CrowdStrike Falcon vs. Microsoft Defender for Endpoint vs. Microsoft Sentinel

CrowdStrike Falcon

382 Reviews and Ratings

Microsoft Defender for Endpoint

285 Reviews and Ratings

Free Trial

Microsoft Sentinel

157 Reviews and Ratings

Free Trial

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
CrowdStrike Falcon	Score 9.1 out of 10	N/A	CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.	$59.99 per endpoint/month (minimum number of endpoints applies)
Microsoft Defender for Endpoint	Score 8.8 out of 10	N/A	Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.	$2.50 per user/per month
Microsoft Sentinel	Score 8.6 out of 10	N/A	Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.	$2.46 per GB ingested

Pricing

CrowdStrike Falcon

Microsoft Defender for Endpoint

Microsoft Sentinel

Editions & Modules

Falcon Go (Small Business): $59.99
per endpoint/month (minimum number of endpoints applies)
Falcon Go (Small Business): $59.99
Falcon Pro: $99.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise: $184.99
per endpoint/month (minimum number of endpoints applies)

Academic: $2.50
per user/per month
Standalone: $5.20
per user/per month

Azure Sentinel: $2.46
per GB ingested
100 GB per day: $123.00
per day
200 GB per day: $221.40
per day
300 GB per day: $319.80
per day
400 GB per day: $410.00
per day
500 GB per day: $492.00
per day
More than 500 GB per day: $492.00 + $98.40
per day/plus each additional 100 GB increment

Offerings

Pricing Offerings
CrowdStrike Falcon	Microsoft Defender for Endpoint	Microsoft Sentinel
Free Trial
Yes	Yes	Yes
Free/Freemium Version
No	No	No
Premium Consulting/Integration Services
Yes	No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

More Pricing Information

Pricing Info

Community Pulse
	CrowdStrike Falcon	Microsoft Defender for Endpoint	Microsoft Sentinel
Considered Multiple Products	CrowdStrike Falcon Verified User Director Chose CrowdStrike Falcon In my opinion, CrowdStrike Falcon provides superior detection and prevention capabilities over Jamf Protect. At the time we purchased (2017) CrowdStrike Falcon was more advanced than SentinelOne and Microsoft Defender for Endpoint. Incentivized Helpful? Humayoon Khan Team Lead Cyber Security Chose CrowdStrike Falcon It was the easiest to deploy and manage, while the dashboard was also very clear and precise in terms of useful information. Another major reason in selection CrowdStrike Falcon was its AI and ML detection capabilities which really impressed us during evaluation. Other tools … Incentivized Helpful? Verified User Manager Chose CrowdStrike Falcon At the time of purchase CrowdStrike provided the best featureset and value proposition for the organisation. The cloud first nature of the product and the mix of heuristic and behaviour based detection technologies was better than anything else that we looked at. Incentivized Helpful? Verified User Professional Chose CrowdStrike Falcon Since CrowdStrike is a cloud-native platform, it reduces the need to maintain many servers on-premise and worldwide architecture. McAfee uses very high CPU and RAM resources on endpoints and servers. Identity protection feature is a huge step towards zero trust implementation. Helpful? Verified User Employee Chose CrowdStrike Falcon Pricing was less, it had better ratings as well as word of mouth in the market. Works on agent-based solution rather than remote access. Finds zero day attacks very soon recently CrowdStrike found the 3cx attack which is now a critical supply chain attack. CrowdStrike falls … Incentivized Helpful? Verified User Analyst Chose CrowdStrike Falcon The logs analysis is very easy to use as it uses splunk in the backend. The automated SOAR features helps to save time and response on the incidents. The threat intelligence is very up-to-date with the recent cyber attacks. Incentivized Helpful? Verified User Manager Chose CrowdStrike Falcon CrowdStrike Falcon Endpoint certainly comes in with a slight price premium compared to other offerings, but when you're talking about your last line of defense against malware it's well worth it. From a feature perspective, many players offer similar feature sets but what sets … Incentivized Helpful? Bryan Bowie Principal Incident Responder (Sr.) Chose CrowdStrike Falcon I was not part of the selection process; however after speaking with the team that did make the call, the following where the key scenarios or features that ultimately made the decision. The number one decision from the support team was the client deployment and management of … Incentivized Helpful?	Microsoft Defender for Endpoint Bhuwan Chandra Business Development Manager Chose Microsoft Defender for Endpoint CrowdStrike Falcon EDR is one the Best solution available in Market ,However, I think they are lack in Threat visibility and Vulnerability assessment& Management for application versions & configurations . Incentivized Helpful? Verified User Vice-President Chose Microsoft Defender for Endpoint CrowdStrike Falcon, and Sentinel One are other big ones that we use a bit. Cisco Secure Endpoint we've evaluated as well. Cisco Secure Endpoint capability-wise doesn't match up to Defender, SentinelOne, and CrowdStrike both do, but the cost profiles are a bit higher. So most of … Incentivized Helpful? SU Shital Ulagadde Senior Cyber Security Consultant Chose Microsoft Defender for Endpoint CrowdStrike Falcon is also a good solution for endpoint protection which offer EDR Soultion, threat hunting and AI driven threat protection. Sophos Intercept X combines next-gen antivirus with advanced EDR capabilities with its deep learning technology, exploit prevention, and … Incentivized Helpful? Verified User Administrator Chose Microsoft Defender for Endpoint When building up policies, being independent is much easier compared to CrowdStrike, I would say. Incentivized Helpful? Verified User Supervisor Chose Microsoft Defender for Endpoint Say licensing and cost primarily. And from our evaluation and our use cases, Microsoft Defender for Endpoint did relatively the same thing. Incentivized Helpful? Verified User Manager Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint consistently showed better user experiences during scans due to the reduced amount of resources used on each system compared to our previous endpoint protection solutions. However, the main reason we chose Microsoft Defender for Endpoint is … Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is the most cost effective solution considering our Microsoft 365 licensing status. While many 3rd party solutions are great and have been used over the years, in the non-profit world, cost is a huge driving factor of items. Coupled with … Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is on par or exceeds the competitor products and provides an enterprise grade EDR solution. Based on the savings by bundling Microsoft products under the E5 license and the benefits it provides; it is an excellent choice for customers looking for … Incentivized Helpful? Verified User Manager Chose Microsoft Defender for Endpoint Crowdstrike is the more feature complete product but licensing model and cost does not work well with the small business model. ESET PROTECT is considerably more complicated from a licensing perspective but once operational is a fine product. Incentivized Helpful? Verified User Technician Chose Microsoft Defender for Endpoint We use Microsoft Defender for Endpoint along with Crowdstrike on some of our critical systems as it enhances the protection we have for our environment. Incentivized Helpful? Verified User C-Level Executive Chose Microsoft Defender for Endpoint It's very convenient and very well integrated with our environment. Incentivized Helpful? PH Paolo Heuer Cybersecurity Director Chose Microsoft Defender for Endpoint We previously used CrowdStrike on our servers. However, the seamless integration of Microsoft Defender (MD) with XDR and the entire Microsoft ecosystem led us to choose Microsoft Defender for Endpoint (MDE). Incentivized Helpful? Joy Dutta Lead Engineer Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is more advantageous in our windows heavy infrastructure and it was unparalled in the ease of integration with windows endpoints. Security breaches, system crashes and outages with other competitors like Crowdstrike made it easier for us to go … Incentivized Helpful? Verified User Administrator Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is unique for its effortless deployment into the Microsoft ecosystem, where it taps the broadest set of threat intelligence from more than 1.5 billion endpoints. Its state-of-the-art AI-powered automated investigation and remediation minimize … Incentivized Helpful? Verified User Employee Chose Microsoft Defender for Endpoint CrowdStrike and SentinelOne. CrowdStrike, you have to deploy it, but it's the defender, it's already baked into the operating system. Same thing with SentinelOne. Incentivized Helpful? Verified User Employee Chose Microsoft Defender for Endpoint Easier to integrate, less hidden fees, easier to maintain, and easier to update. Support is much better on the Microsoft side than CrowdStrike. Incentivized Helpful? Verified User Contributor Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint stacks up well against it competitors. It detects malicious files faster than other tools like CrowdStrike. Incentivized Helpful? Verified User Director Chose Microsoft Defender for Endpoint Competitive Pricing Incentivized Helpful? JN Jamil Niazi CIO Chose Microsoft Defender for Endpoint Because this product is easier to use and has a lot of development and Microsoft's behind it. Incentivized Helpful? Verified User Engineer Chose Microsoft Defender for Endpoint I have worked with CrowdStrike and Carbon Black. Because of the performance in Linux environments. Incentivized Helpful? VK VIJAY KANAL NATIONAL PRODUCT MANAGER Chose Microsoft Defender for Endpoint Microsoft comes as a bundle suite and for other solutions the purchasing needs to be done separately. Helpful? RK RUSHABH KADCHHUD Associate Director - Practice Lead, Network and Systems Engineering Chose Microsoft Defender for Endpoint Enterprise Endpoint Protection: Microsoft Defender for Endpoint is well suited for large organizations with numerous endpoints, such as desktops, laptops, and servers, as it provides centralized management and monitoring of security across the entire network. Microsoft … Incentivized Helpful? Rahul Deshmukh Security Solutions Architect Chose Microsoft Defender for Endpoint Microsoft Defender for Endpoint is east to deploy, hence safed lot of efforts in implementation and management. When I evaluated CrowdStrike I found that not all threats are identified in it, which was a matter of concern for us. We also had issues with configuration and … Incentivized Helpful? WH William Huang Lead Security Architect Chose Microsoft Defender for Endpoint I would say Microsoft Defender for Endpoint is a little behind compared to those two market leaders in the space. However, Microsoft Defender for Endpoint is easy to deploy and manage for windows devices and the cost is more reasonable. Incentivized Helpful? Verified User Team Lead Chose Microsoft Defender for Endpoint Mostly it runs smoothly on host without impacting performance as other AVs like Symantec's impacts performance issue of host. Also because it's still a good product overall price range. Can upgrade to EDR solution with not much difficulty & onboarding on tool is not that … Incentivized Helpful?	Microsoft Sentinel Verified User Vice-President Chose Microsoft Sentinel These are all the Microsoft products. We have used Splunk. And again, I would say Microsoft Sentinel stacks up because it's a native tool that is more like an ecosystem. It's not a standalone tool. It's like if you're in the Microsoft stack, Microsoft Sentinel will stack up … Incentivized Helpful? RD Richard Dornhart National Security Practice Manager Chose Microsoft Sentinel Splunk, Google, SecOps. I look at how it stacks up based on the fact that it's the primary solution that we sell. So I think it stacks up really well. Why do we select it? Well, we selected it primarily because we're a very large Microsoft partner. The technology is very good … Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel Elastic seems to have a much better interface for log search and is able to filter out noise. Microsoft Sentinel also appears to generate a lot of false positives. Incentivized Helpful? Verified User Manager Chose Microsoft Sentinel Prior to using Sentinel, we were using Splunk specifically Splunk Enterprise Security and Splunk Cloud, so their on-prem and their cloud-based products. We switched originally for cost reasons, specifically cost control, but I have found that the ability to create reports, the … Incentivized Helpful? Verified User Director Chose Microsoft Sentinel The SecureWorks product is a more mature product. We prefer the SecureWorks product over Microsoft Sentinel at this point. Incentivized Helpful? Verified User Consultant Chose Microsoft Sentinel ArcSight is an on-prem solution that has a different approach than Sentinel. In a basis this product is more complex to maintain and deploy. The query functionality in Sentinel is more powerful and easier to maintain. ArcSight has a much slower performance and an interface that … Incentivized Helpful? Verified User Advisor Chose Microsoft Sentinel Elasticsearch, we did a demo about it. Also the CrowdStrike platform, we got a demo on it. How did they compare? I think Elasticsearch, for us, it's more hard to configure. Microsoft Sentinel is pretty straight to the point. We turn on stuff, it's plug-and-play. CrowdStrike, … Incentivized Helpful? Verified User Engineer Chose Microsoft Sentinel As the vast majority of our users have Windows machine and uses all 365 cloud features, we finally decided not to implement any 3rd party security solutions on desktops/laptops in order to keep our infrastructure simple. In this case, Microsoft Sentinel is the best way to … Incentivized Helpful?

Features

CrowdStrike Falcon

Microsoft Defender for Endpoint

Microsoft Sentinel

Endpoint Security

Comparison of Endpoint Security features of Product A and Product B
	CrowdStrike Falcon 8.8 98 Ratings 3% above category average	Microsoft Defender for Endpoint 8.7 78 Ratings 2% above category average	Microsoft Sentinel - Ratings
Anti-Exploit Technology	9.089 Ratings	8.975 Ratings	00 Ratings
Endpoint Detection and Response (EDR)	9.396 Ratings	9.177 Ratings	00 Ratings
Centralized Management	9.097 Ratings	8.777 Ratings	00 Ratings
Hybrid Deployment Support	8.24 Ratings	7.210 Ratings	00 Ratings
Infection Remediation	8.993 Ratings	9.075 Ratings	00 Ratings
Vulnerability Management	7.772 Ratings	8.672 Ratings	00 Ratings
Malware Detection	9.396 Ratings	9.276 Ratings	00 Ratings

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	CrowdStrike Falcon - Ratings	Microsoft Defender for Endpoint - Ratings	Microsoft Sentinel 8.0 31 Ratings 2% above category average
Centralized event and log data collection	00 Ratings	00 Ratings	8.630 Ratings
Correlation	00 Ratings	00 Ratings	8.431 Ratings
Event and log normalization/management	00 Ratings	00 Ratings	8.031 Ratings
Deployment flexibility	00 Ratings	00 Ratings	6.929 Ratings
Integration with Identity and Access Management Tools	00 Ratings	00 Ratings	8.329 Ratings
Custom dashboards and workspaces	00 Ratings	00 Ratings	8.031 Ratings
Host and network-based intrusion detection	00 Ratings	00 Ratings	8.126 Ratings
Data integration/API management	00 Ratings	00 Ratings	7.829 Ratings
Behavioral analytics and baselining	00 Ratings	00 Ratings	8.027 Ratings
Rules-based and algorithmic detection thresholds	00 Ratings	00 Ratings	8.429 Ratings
Response orchestration and automation	00 Ratings	00 Ratings	8.428 Ratings
Reporting and compliance management	00 Ratings	00 Ratings	7.35 Ratings
Incident indexing/searching	00 Ratings	00 Ratings	8.429 Ratings

Best Alternatives
	CrowdStrike Falcon	Microsoft Defender for Endpoint	Microsoft Sentinel
Small Businesses	ThreatLocker Score 9.2 out of 10	ThreatLocker Score 9.2 out of 10	LevelBlue USM Anywhere Score 7.7 out of 10
Medium-sized Companies	BlackBerry Protect (CylancePROTECT) Score 9.1 out of 10	CrowdStrike Falcon Score 9.1 out of 10	Sumo Logic Score 8.8 out of 10
Enterprises	BeyondTrust Endpoint Privilege Management Score 10.0 out of 10	BeyondTrust Endpoint Privilege Management Score 10.0 out of 10	Sumo Logic Score 8.8 out of 10
All Alternatives	View all alternatives	View all alternatives	View all alternatives

User Ratings
	CrowdStrike Falcon	Microsoft Defender for Endpoint	Microsoft Sentinel
Likelihood to Recommend	9.0 (98 ratings)	9.0 (133 ratings)	8.7 (53 ratings)
Likelihood to Renew	10.0 (3 ratings)	8.4 (10 ratings)	6.8 (2 ratings)
Usability	10.0 (2 ratings)	8.6 (10 ratings)	6.5 (7 ratings)
Availability	- (0 ratings)	9.1 (1 ratings)	- (0 ratings)
Performance	- (0 ratings)	9.1 (1 ratings)	- (0 ratings)
Support Rating	10.0 (9 ratings)	9.0 (7 ratings)	8.0 (3 ratings)
In-Person Training	9.0 (1 ratings)	- (0 ratings)	- (0 ratings)
Implementation Rating	10.0 (1 ratings)	7.3 (1 ratings)	- (0 ratings)
Configurability	- (0 ratings)	8.2 (1 ratings)	- (0 ratings)
Product Scalability	- (0 ratings)	9.1 (1 ratings)	- (0 ratings)
Professional Services	- (0 ratings)	- (0 ratings)	5.0 (1 ratings)

User Testimonials
	CrowdStrike Falcon	Microsoft Defender for Endpoint	Microsoft Sentinel
Likelihood to Recommend	CrowdStrike Crowdstrike is a unified platform for monitoring endpoint devices, whether they're workstations, servers, cloud-native machines, or even mobile devices. It uses AI/ML to monitor anomalies and suspicious behavior, including zero-day attacks. It is suitable for large organizations but may be costlier or less appropriate for smaller organizations, those who want an on-prem EDR setup, and those who need custom scanning based on compliance requirements. Incentivized PD Prajwal Deshmukh Cyber Security Analyst Read full review	Microsoft I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well. Verified User Anonymous Read full review	Microsoft It's certainly well-suited in environments that rely heavily on Microsoft products, and it's well-suited for environments where you have other business drivers to go to the E5 license. If I were to say where I would not and why, I only gave it a seven on the recommendation, that answer would probably vary if you already owned E5 or not. It's extremely expensive. And if there are other alternatives, if you don't have any other driving reason to go to E5, I would coach you not to go to Microsoft Sentinel. But if you're there, it's a fantastic property. It's certainly part of the cost argument for moving to E5, but it's only a part. It can't by itself justify the move to E5. Incentivized Verified User Anonymous Read full review
Pros	CrowdStrike The Log analysis is very detailed and easy to use. Prevent and block all type of malwares. Great threat intelligence which is very up-to-date with the recent cyber attacks very user friendly in access and management Automated feature of detecting, taking action and closing incidents using fusion workflow. Incentivized Verified User Anonymous Read full review	Microsoft Definitely on the threat action and response. We didn't have a stress-response option before, but the dependent brand point provided it instantly. Also, it's doing UVA and machine learning, which we didn't have before. So it's definitely providing more sophisticated threat-detection capabilities than we had before. Incentivized Verified User Anonymous Read full review	Microsoft It's the scale. Having built-in detections and vulnerabilities and the ability to see into the traffic flows is absolutely key. Look at it from my perspective as network security. We want to see what's going on east, west, between all the kinds of subscriptions and the tenants. We don't have that. We don't have that with any other product. Microsoft Sentinel gives us that kind of visibility. Incentivized Verified User Anonymous Read full review
Cons	CrowdStrike Support - we are often tasked with running down problems rather than being directed by support. The sales staff we have dealt with are not very responsive or timely. I believe this is a product built for installations of 300 users or more. Incentivized Verified User Anonymous Read full review	Microsoft The only thing is sometimes, because Microsoft has so many platforms, it gets a little confusing, like am I in the security platform? Am I in Purview? Where am I at right now? Because there's so many sites that are kind of doing a lot of the same thing, and so that does get a little confusing from time to time, but outside of that, it's a pretty good product. Incentivized Verified User Anonymous Read full review	Microsoft An area for improvement is how case management is surfaced within the Microsoft Sentinel experience, as clearer integration into Sentinel workflows would reduce context switching and improve incident handling. There is an opportunity to further expand agentic, autonomous investigation and response capabilities. Incentivized Verified User Anonymous Read full review
Likelihood to Renew	CrowdStrike Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI. Incentivized Verified User Anonymous Read full review	Microsoft Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market Incentivized Verified User Anonymous Read full review	Microsoft it does the job reasonably well Incentivized Verified User Anonymous Read full review
Usability	CrowdStrike I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers. Incentivized FM Fotis Mastakas Fotis Mastakas Read full review	Microsoft Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened Incentivized JL John Lee IT Director Read full review	Microsoft Because, as I said, it still lacks a lot of things, like many playbooks outside the Copilot integrations and the actual remediation. For example, for Microsoft Sentinel and SAP, I would want to see Copilot doing a lot of remediations in Microsoft Sentinel at SAPN, like executing the transaction code, maybe creating certain increases, or remediating stuff like that, which is all customized. Incentivized Verified User Anonymous Read full review
Reliability and Availability	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Performance	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint is easy on memory and resources on clients. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Support Rating	CrowdStrike Any time we need to engage the Crowdstrike Falcon Complete Team, their response is switch, thorough, and they are sure to not close out any request until the customer confirms that they have provided an acceptable resolution. If I ever need anything from the account team related to the product, I also get a response from them within minutes typically to address my question. Top notch customer service! Incentivized Verified User Anonymous Read full review	Microsoft The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session Incentivized Joe Aldeguer IT Director Read full review	Microsoft Microsoft support is one of the highest rated on the market. It has global and multilingual support. Calls can be made over the phone and the solution is virtually instantaneous with the help of Microsoft engineers. It's great! Incentivized Flavio Pereira Analista de sistemas Read full review
In-Person Training	CrowdStrike There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic	Microsoft No answers on this topic
Online Training	CrowdStrike The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic	Microsoft No answers on this topic
Implementation Rating	CrowdStrike Read the documentation Incentivized Verified User Anonymous Read full review	Microsoft Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Alternatives Considered	CrowdStrike It was just a legacy AV program onboarded during initial setup days. As the org. As it expanded, its threat landscape also grew, and we needed a next-gen solution to protect against evolving threat vectors. Falcon EDR was the one that solved all these in a single place. Incentivized Verified User Anonymous Read full review	Microsoft Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding additional agents. Some of the other vendors and their agents, for a while, would compete with CPU usage. And so it actually slowed down the machines. Because Microsoft Defender for Endpoint is built into the Windows product, Microsoft is going to ensure that it does not affect the other productivity tools that a user may use. Incentivized Verified User Anonymous Read full review	Microsoft Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively. Incentivized Verified User Anonymous Read full review
Scalability	CrowdStrike No answers on this topic	Microsoft Microsoft Defender for Endpoint is easily scaled from small orgs to giant enterprises. Incentivized Verified User Anonymous Read full review	Microsoft No answers on this topic
Professional Services	CrowdStrike No answers on this topic	Microsoft No answers on this topic	Microsoft Did not use professional services Incentivized MB Michael Bobo IT Director Read full review
Return on Investment	CrowdStrike CrowdStrike Falcon's proactive threat mitigation has significantly reduced the risk of successful cyber attacks, resulting in tangible savings related to potential data breaches or system compromises. The cloud-native architecture and automated features have improved operational efficiency. The platform's real-time visibility and threat hunting capabilities have drastically improved incident response times. Incentivized James Dilley System Administrator Read full review	Microsoft Reduced incidents of security breaches lead to lower remediation costs and avoid potential financial losses and reputational damage. Reduces the need for additional third-party security solutions and training, thereby lowering overall security management costs. Increased efficiency and productivity of IT staff lead to better allocation of resources and cost savings. Reduces the risk of fines and sanctions associated with non-compliance, ensuring business continuity and protecting revenue. Incentivized CF Carlos Eduardo Faquinello IT Solutions Architect Read full review	Microsoft As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team. Incentivized Verified User Anonymous Read full review
ScreenShots		Microsoft Defender for Endpoint Screenshots	Microsoft Sentinel Screenshots