We performed a comparison between CrowdStrike Falcon Cloud Security and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon Cloud Security was lauded for its strong adherence to security best practices. It particularly excels in endpoint protection and its ability to leverage machine learning and AI. Microsoft Defender for Cloud stands out for its automation, threat analysis, and security coverage. CrowdStrike Falcon Cloud Security could improve its Kubernetes and GCP support. Microsoft Defender for Cloud could be better integrated with non-Microsoft solutions.
Service and Support: CrowdStrike Falcon Cloud Security users are generally content with the support team's assistance and promptness. Microsoft Defender users generally found the support team responsive and knowledgeable, but others said outsourced support lacked technical expertise and reported longer response times in certain regions.
Ease of Deployment: The setup for CrowdStrike Falcon Cloud Security was deemed easy, but some users struggled with the Kubernetes implementation. Setting up Microsoft Defender for Cloud is straightforward. The solution requires minimal maintenance and seamlessly integrates with other Microsoft services.
Pricing: Users consider the pricing of CrowdStrike Falcon Cloud Security to be fair, but it may be pricier than on-premises alternatives. Microsoft Defender for Cloud is seen as a good deal by some users, who consider it to be cost-effective, especially when bundled with other Microsoft products.
ROI: Users have provided limited feedback about the return on investment for CrowdStrike Falcon Cloud Security. Microsoft Defender for Cloud has demonstrated a potentially high ROI by automating tasks and improving security posture.
"The UI is very good."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"Cloud Native Security's best feature is its ability to identify hard-coded secrets during pull request reviews."
"The most valuable features of PingSafe are the asset inventory and issue indexing."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."
"The most valuable feature of the solution is its storyline, which helps trace an event back to its source, like an email or someone clicking on a link."
"It is fully cloud-based, so we don't need to invest in third-party agents repeatedly."
"The most significant benefit is how quickly malware and other malicious attacks are detected."
"There is a lot that it can do, but endpoint protection is the main thing about it. The fact that it uses machine learning and artificial intelligence to monitor and remediate the issues in real-time is probably the bread and butter of the product."
"The RTR feature stands out as particularly valuable to me due to its capability to log into machines."
"The most valuable feature of CrowdStrike Falcon Cloud Security is its lightweight sensor, taking minimal space and not impacting server performance."
"It's easy to gather insights and conduct analysis about existing threats."
"CrowdStrike utilizes signatureless technology, eliminating the need for regular signature updates on endpoint systems."
"Cloud security posture management (CSPM) is most valuable."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The most valuable features are ransomware protection and access controls. The solution has helped us secure some folders on our systems from unauthorized modifications."
"The most valuable feature is that it's intuitive. It's very intuitive."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"The solution's robust security posture is the most valuable feature."
"Defender is user-friendly and provides decent visibility into threats."
"We'd like to have better notifications. We'd like them to happen faster."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"There is a bit of a learning curve for new users."
"One area for improvement could be the internal analysis process, specifically the guidance provided for remediation."
"The integration with Oracle has room for improvement."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"The resolution suggestions could be better, and the compliance features could be more customizable for Indian regulations. Overall, the compliance aspects are good. It gives us a comprehensive list, and its feedback is enough to bring us into compliance with regulations, but it doesn't give us the specific objects."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"The CrowdStrike dashboard currently lacks a username field."
"There should be cloud storage scanning. We would like to have cloud storage vulnerability and threat management on any cloud storage."
"The UI part needs to be improved."
"It would be more convenient if there was an easier way to install CrowdStrike, perhaps through better integration with Active Directory."
"The only suggestion for improvement would be the pricing."
"One area for improvement in Falcon Cloud Security is the support portal."
"The only challenge lies in token verification."
"The threat intelligence and user behavioral analysis could be more comprehensive."
"The most significant areas for improvement are in the security of our identity and endpoints and the posture of the cloud environment. Better protection for our cloud users and cloud apps is always welcome."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More CrowdStrike Falcon Cloud Security Pricing and Cost Advice →
CrowdStrike Falcon Cloud Security is ranked 8th in Cloud Workload Protection Platforms (CWPP) with 13 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. CrowdStrike Falcon Cloud Security is rated 8.8, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of CrowdStrike Falcon Cloud Security writes "Enhances the overall safety of our company's environment from cyber threats". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". CrowdStrike Falcon Cloud Security is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Qualys VMDR and Sysdig Falco, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our CrowdStrike Falcon Cloud Security vs. Microsoft Defender for Cloud report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors, best Container Security vendors, and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.