We performed a comparison between CrowdStrike Falcon and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer CrowdStrike Falcon over Trend Micro XDR for its setup process, lightweight design, efficient resource usage, and accurate threat detection. It also offers useful features like Overwatch and a user-friendly dashboard.
"Microsoft Defender XDR is scalable."
"The threat intelligence is excellent."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"The integration between all the Defender products is the most valuable feature."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"There's almost no maintenance required. It's very low if there's any at all."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"The detection and response console is the most valuable feature."
"The most valuable feature of CrowdStrike Falcon is its accuracy. That's very important for me. False-positive are very bad for everyone. As we are a financial institution, it's even worse. I like Falcon because it's very accurate."
"The telemetric report is the most valuable feature."
"The zero-day vulnerability is valuable."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"VisionOne offers a clear window into the security posture of our endpoints."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"For scalability, I would give a rating of ten out of ten."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Stability could be improved by avoiding frequent changes to the interface."
"There could be a way to proactively monitor unusual activity ."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"They respond quickly on the weekdays, but the weekend response times are slower."
"The performance could be better."
"I have worked with their technical support on several problems that were never fully resolved."
"If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"The overall cost of CrowdStrike Falcon could be reduced."
"The support documentation could be more comprehensive."
"The price could be lower."
"In new versions I would like to see better implementation of the reporting features, especially in regards to EDR visibility."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. CrowdStrike Falcon is rated 8.8, while Trend Vision One is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Fortinet FortiEDR, whereas Trend Vision One is most compared with Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks and Fortinet FortiEDR. See our CrowdStrike Falcon vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.