CrowdStrike Falcon vs Microsoft Defender for Cloud comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Jul 6, 2023

We performed a comparison between CrowdStrike Falcon and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Microsoft Defender for Cloud could use enhancements in automation and ease of use.

  • Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.

  • Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.

  • Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.

  • ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.

    Comparison Results: Users prefer CrowdStrike Falcon over Microsoft Defender for Cloud. Users like CrowdStrike Falcon's effortless setup process and lightweight design. It provides an in-depth analysis of endpoint devices, precise threat detection, and robust defense against cyberattacks. 

    To learn more, read our detailed CrowdStrike Falcon vs. Microsoft Defender for Cloud Report (Updated: September 2023).
    745,140 professionals have used our research since 2012.
    Featured Review
    Quotes From Members
    We asked business professionals to review the solutions they use.
    Here are some excerpts of what they said:
    Pros
    "The solution was relatively easy to deploy.""The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors""Additionally, when it comes to EDR, there are more tools available to assist with client work.""Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture.""The most valuable feature is the analysis, because of the beta structure.""The setup is pretty simple.""It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward.""Fortinet has helped free up around 20 percent of our staff's time to help us out."

    More Fortinet FortiEDR Pros →

    "CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems.""The most valuable feature of CrowdStrike Falcon is its accuracy.""I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.""Easy to use, intelligent, and stable threat detection software.""The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control.""The detection is very effective.""As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage.""One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."

    More CrowdStrike Falcon Pros →

    "Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand.""Threat protection is comprehensive and simple.""Technical support is helpful.""It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop.""DSPM is the most valuable feature.""It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network.""The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded.""The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."

    More Microsoft Defender for Cloud Pros →

    Cons
    "I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components.""The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location.""FortiEDR can be improved by providing more detailed reporting.""FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things.""To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced.""ZTNA can improve latency.""Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.""We'd like to see more one-to-one product presentations for the distribution channels."

    More Fortinet FortiEDR Cons →

    "The price is too high.""Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations.""Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that.""There are some areas where some customers would prefer a different service.""I would like to see a more accurate integration and an option to check the local machine.""Tighter integration around XDR could be included.""They should provide us with good visibility for everything.""CrowdStrike Falcon could improve the EDR functionality. Once the functionality of the solution improves, it will be even better in the market and able to compete with Carbon Black."

    More CrowdStrike Falcon Cons →

    "Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender.""The solution could extend its capabilities to other cloud providers. Right now, if you want to monitor a virtual machine on another cloud, you can do that. However, this cannot be done with other cloud platform services. I hope once that is available then Defender for Cloud will be a unified solution for all cloud platform services.""Azure's system could be more on point like AWS support. For example, if I have an issue with AWS, I create a support ticket, then I get a call or a message. With Azure support, you raise a ticket, and somebody calls back depending on their availability and the priority, which might not align with your business priority.""Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ.""They could always work to make the pricing a bit lower.""From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it.""Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations.""For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."

    More Microsoft Defender for Cloud Cons →

    Pricing and Cost Advice
  • "The price is comprable to other endpoint security solutions."
  • "The pricing is typical for enterprises and fairly priced."
  • "I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
  • "The pricing is good."
  • "I would rate the solution's pricing an eight out of ten."
  • "The hardware costs about €100,000 and about €20,000 annually for access."
  • "Fortinet FortiEDR has a yearly subscription."
  • "It's not cheap, but it's not expensive either."
  • More Fortinet FortiEDR Pricing and Cost Advice →

  • "The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."
  • "There is an annual license required to use this solution."
  • "We are on an annual subscription for the solution. There are not any additional costs."
  • "Annual licensing."
  • "The price of CrowdStrike Falcon is reasonable."
  • "The licensing model is straightforward. We choose the features we want and we then can download the package we want."
  • "There is no license required to use this solution."
  • "This solution offers annual subscriptions. The pricing for this solution could be reduced."
  • More CrowdStrike Falcon Pricing and Cost Advice →

  • "It is bundled with our enterprise subscription, which makes it easy to go for it. It is available by default, and there is no extra cost for using the standard features."
  • "Azure Defender is definitely pricey, but their competitors cost about the same. For example, a Palo Alto solution is the same price per endpoint, but the ground strikes cost a bit more than Azure Defender. Still, it's pricey for a company like ours. Maybe well-established organizations can afford it, but it might be too costly for a startup."
  • "Defender for Cloud is pretty costly for a single line. It's incredibly high to pay monthly for security per server. The cost is considerable for an enterprise with 500-plus virtual machines, and the monthly bill can spike."
  • "The cost is fair. There aren't any costs in addition to the standard licensing fee."
  • "Pricing depends on your workload size, but it is very cheap. If you're talking about virtual machines, it is $5 or something for each machine, which is minimal. If you go for some agent-based solution for every virtual machine, then you need to pay the same thing or more than that. For an on-premises solution like this, we were paying around $30 to $50 based on size. With Defender, Microsoft doesn't bother about the size. You pay based on the number of machines. So, if you have 10 virtual machines, and 10 virtual machines are being monitored, you are paying based on that rather than the size of the virtual machine. Thus, you are paying for the number of units rather than paying for the size of your units."
  • "The pricing is very difficult because every type of Defender for Cloud has its own metrics and pricing. If you have Cloud for Key Vault, the pricing is different than it is for storage. Every type has its own pricing list and rules."
  • "They have a free version, but the license for this one isn't too high. It's free to start with, and you're charged for using it beyond 30 days. Some other pieces of Defender are charged based on usage, so you will be charged more for a high volume of transactions. I believe Defender for Cloud is a daily charge based on Azure's App Service Pricing."
  • "Pricing is difficult because each license has its own metrics and cost."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EDR (Endpoint Detection and Response) solutions are best for your needs.
    745,140 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection… more »
    Top Answer:Additionally, when it comes to EDR, there are more tools available to assist with client work.
    Top Answer:It is expensive and I would rate it an eight out of ten.
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Top Answer:Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across… more »
    Top Answer:My personal experience with Microsoft Defender for Cloud pricing involves considerations like the size of the… more »
    Comparisons
    Also Known As
    enSilo, FortiEDR
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Learn More
    Overview

    Fortinet FortiEDR is a real-time endpoint protection, detection, and automated response solution. Its primary purpose is to detect advanced threats to stop breaches and ransomware damage. It is designed to do so in real time, even on an already compromised device, allowing you to respond and remediate incidents automatically so your data can remain protected.

    Fortinet FortiEDR Features

    Fortinet FortiEDR has many valuable key features, including:

    • Easily customizable
    • Real-time proactive risk mitigation & IoT security
    • Pre-infection protection
    • Post-infection protection
    • Track applications and ratings
    • Reduce the attack surface with risk-based proactive policies
    • Achieve analysis of entire log history
    • Optional managed detection and response (MDR) service

    Fortinet FortiEDR Benefits

    Some of the key benefits of using Fortinet FortiEDR include:

    • Protection: Fortinet FortiEDR provides proactive, real-time, automated endpoint protection with the orchestrated incident response across platforms. It stops the breach with real-time postinfection blocking to protect data from exfiltration and ransomware encryption.

    • Single unified console: Fortinet FortiEDR has a single unified console with an intuitive interface, which makes management easier. The solution automates mundane endpoint security tasks so your employees don’t need to do it.

    • Cost savings: With Fortinet FortiEDR you can eliminate post-breach operational expenses and breach damage costs.

    • Flexibility: Fortinet FortiEDR can be deployed on premises or on a secure cloud instance. With Fortinet FortiEDR, endpoints are protected both on- and off-line.

    • Scalability: Because Fortinet can be deployed quickly and has a small footprint, it is easy to scale up to protect hundreds of thousand endpoints.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Fortinet FortiEDR users.

    An Owner at a security firm says, "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.”

    Chandan M., Chief Technical Officer at Provision Technologies LLP, mentions, “The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration.” He also adds, “The security is also very good and the firewall response is good.”

    Harpreet S., Information Technology Support Specialist at Chemtrade Logistics, explains, "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."

    DeAndre V., Senior Network Administrator at a financial services firm, states, “The dashboard is easy to follow and use. The deployment and uninstalling were easy. I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow. Exceptions are easy to create and the interface is easy to follow with a nice appearance.

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. 

    Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

    Request a free trial here: https://go.crowdstrike.com/try-falcon-prevent

    Microsoft Defender for Cloud is a comprehensive security solution that provides advanced threat protection for cloud workloads. It offers real-time visibility into the security posture of cloud environments, enabling organizations to quickly identify and respond to potential threats. With its advanced machine learning capabilities, Microsoft Defender for Cloud can detect and block sophisticated attacks, including zero-day exploits and fileless malware.

    The solution also provides automated remediation capabilities, allowing security teams to quickly and easily respond to security incidents. With Microsoft Defender for Cloud, organizations can ensure the security and compliance of their cloud workloads, while reducing the burden on their security teams.

    Offer
    Learn more about Fortinet FortiEDR
    Get Fast and Easy Protection Against All Threats

    Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.

    Learn more about Microsoft Defender for Cloud
    Sample Customers
    Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
    Information Not Available
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Comms Service Provider11%
    Retailer6%
    Educational Organization6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government8%
    Manufacturing Company8%
    Financial Services Firm7%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm18%
    Comms Service Provider8%
    Insurance Company6%
    VISITORS READING REVIEWS
    Computer Software Company14%
    Financial Services Firm10%
    Manufacturing Company8%
    Government7%
    REVIEWERS
    Computer Software Company24%
    Agriculture10%
    Recruiting/Hr Firm10%
    Consumer Goods Company10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Government7%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise21%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise19%
    Large Enterprise50%
    REVIEWERS
    Small Business33%
    Midsize Enterprise23%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    REVIEWERS
    Small Business27%
    Midsize Enterprise11%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise14%
    Large Enterprise66%
    Buyer's Guide
    CrowdStrike Falcon vs. Microsoft Defender for Cloud
    September 2023
    Find out what your peers are saying about CrowdStrike Falcon vs. Microsoft Defender for Cloud and other solutions. Updated: September 2023.
    745,140 professionals have used our research since 2012.

    CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 49 reviews while Microsoft Defender for Cloud is ranked 2nd in CWPP (Cloud Workload Protection Platforms) with 22 reviews. CrowdStrike Falcon is rated 8.6, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, Microsoft Defender XDR, Trend Micro Deep Security, Darktrace and Trend Vision One, whereas Microsoft Defender for Cloud is most compared with Microsoft Defender XDR, AWS GuardDuty, Prisma Cloud by Palo Alto Networks and Microsoft Sentinel. See our CrowdStrike Falcon vs. Microsoft Defender for Cloud report.

    We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.