We performed a comparison between CrowdStrike Falcon and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Microsoft Defender for Cloud is highly regarded for its automated processes, advanced threat analysis, and extensive security measures, including protection against ransomware and access controls. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Microsoft Defender for Cloud could use enhancements in automation and ease of use.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some Defender for Cloud users reported positive experiences with Microsoft, while others complained that the solution's outsourced support lacked technical knowledge.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Microsoft Defender for Cloud is described as straightforward, but the deployment time may vary depending on specific requirements.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Microsoft Defender for Cloud is in the mid-to-high pricing tier. While some users find it expensive, others believe it offers good value.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Microsoft Defender for Cloud streamlines security tasks and saves users money by consolidating various solutions.
Comparison Results: Users prefer CrowdStrike Falcon over Microsoft Defender for Cloud. Users like CrowdStrike Falcon's effortless setup process and lightweight design. It provides an in-depth analysis of endpoint devices, precise threat detection, and robust defense against cyberattacks.
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The most valuable feature is the analysis, because of the beta structure."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The setup is pretty simple."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The feature I like the most is the solution's detection."
"There's almost no maintenance required. It's very low if there's any at all."
"I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"We have seen a reduction to the performance hit to our operating systems."
"At this point what is most valuable is the interface, which is easy to navigate."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance."
"Provides a very good view of the entire security setup of your organization."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution is not stable."
"The solution should address emerging threats like SQL injection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The support needs improvement."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"There are some areas where some customers would prefer a different service."
"The Integration with tools, SOC tools, could be better."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"CrowdStrike costs a little more than its competitors."
"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"The installation process for this software needs to be simplified."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"I would like to have the ability to customize executive reporting."
"As an analyst, there is no way to configure or create a playbook to automate the process of flagging suspicious domains."
"The documentation and implementation guides could be improved."
"Sometimes it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or a special kind of product."
"Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 106 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. CrowdStrike Falcon is rated 8.8, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and AWS Security Hub. See our CrowdStrike Falcon vs. Microsoft Defender for Cloud report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.