We performed a comparison between CrowdStrike Falcon Cloud Security and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon Cloud Security was lauded for its strong adherence to security best practices. It particularly excels in endpoint protection and its ability to leverage machine learning and AI. Microsoft Defender for Cloud stands out for its automation, threat analysis, and security coverage. CrowdStrike Falcon Cloud Security could improve its Kubernetes and GCP support. Microsoft Defender for Cloud could be better integrated with non-Microsoft solutions.
Service and Support: CrowdStrike Falcon Cloud Security users are generally content with the support team's assistance and promptness. Microsoft Defender users generally found the support team responsive and knowledgeable, but others said outsourced support lacked technical expertise and reported longer response times in certain regions.
Ease of Deployment: The setup for CrowdStrike Falcon Cloud Security was deemed easy, but some users struggled with the Kubernetes implementation. Setting up Microsoft Defender for Cloud is straightforward. The solution requires minimal maintenance and seamlessly integrates with other Microsoft services.
Pricing: Users consider the pricing of CrowdStrike Falcon Cloud Security to be fair, but it may be pricier than on-premises alternatives. Microsoft Defender for Cloud is seen as a good deal by some users, who consider it to be cost-effective, especially when bundled with other Microsoft products.
ROI: Users have provided limited feedback about the return on investment for CrowdStrike Falcon Cloud Security. Microsoft Defender for Cloud has demonstrated a potentially high ROI by automating tasks and improving security posture.
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"The agentless vulnerability scanning is great."
"The multi-cloud support is valuable. They are expanding to different clouds. It is not restricted to only AWS. It allows us to have different clouds on one platform."
"Cloud Native Security's most valuable features include cloud misconfiguration detection and remediation, compliance monitoring, a robust authentication security engine, and cloud threat detection and response capabilities."
"The cloud misconfiguration is the most valuable feature."
"They're responsive to feature requests. If I suggest a feature for Prisma, I will need to wait until the next release on their roadmap. Cloud Native Security will add it right away."
"The solution's most valuable features are its ability to detect vulnerabilities inside AWS resources and its ability to rescan after a specific duration set by the administrator."
"The initial setup is easy ."
"The RTR feature stands out as particularly valuable to me due to its capability to log into machines."
"CrowdStrike utilizes signatureless technology, eliminating the need for regular signature updates on endpoint systems."
"The immediate mitigation of potential threats and instant alerts are valuable."
"There is a lot that it can do, but endpoint protection is the main thing about it. The fact that it uses machine learning and artificial intelligence to monitor and remediate the issues in real-time is probably the bread and butter of the product."
"It is fully cloud-based, so we don't need to invest in third-party agents repeatedly."
"Cloud security posture management (CSPM) is most valuable."
"The most valuable feature of CrowdStrike Falcon Cloud Security is its lightweight sensor, taking minimal space and not impacting server performance."
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"The solution's robust security posture is the most valuable feature."
"The integration with Logic Apps allows for automated responses to incidents."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"It isn't a highly complex solution. It's something that a lot of analysts can use. Defender gives you a broad overview of what's happening in your environment, and it's a great solution if you're a Microsoft shop."
"There is a bit of a learning curve for new users."
"Customized queries should be made easier to improve PingSafe."
"We recently adopted a new ticket management solution, so we've asked them to include a connector to integrate that tool with Cloud Native Security directly. We'd also like to see Cloud Native Security add a scan for personally identifying information. We're looking at other tools for this capability, but having that functionality built into Cloud Native Security would be nice. Monitoring PII data is critical to us as an organization."
"Maybe container runtime security could be improved."
"We use PingSafe and also SentinelOne. If PingSafe integrated some of the endpoint security features of SentinelOne, it would be the perfect one-stop solution for everything. We wouldn't need to switch between the products. At my organization, I am responsible for endpoint security and vulnerability management. Integrating both functions into one application would be ideal because I could see all the alerts, heat maps, and reports in one console."
"A beneficial improvement for PingSafe would be integration with Jira, allowing for a more streamlined ticketing system."
"In some cases, the rules are strictly enforced but do not align with real-world use cases."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"One area for improvement in Falcon Cloud Security is the support portal."
"The UI part needs to be improved."
"The log scale or Humio side of it where it collects the data and expands into the XDR world still needs time to develop in terms of the way it combines the data and metadata that flows into the platform. I know they're working on it."
"Different file options should be available, and clients should be able to select from the options."
"CrowdStrike Falcon Cloud Security is expensive."
"The threat intelligence and user behavioral analysis could be more comprehensive."
"Incorporating threat intelligence into the system would be a valuable addition."
"It gets the work done, but the main problem with the solution is that if you remediate anything, it takes 45 days for you to get any of the features displayed on the dashboard. This is the real weakness of CrowdStrike. Their customer support is also not ready to help with it. If you remediate any cloud vulnerability that they are giving you, such as removing a host from your organization, it takes around 45 days for them to remove it from their console."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"From a compliance standpoint, they can include some more metrics and some specific compliances such as GDPR."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More CrowdStrike Falcon Cloud Security Pricing and Cost Advice →
CrowdStrike Falcon Cloud Security is ranked 8th in Cloud Workload Protection Platforms (CWPP) with 13 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. CrowdStrike Falcon Cloud Security is rated 8.8, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of CrowdStrike Falcon Cloud Security writes "Enhances the overall safety of our company's environment from cyber threats". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". CrowdStrike Falcon Cloud Security is most compared with Prisma Cloud by Palo Alto Networks, AWS GuardDuty, Wiz, Qualys VMDR and Sysdig Falco, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our CrowdStrike Falcon Cloud Security vs. Microsoft Defender for Cloud report.
See our list of best Cloud Workload Protection Platforms (CWPP) vendors, best Container Security vendors, and best Cloud Security Posture Management (CSPM) vendors.
We monitor all Cloud Workload Protection Platforms (CWPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.