CrowdStrike Falcon vs. Microsoft Defender for Endpoint

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CrowdStrike Falcon
Score 9.2 out of 10
N/A
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.
$59.99
per endpoint/month (minimum number of endpoints applies)
Microsoft Defender for Endpoint
Score 8.4 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Pricing
CrowdStrike FalconMicrosoft Defender for Endpoint
Editions & Modules
Falcon Go (Small Business)
$59.99
per endpoint/month (minimum number of endpoints applies)
Falcon Go (Small Business)
$59.99
Falcon Pro
$99.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise
$184.99
per endpoint/month (minimum number of endpoints applies)
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
Offerings
Pricing Offerings
CrowdStrike FalconMicrosoft Defender for Endpoint
Free Trial
YesYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
YesNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
CrowdStrike FalconMicrosoft Defender for Endpoint
Considered Both Products
CrowdStrike Falcon
Chose CrowdStrike Falcon
It was the easiest to deploy and manage, while the dashboard was also very clear and precise in terms of useful information.
Another major reason in selection CrowdStrike Falcon was its AI and ML detection capabilities which really impressed us during evaluation. Other tools …
Chose CrowdStrike Falcon
At the time of purchase CrowdStrike provided the best featureset and value proposition for the organisation. The cloud first nature of the product and the mix of heuristic and behaviour based detection technologies was better than anything else that we looked at.
Chose CrowdStrike Falcon
Since CrowdStrike is a cloud-native platform, it reduces the need to maintain many servers on-premise and worldwide architecture. McAfee uses very high CPU and RAM resources on endpoints and servers.
Identity protection feature is a huge step towards zero trust implementation.
Chose CrowdStrike Falcon
The logs analysis is very easy to use as it uses splunk in the backend. The automated SOAR features helps to save time and response on the incidents. The threat intelligence is very up-to-date with the recent cyber attacks.
Chose CrowdStrike Falcon
CrowdStrike Falcon Endpoint certainly comes in with a slight price premium compared to other offerings, but when you're talking about your last line of defense against malware it's well worth it. From a feature perspective, many players offer similar feature sets but what sets …
Chose CrowdStrike Falcon
I was not part of the selection process; however after speaking with the team that did make the call, the following where the key scenarios or features that ultimately made the decision.
  1. The number one decision from the support team was the client deployment and management of …
Microsoft Defender for Endpoint
Chose Microsoft Defender for Endpoint
CrowdStrike Falcon EDR is one the Best solution available in Market ,However, I think they are lack in Threat visibility and Vulnerability assessment& Management for application versions & configurations .
Chose Microsoft Defender for Endpoint
CrowdStrike and SentinelOne. CrowdStrike, you have to deploy it, but it's the defender, it's already baked into the operating system. Same thing with SentinelOne.
Chose Microsoft Defender for Endpoint
Easier to integrate, less hidden fees, easier to maintain, and easier to update. Support is much better on the Microsoft side than CrowdStrike.
Chose Microsoft Defender for Endpoint
Microsoft Defender for Endpoint stacks up well against it competitors. It detects malicious files faster than other tools like CrowdStrike.
Chose Microsoft Defender for Endpoint
Competitive Pricing
Chose Microsoft Defender for Endpoint
Because this product is easier to use and has a lot of development and Microsoft's behind it.
Chose Microsoft Defender for Endpoint
I have worked with CrowdStrike and Carbon Black. Because of the performance in Linux environments.
Chose Microsoft Defender for Endpoint
Microsoft comes as a bundle suite and for other solutions the purchasing needs to be done separately.
Chose Microsoft Defender for Endpoint
I found CrowdStrike to be confusing and complex when it comes to managing assets and incidents around endpoints. While it provides quality intelligence, it lacks a more admin-friendly way of presenting that information. Hence, as I have mentioned in the previous points as well, …
Chose Microsoft Defender for Endpoint
Enterprise Endpoint Protection: Microsoft Defender for Endpoint is well suited for large organizations with numerous endpoints, such as desktops, laptops, and servers, as it provides centralized management and monitoring of security across the entire network. Microsoft …
Chose Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is east to deploy, hence safed lot of efforts in implementation and management. When I evaluated CrowdStrike I found that not all threats are identified in it, which was a matter of concern for us. We also had issues with configuration and …
Chose Microsoft Defender for Endpoint
I would say Microsoft Defender for Endpoint is a little behind compared to those two market leaders in the space. However, Microsoft Defender for Endpoint is easy to deploy and manage for windows devices and the cost is more reasonable.
Chose Microsoft Defender for Endpoint
Mostly it runs smoothly on host without impacting performance as other AVs like Symantec's impacts performance issue of host. Also because it's still a good product overall price range. Can upgrade to EDR solution with not much difficulty & onboarding on tool is not that …
Chose Microsoft Defender for Endpoint
CrowdStrike and Sentinel One, I believe. I think Microsoft's products far superior.
Top Pros
Top Cons
Features
CrowdStrike FalconMicrosoft Defender for Endpoint
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
CrowdStrike Falcon
8.7
80 Ratings
3% above category average
Microsoft Defender for Endpoint
8.3
56 Ratings
2% below category average
Anti-Exploit Technology8.972 Ratings8.153 Ratings
Endpoint Detection and Response (EDR)9.378 Ratings8.755 Ratings
Centralized Management8.579 Ratings8.155 Ratings
Hybrid Deployment Support8.24 Ratings7.810 Ratings
Infection Remediation8.975 Ratings8.354 Ratings
Vulnerability Management8.358 Ratings8.452 Ratings
Malware Detection9.278 Ratings8.655 Ratings
Best Alternatives
CrowdStrike FalconMicrosoft Defender for Endpoint
Small Businesses
ThreatLocker
ThreatLocker
Score 9.1 out of 10
ThreatLocker
ThreatLocker
Score 9.1 out of 10
Medium-sized Companies
ESET PROTECT
ESET PROTECT
Score 9.0 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Enterprises
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 9.1 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CrowdStrike FalconMicrosoft Defender for Endpoint
Likelihood to Recommend
9.2
(83 ratings)
8.3
(99 ratings)
Likelihood to Renew
9.7
(3 ratings)
8.4
(8 ratings)
Usability
9.8
(2 ratings)
-
(0 ratings)
Support Rating
10.0
(9 ratings)
9.0
(5 ratings)
In-Person Training
9.0
(1 ratings)
-
(0 ratings)
Implementation Rating
10.0
(1 ratings)
-
(0 ratings)
User Testimonials
CrowdStrike FalconMicrosoft Defender for Endpoint
Likelihood to Recommend
CrowdStrike
I would highly recommend CrowdStrike Falcon to any organization serious about bolstering its cybersecurity defenses. The platform's effectiveness in threat detection, proactive mitigation, and scalability make it a valuable asset in today's ever-evolving threat landscape. Despite some learning curves and integration challenges, the return on investment and the overall security enhancement justify its strong recommendation.
Read full review
Microsoft
I think it's well suited as a drop-in EDR, really an XDR, I guess if you want to go there. A platform for most organizations. I think it lacks some of the granularity in off-the-shelf rule sets that I want for defense Industrial base or financial services clients. For heavily targeted organizations, I think it requires a lot more customization than some of the competitor products off the shelf. So if you get there, it's not there day one.
Read full review
Pros
CrowdStrike
  • The Log analysis is very detailed and easy to use.
  • Prevent and block all type of malwares.
  • Great threat intelligence which is very up-to-date with the recent cyber attacks
  • very user friendly in access and management
  • Automated feature of detecting, taking action and closing incidents using fusion workflow.
Read full review
Microsoft
  • It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded.
Read full review
Cons
CrowdStrike
  • Sometimes updates to sensor versions fail, which requires manual intervention by internal staff members
  • The variety of different administrative privilege levels is vast and sometimes confusing
  • Proactive notifications confirming the health of the environment would be great instead of just reporting on potential issues
Read full review
Microsoft
  • While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself.
Read full review
Likelihood to Renew
CrowdStrike
Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.
Read full review
Microsoft
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
Read full review
Usability
CrowdStrike
I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.
Read full review
Microsoft
No answers on this topic
Support Rating
CrowdStrike
Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.
Read full review
Microsoft
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Read full review
In-Person Training
CrowdStrike
There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.
Read full review
Microsoft
No answers on this topic
Online Training
CrowdStrike
The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.
Read full review
Microsoft
No answers on this topic
Implementation Rating
CrowdStrike
Read the documentation
Read full review
Microsoft
No answers on this topic
Alternatives Considered
CrowdStrike
CrowdStrike Falcon's cloud-native architecture gives it an edge in terms of scalability, ease of deployment, and real-time threat intelligence updates. The user interface of Falcon is intuitive and offers clear visibility into our organization's threat landscape. Our team felt more comfortable navigating Falcon's dashboard. CrowdStrike Falcon's API and integration capabilities meant we could easily incorporate it into our existing tech stack, enhancing our other tools. Falcon's seemed more flexible for our specific needs.
Read full review
Microsoft
I would say not to name specific company names, because I'm a partner with one of them and that's the account that I work with. But I use some competing solutions that I would say are pretty heavy from an overhead perspective with the agent that has to be installed in the machine. It can be too restrictive for permissions where it gets in the way of an employee doing their job and the ability for Defender to be secure in that, but still allow an employee to go about their day and do what they need to do is certainly a change maker there. But yeah, from the other products perspective across the years, whether it be business or personal, some other products I can name are other endpoint protections from Vera Avast, McAfee, of course as folks remember that. And some of the other major players too that I would say a large networking company that doubles in security as well. I'll name them that way.
Read full review
Return on Investment
CrowdStrike
  • Centralized resource management means we need less tools to do the same job.
  • EDR data is massive and has to be factored into the overall cost of the product. You are exponentially punished for more devices.
  • CS has allowed larger coverage over devices and has discovered massive pockets of no protections.
Read full review
Microsoft
  • Reduced incidents of security breaches lead to lower remediation costs and avoid potential financial losses and reputational damage.
  • Reduces the need for additional third-party security solutions and training, thereby lowering overall security management costs.
  • Increased efficiency and productivity of IT staff lead to better allocation of resources and cost savings.
  • Reduces the risk of fines and sanctions associated with non-compliance, ensuring business continuity and protecting revenue.
Read full review
ScreenShots

Microsoft Defender for Endpoint Screenshots

Screenshot of blocked activitiesScreenshot of Detects & respondsScreenshot of discovers vulnerabilityScreenshot of Eliminates blind spotsScreenshot of Risk management