• Home
  • CrowdStrike Falcon vs. Forescout XDR

CrowdStrike Falcon vs Forescout XDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 78 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
CrowdStrike Logo
CrowdStrike Falcon
Read 107 CrowdStrike Falcon reviews
19,763 views|14,219 comparisons
97% willing to recommend
Forescout Logo
Forescout XDR
Read 1 Forescout XDR review
168 views|92 comparisons
0% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Extended Detection and Response (XDR)
May 2024
Executive Summary

We performed a comparison between CrowdStrike Falcon and Forescout XDR based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: May 2024).
Download the complete report
772,127 professionals have used our research since 2012.
Featured Review
Anonymous User
Researched CrowdStrike Falcon but chose Microsoft Defender XDR: It has many built-in policies that can improve your organization's cloud security posture
Defender reduced our attack surface with built-in rules for USB-based threats. Sometimes employees plug in a USB containing threats. Defender will... Read more →
Anonymous User
Helps protect our data, is stable, and reasonably priced
CrowdStrike Falcon has helped our customers secure their confidential data.
Utpal Sinha
Provides efficient network access control, but its support services need improvement
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.""The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR.""The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging.""Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability.""I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc.""The unified view of the threat landscape on a central dashboard is the most valuable feature.""It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints.""The EDR and the way it automatically responds to ransomware and other attacks are valuable features."

More Microsoft Defender XDR Pros →

"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that.""The automatic alert feature is the most important feature of the solution.""I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution.""We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment.""The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate.""I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.""CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details.""The detection is very effective."

More CrowdStrike Falcon Pros →

"The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc."

More Forescout XDR Pros →

Cons
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR.""There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things.""It would be helpful if the solution could scan faster when it comes to scanning attachments to emails.""The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution.""The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better.""Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features.""The data recovery and backup could be improved."

More Microsoft Defender XDR Cons →

"CrowdStrike Falcon needs to improve their host management system.""The detection time has room for improvement.""In the six months that I have been using CrowdStrike, it has not been able to detect anything.""The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders.""To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features.""This solution is relatively expensive.""I would also like to see the endpoint firewall component produce some level of logging and feedback.""A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."

More CrowdStrike Falcon Cons →

"The product is more expensive than other vendors in terms of features."

More Forescout XDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "The pricing will depend upon your volume of usage."
  • "I would like them to further reduce the price, because it is quite pricey at the moment."
  • "Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace."
  • "I do not have experience with the cost or licensing of the product."
  • "The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end users PC and we can tell if it's something that we actually need or something that's malicious."
  • "We are at about $60,000 per year."
  • "This solution has a very competitive price."
  • "Our company pays approximately US$ 65,000 annually for 900 machines."

    • More CrowdStrike Falcon Pricing and Cost Advice →

  • "The product is more expensive than other vendors in terms of features."

    • More Forescout XDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    772,127 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and… more »
    Read all 41 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying… more »
    Read all 31 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally… more »
    Read all 40 answers   →
    Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    How does Crowdstrike Falcon compare with Darktrace?
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Read all 2 answers   →
    What do you like most about Forescout XDR?
    Top Answer:The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc.
    What is your experience regarding pricing and costs for Forescout XDR?
    Top Answer:The product is more expensive than other vendors in terms of features. In comparison, Qualys offers good support… more »
    What needs improvement with Forescout XDR?
    Top Answer:The product's support services have limitations. We have to connect with their senior executives to get correct and… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Learn More
    Microsoft
    CrowdStrike
    Forescout
    Video Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    CrowdStrike Falcon offers advanced threat detection, real-time visibility, easy interface, and responsive customer support. It enhances workflow and efficiency, promotes collaboration, streamlines processes, and boosts productivity. With features like incident response options, customizable alerts, and proactive threat hunting, it helps protect organizations from malware and ransomware attacks.

    Forescout XDR is an eXtended detection and response solution that converts telemetry and logs into high fidelity, SOC-actionable probable threats.

    It automates the detection, investigation, hunt for and response to advanced threats across all connected assets – IT, OT/ICS, IoT and IoMT – from campus to cloud to data center to edge. Forescout XDR combines essential SOC technologies and functions into a unified, cloud-native platform, viewable and actionable from a single console.

    Forescout XDR Business Value

    • Reduces business risk: Reduce the risk and magnitude of a successful attack, business disruption or data breach by eliminating alert noise so you can quickly and accurately detect, investigate, and respond to the broadest range of advanced threats.
    • Optimize security operations: Streamline the analyst function and speed complex investigation and threat-hunting processes with enriched, normalized, and contextualized data correlated to produce a small number of detections that warrant investigation – all in a unified console that integrates with case management systems and other security tools.​
    • Support Compliance: Combine long-term log storage with automated threat detection and threat intelligence to close the potential gap between when a breach or disruption is noticed and when a response action is taken.​
    • Lower costs: Consolidate point solutions (data lake, security analytics, SOAR, UEBA, threat intel platform) and reduce costs related to data onboarding, rules management and analyst turnover with a solution that simplifies and supports their workflow.​
    • Leverage multi-vendor security investments: Derive more value from existing solutions and make better use of asset data and threat intel via automation across case management and incident response systems, sensors (network, endpoint, cloud) and enforcement points. ​


    Improve SOC efficiency by 450x with better detection and response of true threats

    Security operations center (SOC) teams face a daily barrage of incomplete and inaccurate alerts that lack vital contextual information, many of them false positives. As a result, analysts miss critical threats and take longer to investigate and respond to them, increasing the risk of a breach. In fact, the typical SOC receives an estimated 11,000 alerts per day, or 450 alerts per hour – most of them low fidelity, low confidence alerts, and false positives. 

    With Forescout XDR, that number is reduced to one SOC-actionable detection an hour – or one probable threat that warrants human investigation.

    Key Features

    • Data ingestion: Natively supports Forescout eyeSight, eyeInspect and Medical Device Security data – and over 170 vendor- and EDR-agnostic sources including: security, infrastructure, enrichment, applications and cloud/SaaS.
    • Data onboarding: Helps ensure that you extract maximum detection value to support your most important use cases. Forescout data engineers work alongside your team to plan and prioritize the data sources to be onboarded, then help configure the data pipeline and ensure your data is being properly parsed, cleansed, normalized, and enriched. ​
    • Advanced data pipeline: Applies a rigorous data science-centric approach to manage data flowing from enterprise-wide sources into its advanced threat detection engine.
    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Information Not Available
    Information Not Available
    Top Industries
    REVIEWERS
    Manufacturing Company16%
    Computer Software Company16%
    Financial Services Firm12%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm15%
    Manufacturing Company9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm10%
    Manufacturing Company8%
    Government7%
    VISITORS READING REVIEWS
    Retailer17%
    Computer Software Company17%
    Manufacturing Company12%
    Financial Services Firm8%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise56%
    REVIEWERS
    Small Business32%
    Midsize Enterprise22%
    Large Enterprise46%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise63%
    Buyer's Guide
    Extended Detection and Response (XDR)
    May 2024
    Download Free Report
    Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: May 2024.
    DOWNLOAD NOW
    772,127 professionals have used our research since 2012.

    CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Forescout XDR is ranked 29th in Extended Detection and Response (XDR) with 1 review. CrowdStrike Falcon is rated 8.8, while Forescout XDR is rated 6.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Forescout XDR writes "Provides efficient network access control, but its support services need improvement". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Forescout XDR is most compared with Arctic Wolf Managed Detection and Response.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.