Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
  • 2
  • 206

How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?

Which would you choose?

PeerSpot user
2 Answers
Henrique Barjas - PeerSpot reviewer
Infrastructure Manager at a energy/utilities company with 201-500 employees
Real User
Top 10
Sep 13, 2021

The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature but on the platform, you can drill down the events to find the starter of a blocked event. 

It does have basic features to whitelist programs and paths, does show you information about what kind of threat was blocked, gives you information about user logged, machine details (SO, version, serial, Mac Address, Local and WAN IP,...) and grants you with the time, the file that executed the event, allows you to group devices and define exclusion, detection, response policies based on them. 

It does allow you to create specific profiles for each type of user like helpdesk analysts, managers, etc (with different access, etc).

The solution is pretty good, actually and I'm pretty happy with it. I don't have experience with Microsoft Defender for Endpoint but will do in a couple of months to update this. =]

Product comparison that may be of interest to you
IT Consultant/Program Manager at a comms service provider with 10,001+ employees
Sep 7, 2021

Depends on your budget and on the conditions of a Microsoft license. If you have an M365 license (like E3 or E5), Microsoft is cheaper.

In terms of functionality, CrowdStrike is better.

Find out what your peers are saying about CrowdStrike Falcon vs. Microsoft Defender for Endpoint and other solutions. Updated: November 2022.
653,522 professionals have used our research since 2012.
Related Questions
Ammar Jibarah - PeerSpot reviewer
IT Security at Aramex
Sep 8, 2022
Hi community, I work as an IT Security person at a large Logistics company. At the moment, I'm researching these 2 products for my organization: Microsoft Defender for Endpoint and Cortex XDR by Palo Alto Networks. Most comparisons and reviews I found were done in late 2021 and early 2022. As of now, considering all Microsoft Updates on their Defender, which product would you prefer to use?...
2 out of 3 answers
Zubair Ahmad - PeerSpot reviewer
Chief Manager at Arcil
Sep 7, 2022
I have not used Microsoft Defender and only used Cortex XDR by Palo Alto Networks. My experience with Cortex is not good as you need to whitelist each and every exe file of each adn every computer. My recommendation for you is to go for Cynet360 MDR which is far better than Cortex in terms of auto detection and remediation. You will get genuine alert.
Director, Customer Success at SecureWorks
Sep 7, 2022
I would go for the one with the best independent threat intelligence, a platform that allows you to change, add, move IT and Security infrastructure without impacting your security platform.  I would also place a close attention to storage costs, service levels and the number of resources providing human intelligence on top of machine intelligence for investigation and incident response, all in one platform.  But I am biased ;-)
Apr 4, 2022
Hi peers, I'm looking for a comparison study between Microsoft Defender for Endpoint and Tanium EDR solutions (with all the pros and cons) .  Can you please share the pros and cons of these products? I appreciate the help! 
See 1 answer
Chief Information Security Officer at a construction company with 10,001+ employees
Apr 4, 2022
I don't. I prefer Cynet to both of them.
Download Free Report
Download our FREE report comparing CrowdStrike Falcon and Microsoft Defender for Endpoint based on reviews, features, and more! Updated: November 2022.
653,522 professionals have used our research since 2012.