We performed a comparison between CrowdStrike Falcon and Secureworks Taegis XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The product integrates security into one tool instead of having third-party security tools."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"All the features are beneficial."
"Scalability hasn't been an issue for us."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"We have seen a reduction to the performance hit to our operating systems."
"The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
"Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down."
"The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint."
"The initial setup was straightforward."
"It's a complete solution package."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Falcon could include more integrative features."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"Some of Falcon's features are a bit pricey."
"The ability to receive text alerts natively in the console would be kind of cool."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"Technical support could be better than what is currently offered."
"We would like to be able to perform on-demand scanning, rather than relying on the scheduler."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"The pricing could be improved."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 107 reviews while Secureworks Taegis XDR is ranked 28th in Extended Detection and Response (XDR) with 2 reviews. CrowdStrike Falcon is rated 8.8, while Secureworks Taegis XDR is rated 6.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Secureworks Taegis XDR writes " It's a complete solution package". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and Fortinet FortiEDR, whereas Secureworks Taegis XDR is most compared with Cortex XDR by Palo Alto Networks, Wazuh, Microsoft Defender for Cloud, IBM Security QRadar and LogRhythm UEBA. See our CrowdStrike Falcon vs. Secureworks Taegis XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
