CrowdStrike Falcon vs Microsoft Defender XDR comparison

CrowdStrike Falcon

Read 112 CrowdStrike Falcon reviews

18,942 Views
13,766 Comparison Views

97% willing to recommend

Microsoft Defender XDR

Read 88 Microsoft Defender XDR reviews

6,366 Views
4,811 Comparison Views

97% willing to recommend

CrowdStrike Falcon

Microsoft Defender XDR

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jun 5, 2024

CrowdStrike Falcon and Microsoft Defender are both Extended Detection and Response (XDR) solutions that offer endpoint protection and threat detection capabilities. CrowdStrike Falcon is a standalone platform, whereas Defender XDR integrates seamlessly with Microsoft security products.

Features: CrowdStrike excels in advanced threat detection with machine learning algorithms for proactive threat hunting and customizable alert settings. Defender XDR prioritizes a streamlined incident response experience with automation capabilities. CrowdStrike provides more granular control over alerts and offers a wider range of integrations with third-party security tools. Defender XDR integrates seamlessly with other Microsoft security products for a unified experience within the Microsoft ecosystem.
Pricing and ROI: Pricing structures for both solutions can be complex and depend on factors like organization size and features needed. However, CrowdStrike pricing is competitive but generally has a higher upfront cost. Both platforms offer significant improvements in security posture, potentially leading to a positive ROI through reduced breaches and faster incident response.
Room for Improvement: CrowdStrike users mention complexities in customizing alerts and reports, and some reviewers find its pricing less flexible compared to Defender XDR. Microsoft Defender users desire better threat detection and improved integration with other tools outside the Microsoft ecosystem.
Deployment and Setup: CrowdStrike Falcon is a cloud-native solution, offering a faster and easier deployment process. Microsoft Defender XDR leverages existing Microsoft infrastructure, but setup might require more configuration for organizations with limited Microsoft product usage.
Customer Support: CrowdStrike users consistently rank customer support as highly responsive and knowledgeable. While Defender XDR support receives positive marks, some users might miss the dedicated account management offered by CrowdStrike.

The summary above is based on 207 interviews we conducted recently with CrowdStrike Falcon and Microsoft 365 Defender users. To access the review's full transcripts, download our report.

To learn more, read our detailed CrowdStrike Falcon vs. Microsoft Defender XDR Report (Updated: June 2024).

Buyer's Guide

CrowdStrike Falcon vs. Microsoft Defender XDR

June 2024

Download the complete report

Helped 793,295 peers since 2012

Categories and Ranking

CrowdStrike Falcon

Ranking in Endpoint Detection and Response (EDR)

3rd

Ranking in Extended Detection and Response (XDR)

1st

Average Rating

8.6

Number of Reviews

112

Ranking in other categories

Endpoint Protection Platform (EPP) (3rd), Ransomware Protection (1st), Identity Threat Detection and Response (ITDR) (3rd), AI-Powered Cybersecurity Platforms (1st)

Microsoft Defender XDR

Ranking in Endpoint Detection and Response (EDR)

6th

Ranking in Extended Detection and Response (XDR)

5th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Microsoft Security Suite (1st)

Mindshare comparison

As of July 2024, in the Extended Detection and Response (XDR) category, the mindshare of CrowdStrike Falcon is 20.3%, down from 24.6% compared to the previous year. The mindshare of Microsoft Defender XDR is 11.2%, up from 6.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Unique Categories:

Endpoint Protection Platform (EPP)

10.6%

Endpoint Detection and Response (EDR)

18.4%

Microsoft Security Suite

5.2%

Featured Reviews

reviewer2396214

Head of Information Technology at SIT

May 2, 2024

Helps protect our data, is stable, and reasonably priced

A popular choice for Data Loss Prevention is CrowdStrike Falcon. This is the primary function our clients leverage it for, as it offers industry-leading DLP capabilities CrowdStrike Falcon has helped our customers secure their confidential data. The DLP is the most valuable feature of…

Read full review

Ibru PP

Group IT Manager at Civcns

Nov 20, 2023

Helps us reduce the security solutions used, provides unified identity and access management, and saves our security team time

In part, Microsoft Defender XDR provides unified identity and access management. Microsoft Defender XDR can protect 98 percent of devices. With Microsoft Defender XDR we can now manage all of our non-critical computers from one console. The management level and implementation level are easy. Microsoft Defender XDR is also cost-effective. We have been using Microsoft solutions for over 25 years so it didn't take much convincing to start using Microsoft Defender XDR. Microsoft Defender XDR has enabled us to discontinue the use of Kaspersky in our safe computers. Being able to reduce the number of solutions used has been helpful to our security team's operations. The discontinued use of other security products has reduced manual correlation. Using Microsoft has a lot of advantages, especially in management. The reduction in manual correlation is important for our organization. Microsoft Defender XDR saves our security team around three hours a day.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The stability is good; we haven't experienced any glitches or bugs."

"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."

"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."

"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."

"The stability is very good."

"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."

"The initial setup is a very fast process."

"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."

More CrowdStrike Falcon pros

"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."

"It reduces the risk of users accidentally clicking on phishing emails."

"Email protection is the most valuable feature of Microsoft Defender XDR."

"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."

"Microsoft Defender is stable."

"Microsoft 365 Defender is a good solution and easy to use."

"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

More Microsoft Defender XDR pros

Cons

"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."

"The UI is not efficient."

"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."

"The price is too high."

"The detection time has room for improvement."

"I have worked with their technical support on several problems that were never fully resolved."

"The Integration with tools, SOC tools, could be better."

"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."

More CrowdStrike Falcon cons

"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."

"The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution."

"Advanced attacks could use an improvement."

"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."

"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."

"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."

"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."

More Microsoft Defender XDR cons

Pricing and Cost Advice

"The price of CrowdStrike Falcon is expensive."

"There is no license required to use this solution."

"I do not have experience with the cost or licensing of the product."

"CrowdStrike Falcon's price is good."

"Crowdstrike Falcon is relatively cheap."

"I am not aware of the price, but I believe that it is among the most expensive XDRs out there. Of course, this is dependent on the features you choose. Depending on the features, the price might increase."

"The pricing of CrowdStrike Falcon is competitive."

"We bought a very small number of licenses, then ran it for a year. We bought a 100 licenses for a year, so we didn't actually do a proof of concept. We just bought them. Then, the next year, we bought 10,000 licenses."

More CrowdStrike Falcon pricing and cost advice

"Defender XDR is included in the E5 license, but it's a bit too expensive."

"We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."

"With the little idea I have about the costs, I can say that XDR tools tend to be a bit expensive. If you are using Microsoft Defender XDR, then you need to go for a subscription-based pricing model."

"I find the pricing to be quite competitive, especially considering its inclusion in our E5 subscription, which provides a comprehensive set of functionalities."

"Microsoft Defender XDR's licensing is complicated."

"Microsoft Defender XDR is included in our license."

"Microsoft Defender XDR is expensive."

"It is 15 dollars per server per month. It is worth it, but it can be costly. It depends on the company's size."

More Microsoft Defender XDR pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

793,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Computer Software Company

17%

Financial Services Firm

11%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How does Crowdstrike Falcon compare with Darktrace?

Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...

See all answers

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...

See all answers

What do you like most about Microsoft 365 Defender?

Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.

See all answers

What is your experience regarding pricing and costs for Microsoft 365 Defender?

The pricing is reasonable. It's cheaper than other options.

See all answers

What needs improvement with Microsoft 365 Defender?

The solution can improve the rules and privileges it offers. They need to be more transparent with changes. Often, changes come too rapidly.

See all answers

Comparisons

Darktrace vs CrowdStrike Falcon

Compared 5% of the time

Microsoft Defender for Endpoint vs CrowdStrike Falcon

Compared 4% of the time

Trend Vision One vs CrowdStrike Falcon

Compared 3% of the time

Symantec Endpoint Security vs CrowdStrike Falcon

Compared 3% of the time

Fortinet FortiEDR vs CrowdStrike Falcon

Compared 3% of the time

More CrowdStrike Falcon Competitors

Microsoft Defender for Cloud vs Microsoft Defender XDR

Compared 13% of the time

Wazuh vs Microsoft Defender XDR

Compared 5% of the time

Microsoft Purview Compliance Manager vs Microsoft Defender XDR

Compared 5% of the time

Trend Vision One vs Microsoft Defender XDR

Compared 4% of the time

Microsoft Sentinel vs Microsoft Defender XDR

Compared 2% of the time

More Microsoft Defender XDR Competitors

Product Reports

Buyer's Guide

CrowdStrike Falcon

July 2024

Download CrowdStrike Falcon product report

Buyer's Guide

Microsoft Defender XDR

July 2024

Download Microsoft Defender XDR product report

Also Known As

CrowdStrike Falcon, CrowdStrike Falcon XDR

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender

Learn More

CrowdStrike

Microsoft

Overview

CrowdStrike Falcon offers advanced threat detection, real-time visibility, easy interface, and responsive customer support. It enhances workflow and efficiency, promotes collaboration, streamlines processes, and boosts productivity. With features like incident response options, customizable alerts, and proactive threat hunting, it helps protect organizations from malware and ransomware attacks.

Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment.

It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks.

Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

Sample Customers

Information Not Available

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.

Buyer's Guide

CrowdStrike Falcon vs. Microsoft Defender XDR

June 2024

Free Report: CrowdStrike Falcon vs. Microsoft Defender XDR

Find out what your peers are saying about CrowdStrike Falcon vs. Microsoft Defender XDR and other solutions. Updated: June 2024.

DOWNLOAD NOW

793,295 professionals have used our research since 2012.

See our CrowdStrike Falcon vs. Microsoft Defender XDR report.

See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.