We performed a comparison between CrowdStrike Falcon and Mandiant Advantage based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"It has great stability."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The integration between all the Defender products is the most valuable feature."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"The solution offers great stability."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"It's very easy to set up."
"I like the overall reports of this solution. They are crisp, and to the point."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"All the features are beneficial."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"Stability could be improved by avoiding frequent changes to the interface."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The licensing is a nightmare and has room for improvement."
"Sometimes, configurations take much longer than expected."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The support could be more knowledgable to improve their offering."
"There are some areas where some customers would prefer a different service."
"We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike."
"In a future release, I would like to see more integrations for data breaches and security features."
"The pricing is a bit too high."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Mandiant Advantage is ranked 21st in Extended Detection and Response (XDR) with 3 reviews. CrowdStrike Falcon is rated 8.8, while Mandiant Advantage is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Mandiant Advantage is most compared with Cortex Xpanse, Microsoft Defender External Attack Surface Management, Cymulate, Tenable Attack Surface Management and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. Mandiant Advantage report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.