We performed a comparison between CrowdStrike Falcon and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer CrowdStrike Falcon over Trend Micro XDR for its setup process, lightweight design, efficient resource usage, and accurate threat detection. It also offers useful features like Overwatch and a user-friendly dashboard.
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"Microsoft 365 Defender is a stable solution."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The solution is well integrated with applications. It is easy to maintain and administer."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"I have found the ability to delete unwanted threats beneficial."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"It's given me a level of confidence that my network is secure."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The detection and response console is the most valuable feature."
"At this point what is most valuable is the interface, which is easy to navigate."
"Scalability hasn't been an issue for us."
"I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
"It is a stable product. It works very well."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"XDR provided a much more deep view into what is actually happening."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"VisionOne offers a clear window into the security posture of our endpoints."
"We should be able to use the product on devices like Apple, Linux, etc."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Advanced attacks could use an improvement."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"The management and automation of the cloud apps have room for improvement."
"There could be a way to proactively monitor unusual activity ."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"They should provide us with good visibility for everything."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"Some of Falcon's features are a bit pricey."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
"It does take more time to scan than other solutions."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"The centralized dashboard has room for improvement."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. CrowdStrike Falcon is rated 8.8, while Trend Vision One is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Fortinet FortiEDR, whereas Trend Vision One is most compared with Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks and Fortinet FortiEDR. See our CrowdStrike Falcon vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.