We performed a comparison between CrowdStrike Falcon and Trend Micro Deep Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: CrowdStrike Falcon is the clear winner in this comparison. It is stable, easy to use, and high performing. In addition, it is easier to deploy and less expensive than Trend Micro Deep Security.
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"The VPN is most valuable. It's the best thing in the market today. We can use two-factor authentication with another platform, and we can authenticate with two-factor."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"The stability is very good."
"All the features are beneficial."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
"The most valuable features are the complete IPS and IDS."
"The solution is silent and sits on your system as one single agent."
"The scalability is good."
"It provides very good protection and the ability to crosscheck environments."
"It can scale well."
"Technical support is good."
"Virtual patching is a wonderful feature where we do a recommendation scan and an internal assessment on the server, and it updates the IPS signatures to block any attack. I have seen instances where it has prevented attacks on the end-of-support servers such as 2018 R2, and many years ago, even 2007 servers that were end-of-support. It certainly helped there."
"The VPN is the most prized characteristic of Trend Micro Deep Security, which in addition addresses all zero-day vulnerabilities. This allows us to confidently transfer our system physically, as it presents to the external world, whether it be an intruder or a hacker, that our system is completely secure without any weak spots. Even if the latest security patches have not been installed or updated, the software virtually covers them for you."
"The solution is quite secure."
"It is a scalable solution. If required, we can scale it more. That's not an issue...The solution's initial setup process was straightforward."
"Trend Micro Deep Security is a complete solution and all the threat management has been taken care of."
"Deep Security's most valuable features are antivirus and host intrusion detection."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"This product has issues with the number of false positives that it reports."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"It could be improved in connection with artificial intelligence and IoT."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."
"Technical support could be better than what is currently offered."
"The ability to receive text alerts natively in the console would be kind of cool."
"It can be expensive depending on the features you select."
"This solution could be improved with greater scope for admins to make changes to the solution."
"CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
"They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."
"The overall cost of CrowdStrike Falcon could be reduced."
"Trend Micro Deep Security security and scalability could be improved."
"What this product lacks at this stage is the ability to have automated workbooks to do the response. At this stage, the response is more manual, and it is not automated. If there is a response functionality in Deep Security, similar to what we have in EDR these days, to automatically respond to some of the threats, it would be cool. So, we'd like to have an automated response. There should be a response functionality."
"We'd like to see extended capacity in the on-premises versions."
"Pricing is on the expensive side and could be more affordable. The technical support for Trend Micro Deep Security also needs improvement."
"I've not worked with CrowdStrike Falcon, but one of our customers also had CrowdStrike Falcon on some of the devices. I was only supporting Trend Micro. They had a ransomware attack, but Trend Micro didn't detect that particular ransomware attack, whereas CrowdStrike did."
"We want to see improved authentication."
"The risk is very complex. We need our tools to be more intelligent, more automated, more detectable."
"The implementation can be inflexible and not easy, as it requires knowledge of things like virtualization and administration on Windows."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 2nd in EDR (Endpoint Detection and Response) with 50 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 35 reviews. CrowdStrike Falcon is rated 8.6, while Trend Micro Deep Security is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Trend Micro Deep Security writes "Supports virtual patching, and is easy to deploy, use, and manage". CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Darktrace and Cortex XDR by Palo Alto Networks, whereas Trend Micro Deep Security is most compared with Trend Micro Apex One, Microsoft Defender for Endpoint, Carbon Black CB Defense, Symantec Endpoint Security and SentinelOne Singularity Complete.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
I like that Crowdstrike allows me to easily correlate data between my firewalls. What’s most useful for my needs is the intelligence modules feature. I also find that Crowdstrike Falcon’s dashboard is very user-friendly; Information is easy to find because of how it is presented and everything is linkable, which is a big win for me. Stability is fantastic and so is the scalability. I was able to do so many endpoints so easily, and without any issues. In terms of pricing, Crowdstrike Falcon is reasonable for all that it has to offer. As far as technical support, that has been great too.
Trend Micro Deep Security offers a lot of features. It guarantees security for your data center, cloud, and containers - all with a unified and comprehensive SaaS solution and without compromising performance. Although that might make it sound appealing, every time there are new features released, they have to be paid for separately, which I am not thrilled about.
Trend Micro Deep Security offers powerful protection, an all-in-one workload security option (which may help with eliminating the cost of deploying multiple point solutions), and flexible integration. They also offer a “pay-for-what-you-use” pricing model which is hard to come by. While their pricing model seems enticing, a big downside for me is that it does not support versions prior to Windows 7. It has a good intrusion prevention feature that I like. However, that is not enough for me to settle for Trend Micro Deep instead of Crowdstrike.
Conclusion:
I much prefer Crowdstrike Falcon over Trend Micro Deep Security because I feel that it is much more reliable. While Trend Micro Deep Security may be represented as a classic antivirus solution, I am satisfied with the overall performance of Crowdstrike Falcon and happy with my purchase of the product.
Having previously run a penetration testing company, I can tell you that the general feedback I have from professional hackers is that CrowdStrike Falcon does make their job a lot more difficult.
The "traditional" players in the endpoint protection market e.g. Trend Micro, Symantec and McAfee they generally view as trivial to bypass.