CrowdStrike Falcon vs Trend Micro Deep Security comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Mar 31, 2022

We performed a comparison between CrowdStrike Falcon and Trend Micro Deep Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: All CrowdStrike Falcon users report the initial setup to be straightforward, as do most Trend Micro Deep Security reviewers.
  • Features: Users of both products are happy with their high level of security.

    CrowdStrike Falcon users report being very satisfied with its performance, scalability, and reliability. A few CrowdStrike Falcon users would like to see better reporting abilities and improvements to the dashboard’s user interface.

    Trend Micro Deep Security users like the product’s automated virtual patching. Several Trend Micro Deep Security users mention that the tool isn’t very user-friendly.
  • Pricing: Most CrowdStrike Falcon users feel that the price of the product is fair. In contrast, most Trend Micro Deep Security users say that the price of the product is high.
  • ROI: CrowdStrike Falcon users report a significant ROI. Trend Micro Deep Security reviewers do not explicitly mention ROI.
  • Service and Support: All CrowdStrike Falcon reviewers and most Trend Micro Deep Security reviewers report being satisfied with the level of support they receive.

Comparison Results: CrowdStrike Falcon is the clear winner in this comparison. It is stable, easy to use, and high performing. In addition, it is easier to deploy and less expensive than Trend Micro Deep Security.

To learn more, read our detailed EDR (Endpoint Detection and Response) Report (Updated: June 2023).
710,326 professionals have used our research since 2012.
Q&A Highlights
Question: Is Crowdstrike Falcon better than Trend Micro Deep Security?
Answer: I can't say one way or the other for sure, but, having experienced Trend Micro in the past from an endpoint perspective they have their own way of doing things. They certainly didn't catch everything that even basic a/v like SEP did and they had a very convoluted setup and system configuration. Not sure on how falcon compares but cost wise Trend would probably be the cheap option while Falcon would be more expensive but easier to work in/with.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts.""appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us.""The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware.""I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see.""Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy.""The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor.""The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great.""It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."

More Cisco Secure Endpoint Pros →

"The stability is very good.""All the features are beneficial.""CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow.""The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control.""The most valuable features are the complete IPS and IDS.""The solution is silent and sits on your system as one single agent.""The scalability is good.""It provides very good protection and the ability to crosscheck environments."

More CrowdStrike Falcon Pros →

"It can scale well.""Technical support is good.""Virtual patching is a wonderful feature where we do a recommendation scan and an internal assessment on the server, and it updates the IPS signatures to block any attack. I have seen instances where it has prevented attacks on the end-of-support servers such as 2018 R2, and many years ago, even 2007 servers that were end-of-support. It certainly helped there.""The VPN is the most prized characteristic of Trend Micro Deep Security, which in addition addresses all zero-day vulnerabilities. This allows us to confidently transfer our system physically, as it presents to the external world, whether it be an intruder or a hacker, that our system is completely secure without any weak spots. Even if the latest security patches have not been installed or updated, the software virtually covers them for you.""The solution is quite secure.""It is a scalable solution. If required, we can scale it more. That's not an issue...The solution's initial setup process was straightforward.""Trend Micro Deep Security is a complete solution and all the threat management has been taken care of.""Deep Security's most valuable features are antivirus and host intrusion detection."

More Trend Micro Deep Security Pros →

Cons
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing.""The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product.""The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself.""This product has issues with the number of false positives that it reports.""The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers.""An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number.""It could be improved in connection with artificial intelligence and IoT.""In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."

More Cisco Secure Endpoint Cons →

"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak.""Technical support could be better than what is currently offered.""The ability to receive text alerts natively in the console would be kind of cool.""It can be expensive depending on the features you select.""This solution could be improved with greater scope for admins to make changes to the solution.""CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve.""They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution.""The overall cost of CrowdStrike Falcon could be reduced."

More CrowdStrike Falcon Cons →

"Trend Micro Deep Security security and scalability could be improved.""What this product lacks at this stage is the ability to have automated workbooks to do the response. At this stage, the response is more manual, and it is not automated. If there is a response functionality in Deep Security, similar to what we have in EDR these days, to automatically respond to some of the threats, it would be cool. So, we'd like to have an automated response. There should be a response functionality.""We'd like to see extended capacity in the on-premises versions.""Pricing is on the expensive side and could be more affordable. The technical support for Trend Micro Deep Security also needs improvement.""I've not worked with CrowdStrike Falcon, but one of our customers also had CrowdStrike Falcon on some of the devices. I was only supporting Trend Micro. They had a ransomware attack, but Trend Micro didn't detect that particular ransomware attack, whereas CrowdStrike did.""We want to see improved authentication.""The risk is very complex. We need our tools to be more intelligent, more automated, more detectable.""The implementation can be inflexible and not easy, as it requires knowledge of things like virtualization and administration on Windows."

More Trend Micro Deep Security Cons →

Pricing and Cost Advice
  • "We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
  • "Cisco Secure Endpoint is not too expensive and it's not cheap. It's quite fair."
  • "The price is very fair to the customer."
  • "...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
  • "The pricing and licensing fees are okay."
  • "Because we do see the value of what it's bringing, I think they have priced it well."
  • "The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
  • "We had faced some license issues, but it has been improved. At the beginning of the implementation, we faced a lot of licensing issues, but now, we have EA licensing, which gives us an opportunity to grow."
  • More Cisco Secure Endpoint Pricing and Cost Advice →

  • "The price of CrowdStrike Falcon could be better. It is very expensive, we pay approximately $900 per month for the licenses. There are not any additional fees."
  • "The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky."
  • "There is an annual license required to use this solution."
  • "We are on an annual subscription for the solution. There are not any additional costs."
  • "Annual licensing."
  • "The price of CrowdStrike Falcon is reasonable."
  • "The licensing model is straightforward. We choose the features we want and we then can download the package we want."
  • "There is no license required to use this solution."
  • More CrowdStrike Falcon Pricing and Cost Advice →

  • "We are paying approximately $50,000 each month, it's definitely expensive."
  • "It is a very expensive solution. It would be nice if they lower its price. Its license is based on the machines."
  • "The pricing is okay. Deep Security is single-server license-based, so it will work based on how many licenses you have procured. There is a yearly subscription for each license."
  • "We pay a yearly fee of between $10,000 and $15,000."
  • "There is a subscription cost to use this product."
  • "We don't pay any licensing fees."
  • "Most of it is annual at this stage."
  • "Licensing fees are paid yearly."
  • More Trend Micro Deep Security Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which EDR (Endpoint Detection and Response) solutions are best for your needs.
    710,326 professionals have used our research since 2012.
    Answers from the Community
    Netanya Carmi
    Kirk Stephen - PeerSpot reviewerKirk Stephen
    Real User

    Having previously run a penetration testing company, I can tell you that the general feedback I have from professional hackers is that CrowdStrike Falcon does make their job a lot more difficult. 


    The "traditional" players in the endpoint protection market e.g. Trend Micro, Symantec and McAfee they generally view as trivial to bypass.

    Questions from the Community
    Top Answer:The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP… more »
    Top Answer:On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the… more »
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing… more »
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Top Answer:I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is the… more »
    Top Answer:Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and containers -… more »
    Top Answer:It is a scalable solution. If required, we can scale it more. That's not an issue...The solution's initial setup process… more »
    Comparisons
    Also Known As
    Cisco AMP for Endpoints
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Deep Security
    Learn More
    Cisco
    Video Not Available
    Overview

    Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities.

    Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.

    Learn more about Secure Endpoint: www.cisco.com/go/endpoint

    Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.

    Reviews from Real Users

    Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.

    Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."

    Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. 

    Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

    Request a free trial here: https://go.crowdstrike.com/try-falcon-prevent

    Trend Micro Deep Security is a comprehensive solution for endpoint security and server protection, which prevents ransomware attacks and unauthorized access attempts. Its valuable features include tracing back attacks, antivirus protection, endpoint detection and response, firewall-based solution, threat detection, predictive machine learning and AI monitoring, VPM, virtualization, and sandboxing. 

    The solution is easy to use, scalable, stable, and reliable, with good technical support. It has helped organizations perform well against malware and vulnerabilities, provide patching from the Protection Cloud, and improve their security posture.

    Trend Micro Deep Security Features

    Trend Micro Deep Security has many valuable key features. Some of the most useful ones include:

    • Server virtualization: Trend Micro Deep Security allows you to secure your virtual environment while gaining the benefits of virtualization, such as increased efficiencies and ROI. Security that is virtualization-aware preserves productivity and allows for higher VM densities.
    • Desktop virtualization: Trend Micro Deep Security provides the best security for a wide range of virtual desktop scenarios. Its anti-malware, intrusion prevention, web application protection, firewall, and other security features are optimized for VMware VDI environments. This ensures that the virtual desktops and underlying host are not impacted by a security agent.
    • VMware NSX integration: The integration of NSX within the Trend Micro Deep Security platform improves security deployment automation while also enhancing virtual environment protection. Trend Micro Deep Security enhances the advantages of micro-segmentation by adding security policies and capabilities that follow VMs everywhere they go.
    • Virtual patching: Virtual patching solutions from Trend Micro Deep Security provide immediate security while removing the challenges of emergency patching, repeated patch cycles, and costly system downtime. Virtual patching with Trend Micro Deep Security keeps your servers and endpoints secure while lowering the risk of breach disclosure costs.
    • Cloud protection: Agentless and agent-based deployments from Trend Micro Deep Security give various cloud implementation options with cross-cloud administration. This protects your servers, applications, and data.
    • Virtualization security: Trend Micro Deep Security protects virtual desktops and servers from zero-day malware and network-based threats. This can reduce the impact of resource inefficiencies and emergency patching.
    • Cloud security: Service providers and modern data center managers can use Trend Micro Deep Security to deliver a safe multi-tenant cloud environment with security policies that can be extended to cloud workloads and managed centrally with consistent, context-aware policies.

    Reviews from Real Users

    Trend Micro Deep Security stands out among its competitors for a number of reasons. Two major ones are its robust data and loss prevention feature and its patch management, which saves users money. PeerSpot users take note of the advantages of these features in their reviews:

    One PeerSpot reviewer, a Senior Security Advisor at a healthcare company, writes, “DLP, Data Loss Prevention, and the complexity of how we manage the console and how this client, or this tool, will notify us when there is something going wrong within the server and endpoint, is good.”

    Nadeem S., CEO at Haniya Technologies, notes of the solution, “Patch management is most valuable. The major selling point of Deep Security is that it is based on the cloud. Deep Security is for the servers and databases of data centers, and generally, for patch management, you have to shut down the machines, and then you have to restart them. So, they need shutdown time, which is a cost.”

    Offer
    Learn more about Cisco Secure Endpoint
    Get Fast and Easy Protection Against All Threats

    Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.

    Learn more about Trend Micro Deep Security
    Sample Customers
    Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
    Information Not Available
    Rush University Medical Center, Guess? Inc., Mazda Motor Logistics Europe, MEDHOST, KSC Commercial Internet Co., Ricoh Company Ltd., Square Enix, SoftBank Telecom, Telecom Italia, United Way of Greater Atlanta, A&W Food Services of Canada
    Top Industries
    REVIEWERS
    Computer Software Company12%
    Healthcare Company12%
    Comms Service Provider12%
    Government8%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government9%
    Financial Services Firm7%
    Comms Service Provider7%
    REVIEWERS
    Computer Software Company20%
    Financial Services Firm18%
    Comms Service Provider8%
    Energy/Utilities Company6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Healthcare Company19%
    Financial Services Firm16%
    Comms Service Provider12%
    Computer Software Company12%
    VISITORS READING REVIEWS
    Educational Organization19%
    Computer Software Company16%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise24%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise17%
    Large Enterprise55%
    REVIEWERS
    Small Business33%
    Midsize Enterprise23%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    REVIEWERS
    Small Business33%
    Midsize Enterprise25%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise31%
    Large Enterprise50%
    Buyer's Guide
    EDR (Endpoint Detection and Response)
    June 2023
    Find out what your peers are saying about Microsoft, CrowdStrike, SentinelOne and others in EDR (Endpoint Detection and Response). Updated: June 2023.
    710,326 professionals have used our research since 2012.

    CrowdStrike Falcon is ranked 2nd in EDR (Endpoint Detection and Response) with 50 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 35 reviews. CrowdStrike Falcon is rated 8.6, while Trend Micro Deep Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Trend Micro Deep Security writes "Supports virtual patching, and is easy to deploy, use, and manage". CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Darktrace and Cortex XDR by Palo Alto Networks, whereas Trend Micro Deep Security is most compared with Trend Micro Apex One, Microsoft Defender for Endpoint, Carbon Black CB Defense, Symantec Endpoint Security and SentinelOne Singularity Complete.

    We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.