2020-08-19T11:14:00Z

CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance

CrowdStrike Falcon and Microsoft Defender ATP are popular tools for EDR. Have you done a POC on these two tools, or had experience using them? If so, please share some insights on how these products perform, and which you would recommend.

Rony_Sklar - PeerSpot reviewer
Community Manager at a tech services company with 51-200 employees
  • 3
  • 234
3
PeerSpot user
3 Answers
RG
CS at First Majestic Silver Corp
User
2020-08-21T17:27:04Z
Aug 21, 2020

In a nutshell, Microsoft as most of its products tend to be behind the leaders and ATP is no exception, we used both and stayed with Falcon. With ATP you think you are protected until you deploy Falcon, or any other NGAV, and realize you were blind. We also used Cylance and still better than MS ATP.

A few reasons why Falcon: Time response, real AI engine no signatures, support, easy to manage, one of the most well-organized vendors we've worked with, one of my favorites: if you don't have the --expertise-- and human power in-house they offer a fully managed insured ($1M) solution that monitors all the way to remediation 24x7 in less than 30min and without user intervention or interruption. Last, network containment at the click of a button in real-time with the ability to still remediate remotely

Rony_Sklar - PeerSpot reviewer
Community Manager at a tech services company with 51-200 employees
Community Manager
Aug 23, 2020

@R.G. ​Thanks for your input! How long have you been using Falcon?

PeerSpot user
Product comparison that may be of interest to you
SP
Managing Member at Pender & Associates
Real User
Top 20
2020-08-22T08:30:14Z
Aug 22, 2020

SentinelOne is my recommended solution.


The SentinelOne Endpoint Protection Platform (EPP) unifies prevention, detection, and response in a single purpose-built agent, powered by machine learning and automation. It is not reliant on hash signatures or an internet connection. SentinelOne provides prevention and detection of attacks across all major vectors and rapid elimination of threats with a fully automated real-time response without human intervention.


SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.


Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.


Your reputation and your company's cyber security is in your hands - make an informed decision.

Rony_Sklar - PeerSpot reviewer
Community Manager at a tech services company with 51-200 employees
Community Manager
Aug 23, 2020

@Steve Pender ​Thank for your input. Have you worked with CrowdStrike Falcon or Microsoft Defender ATP? 

PeerSpot user
RG
CS at First Majestic Silver Corp
User
2020-08-25T01:50:55Z
Aug 25, 2020

1 year.

Find out what your peers are saying about CrowdStrike Falcon vs. Microsoft Defender for Endpoint and other solutions. Updated: September 2023.
735,226 professionals have used our research since 2012.
Related Questions
VM
Senior Manager INFOSEC AND Risk ASSESSMENT Engineering at Atlas Systems
May 10, 2023
Hello community,  I am a Senior Manager at a medium-sized tech services company. I have a client who is trying to decide which solution would be the best for them. Can you please provide a technical comparison between CrowdStrike Falcon and SentinelOne Singularity Complete? Thank you for your help.
2 out of 3 answers
May 8, 2023
Hi ViJay - Are they open to other solutions as well?
Iñaki Martinez Urricelqui - PeerSpot reviewer
Threat Analysis Technology Risk & Cybersecurity Analyst II at a consultancy with 5,001-10,000 employees
May 9, 2023
I think both solutions are very good. https://blog.ithq.pro/sentinel... I leave you a comparison of this website made by users. https://www.peerspot.com/produ...
Ronald Chavez - PeerSpot reviewer
Cloud Services
Feb 20, 2023
Hi everyone,  What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions? I have demoed these solutions together. There are as well other alternatives that integrate with SaaS services. Thank you for your help.
2 out of 4 answers
James OConnor - PeerSpot reviewer
Sr. Solutions Sales Executive - Commercial/Charity/Healthcare/SMB Individual Contributor at Hypertec Direct
Feb 15, 2023
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.   There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...   But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations. Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...
Gaurav Chandola - PeerSpot reviewer
Senior Associate Specialist at a financial services firm with 1,001-5,000 employees
Feb 16, 2023
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.        1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.        2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.         3. You can still use autopilot using both of these approaches. 
Product Comparisons
Download Free Report
Download our FREE report comparing CrowdStrike Falcon and Microsoft Defender for Endpoint based on reviews, features, and more! Updated: September 2023.
DOWNLOAD NOW
735,226 professionals have used our research since 2012.