falcon vs Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

Likelihood to Recommend

CrowdStrike continues to be the leader of where it is today by extending the offerings that is has. While there are a number of downfalls of the product, no one other security vendor can rightfully do what CrowdStrike does. Smaller players in the game are able to "pull a feather" here and there but there is no stopping the behemoth that is CrowdStrike. So long as CrowdStrike continues to deliver on its endpoint protection capabilities and levels up their behavioral detections, they are the best buy all day long. For those looking for a company that is clear about what they are monitoring for and how, rule logic, etc.... CrowdStrike is the exact opposite. They are a complete black box that thinks detect logic is magic and protects it all as if it was intellectual property. For some organizations they will likely not care; however, for others with established security teams, this can prove to be an irritant.

Read full review

Bryan Bowie

Principal Incident Responder (Sr.)

VerizonSecurity & Investigations, 10,001+ employees

View all 29 answers on this topic

Small or large organizations will benefit from using MDE. They need to provide a way to buy MDE as a standalone add-on product not only make it a bundled feature in Microsoft 365 E5. I wish it had the ability to deploy updates to 3rd party apps when the vulnerability scanner discovers a vulnerability. Currently, I have to use a 3rd party tool to address this gap.

Read full review

Joe Aldeguer

IT Director

Society of American FloristsNon-profit Organization Management, 11-50 employees

View all 7 answers on this topic

Feature Rating Comparison

CrowdStrike Falcon

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

Anti-Exploit Technology

Endpoint Detection and Response (EDR)

Centralized Management

Hybrid Deployment Support

Infection Remediation

Vulnerability Management

Malware Detection

Pros

Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.

Read full review

Randy Munroe

Information Security Analyst

Randall-ReillyMarketing and Advertising, 201-500 employees

View all 29 answers on this topic

It is great at proactively monitoring threats across the network. It works seamlessly with the client to monitor individual user computers, and it has a good real-time scanning engine.
On the client side, Windows Defender doesn't require a whole lot of system resources to run, nor will it create unnessary slowdowns of a computer, even while scanning for threats

Read full review

Verified User

Supervisor in Information Technology

Education Management Company, 1001-5000 employees

View all 7 answers on this topic

Cons

We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.

Read full review

Mark Sauer

Director of Information Technology

TransPakPackage/Freight Delivery, 1001-5000 employees

View all 29 answers on this topic

Virus detection rates are below competitors.
Too many notifications that end up bothering.
Do not ask every time if you should send reports to Microsoft.

Read full review

Danilo Soares Peres

Performance e Controle Comercial na Groupe Renault

Groupe RenaultAutomotive, 10,001+ employees

View all 7 answers on this topic

Support Rating

CrowdStrike Falcon 8.8

Based on 13 answers

When I receive support, it is always useful and informative. However, the support doesn't get back to me in the most timely manner. Often, by the time I hear back from support I have already resolved the issue. But for bigger issues, that need more in-depth help the support team has been incredibly valuable.

Read full review

Verified User

Analyst in Information Technology

Telecommunications Company, 1001-5000 employees

View all 13 answers on this topic

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) 8.5

Based on 9 answers

Every time I've had a question or a problem, I was able to get it addressed quickly. Microsoft has a huge database for ATP support, and it has contained 90% of what I have looked for. It was a lifesaver during initial setup.

Read full review

Verified User

Technician in Information Technology

Education Management Company, 51-200 employees

View all 9 answers on this topic

Alternatives Considered

[Because of] its cloud-based architecture, complete set of features, LDAP integration and massive deployment options. The open integration with another security solution and it's almost native with all Windows flavors including Windows Server. Its Incident Response Team is a one-and-only kind of solution that makes CrowdStrike a really different competitor and a natural leader in cybersecurity market.

Read full review

Victor Rivera

Senior Information Technology Manager

Grupo VinteConstruction, 1001-5000 employees

View all 29 answers on this topic

MS ATP is lower on system resources and enables us to stretch out our endpoint hardware for an additional year. Also, MS ATP being an MS product fits in very nicely into MS remote management software and MS operating system. We have had little to no issues when hotfixes and roll updates are deployed, unlike 3rd party AV providers that we had experience with in the past.

Read full review

Verified User

C-Level Executive in Information Technology

Media Production Company, 51-200 employees

View all 7 answers on this topic

Return on Investment

CrowdStrike has cut our security costs.
Has given us more insight into our end points.
It has helped with our older PC's CPU usage.
Cut our cost and time from managing multiple platforms down to managing one platform with better insight than what we had with multiple security platforms.

Read full review

Verified User

C-Level Executive in Information Technology

Security & Investigations Company, 1-10 employees

View all 29 answers on this topic

There is definitely a piece of mind provided when you know that your system will not get compromised because of malware and viruses.
The fact that I don't have to spend money in the first place means that I can spend money on other more important things that do require it.

Read full review

Tanish Pruthi

Marketing Associate

Mercer-MettlInformation Technology and Services, 501-1000 employees

View all 7 answers on this topic

Pricing Details

General

Free Trial

Yes

Free/Freemium Version

—

Premium Consulting/Integration Services

Yes

Entry-level set up fee?

No

CrowdStrike Falcon Editions & Modules

Edition

Falcon Pro	$6.99¹
Falcon Enterprise	$14.99²
Falcon Premium	$17.99²

per endpoint/month (for 5-250 endpoints, billed annually)
per endpoint/month (minimum number of endpoints applies)

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) Editions & Modules

Edition

Standalone	5.20¹
Academic	2.50¹

per user/per month

Additional Pricing Details

—

Rating Summary

CrowdStrike Falcon

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

CrowdStrike Falcon

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)

CrowdStrike Falcon vs Microsoft Defender for Endpoint (formerly Microsoft Defender ATP)