CrowdStrike Falcon vs Netsurion comparison

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 6, 2023

We performed a comparison between CrowdStrike Falcon and Netsurion based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Netsurion delivers thorough and informative notifications and successfully identifies threats. Users praise its seamless incorporation of endpoint security measures. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Netsurion should focus on enhancing weekly reporting, utilizing internet options for enhanced security, and strengthening threat detection and response.
Service and Support: CrowdStrike Falcon's customer service is considered prompt and helpful. Netsurion's customer service has received mixed reviews, with some users expressing concerns about technical planning and the installation process.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. Netsurion's initial setup was described as easy, with clear instructions and packages provided. Reviewers appreciated the support and assistance from Netsurion. Netsurion guided the setup discussion based on business needs, making it easier to understand and implement.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Netsurion is considered a good value for the money and competitive. Users say the solution’s pricing is transparent.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers. Netsurion offers actionable intelligence and eliminates the requirement for specialized staff, saving time and costs. Its managed SOC component also delivered substantial benefits to organizations.

Comparison Results: Our users prefer CrowdStrike Falcon over Netsurion. Users like its seamless and fast setup, lightweight design, precise threat detection, and robust defense against cyberattacks. They also value its integration capabilities, user-friendly dashboard, and dependable security.

To learn more, read our detailed CrowdStrike Falcon vs. Netsurion Report (Updated: May 2024).

Buyer's Guide

CrowdStrike Falcon vs. Netsurion

May 2024

Download the complete report

Helped 787,061 peers since 2012

Categories and Ranking

Microsoft Defender XDR

Featured Reviews

reviewer2186649

Senior Cybersecurity Specialist at HCL

May 17, 2023

It has many built-in policies that can improve your organization's cloud security posture

365 Defender's attack surface reduction rules could be more customizable. Microsoft has its own pre-defined rules that can be adapted to every organization, but Defender should support the ability to create custom rules from scratch. Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation. Automated remediation can be improved. I'm currently creating a remediation structure there and pushing it to my vendor, but the vendor should have their own way of resolving things. It only alerts you that something is happening. The security administrator needs to take action because Defender's automated capabilities aren't up to par.

Read full review

Adeeb Khan

Senior Data Hosting and Security Special at Two aquate

Jan 22, 2024

Offers good centralization and access to remote sites with an easy setup

We're installing the solution on some of our external servers. It has a cloud portal, and we can control everything through the cloud. It's good for remote sites I like that it has a centralized cloud, and all the agents provide visibility on our remote sites. It offers good central management.…

Read full review

John-Berry

Information Technology Manager at ProfitSolv

Sep 11, 2023

The SOC center monitors, hunts, and notifies us of threats around the clock

I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."

"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."

"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."

"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."

"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."

"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."

"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."

"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."

More Microsoft Defender XDR pros

"I like the Overwatch feature the most."

"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."

"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."

"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."

"The detection is very effective."

"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."

"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."

"The most valuable feature of CrowdStrike Falcon is its accuracy."

More CrowdStrike Falcon pros

"Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for."

"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."

"I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective."

"What I like most about Netsurion is the level of visibility and reporting."

"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

"They have a number of integrations with different products. Google Workspace is one of them, and Microsoft Azure is another one. They integrate with a number of other things, such as Duo for multi-factor authentication. They can pull the logs from Duo to see if users are coming from bad repeatable IPs or if there are malicious known IPs that may be popping up in the logs. They are able to see that, and they can identify that. Some of the other integrations they do are from inside your network. For firewalls, they can integrate with SonicWall, Cisco, Fortinet, etc. They have a pretty wide variety of things to integrate with and be able to pull the logins from those devices."

"The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location."

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."

More Netsurion pros

Cons

"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."

"Just like in any solution, the price can always be cheaper."

"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."

"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."

"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."

"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."

"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."

"Microsoft Defender is slow to adapt to evolving threats."

More Microsoft Defender XDR cons

"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."

"This solution could be improved with greater scope for admins to make changes to the solution."

"CrowdStrike Falcon needs to improve their host management system."

"The management of log aggregation is in need of improvement."

"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."

"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"

"Some of Falcon's features are a bit pricey."

"CrowdStrike should add support for ransomware protection."

More CrowdStrike Falcon cons

"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."

"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."

"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."

"I would like to see the dashboard come up more quickly."

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."

"Netsurion's SOC can be a bit too aggressive at times."

"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."

More Netsurion cons

Pricing and Cost Advice

"All I can say again is the E5 gives you all the capabilities that it offers. It also gives Office 365 and one terabyte of storage. All in all, the E5 license model makes sense. There are some people who say it's quite costly, but rather than paying different vendors, it makes sense to go all in with Microsoft if you've got that licensing. From that perspective, it's cost-effective, but I can't comment much on that."

"The solution is too expensive."

"Microsoft Defender XDR is already included in our Office 365 licensing. It is better because we're saving money by using it."

"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."

"The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."

"The price of the solution is high compared to others and we have lost some customers because of it."

"We've managed to navigate it effectively through our enterprise agreement, and Microsoft's academic discounts have proven to be quite generous."

"The pricing of Microsoft 365 Defender is definitely on the costly side, but with the features and services that Microsoft provides, such as the seamless integration of all the Defender tools, while the price is on the higher side, there is no alternative."

More Microsoft Defender XDR pricing and cost advice

"It's an expensive solution but you get a very good product for the price. Compared to other products, SentinelOne is definitely cheaper and the Microsoft E5 package is probably more expensive. Not many companies are willing to purchase CrowdStrike Falcon in Turkey due to the cost, but the market is changing."

"The pricing and licensing are reasonable. I don't think we are getting charged more than what it is worth. It is fair, but I do not like how it is a la carte. I realize they do that so other organizations can buy and get the agent, getting it cheaper than you could otherwise. However, if you want the main core package, which has all the main features with the exception of maybe the multi-cloud protections, that can get pricier for an organization. So, you have to pick and choose what you want. I do not care for a la carte pricing."

"The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."

"There is an annual license required to use this solution."

"While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours."

"The more endpoints an organization adds the cheaper the cost."

"The pricing could be reduced. If it was more reasonable that would be great."

"There are approximately a hundred different modules you have to purchase, depending on what you want to do. I have most of the modules. How it works is you buy the portfolio, you have to decide all the components you want in it, and then they price out a bundle for you. I have almost all of the package features in my bundle. You only need to pay for the modules you want."

More CrowdStrike Falcon pricing and cost advice

"Our pricing for Netsurion last year was US $52,000 per year."

"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"It is a bit expensive as compared to some of the other products that have come out in recent years. Expense-wise, the only downside is that it is not cheap."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

787,061 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

10%

Government

Manufacturing Company

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Computer Software Company

31%

Manufacturing Company

12%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying mu...

See all answers

What needs improvement with Microsoft 365 Defender?

Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionall...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never pu...

See all answers

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

See all answers

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They ...

See all answers

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requir...

See all answers

Comparisons

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 15% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 5% of the time

Wazuh vs Microsoft Defender XDR

Compared 4% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 3% of the time

Microsoft Sentinel vs Microsoft Defender XDR

Compared 2% of the time

More Microsoft Defender XDR Competitors

Darktrace vs CrowdStrike Falcon

Compared 6% of the time

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 4% of the time

Trend Micro Deep Security vs CrowdStrike Falcon

Compared 4% of the time

Trend Vision One vs CrowdStrike Falcon

Compared 4% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 4% of the time

More CrowdStrike Falcon Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 67% of the time

CyberHat CYREBRO vs Netsurion

Compared 33% of the time

More Netsurion Competitors

Product Reports

Buyer's Guide

Microsoft Defender XDR

May 2024

Download Microsoft Defender XDR product report

Buyer's Guide

CrowdStrike Falcon

June 2024

Download CrowdStrike Falcon product report

Buyer's Guide

Netsurion

May 2024

Download Netsurion product report

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

CrowdStrike Falcon, CrowdStrike Falcon XDR

Netsurion Managed Threat Protection, Netsurion EventTracker

Learn More

Microsoft

CrowdStrike

Video not available

Netsurion

Overview

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

CrowdStrike Falcon offers advanced threat detection, real-time visibility, easy interface, and responsive customer support. It enhances workflow and efficiency, promotes collaboration, streamlines processes, and boosts productivity. With features like incident response options, customizable alerts, and proactive threat hunting, it helps protect organizations from malware and ransomware attacks.

Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Information Not Available

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Buyer's Guide

CrowdStrike Falcon vs. Netsurion

May 2024

Free Report: CrowdStrike Falcon vs. Netsurion

Find out what your peers are saying about CrowdStrike Falcon vs. Netsurion and other solutions. Updated: May 2024.

DOWNLOAD NOW

787,061 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. Netsurion report.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.