• Home
  • CrowdStrike Falcon vs. Forescout XDR

CrowdStrike Falcon vs Forescout XDR comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
CrowdStrike Logo
CrowdStrike Falcon
Read 105 CrowdStrike Falcon reviews
19,763 views|14,219 comparisons
97% willing to recommend
Forescout Logo
Forescout XDR
Read 1 Forescout XDR review
168 views|92 comparisons
0% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Extended Detection and Response (XDR)
April 2024
Executive Summary

We performed a comparison between CrowdStrike Falcon and Forescout XDR based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: April 2024).
Download the complete report
769,662 professionals have used our research since 2012.
Featured Review
TahirMahmood
Is stable, scalable, and protects against ransomware
It helps protect us against ransomware. We were a victim of a malware attack in 2018 before implementation.
Adeeb Khan
Offers good centralization and access to remote sites with an easy setup
Utpal Sinha
Provides efficient network access control, but its support services need improvement
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment.""The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it.""Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise.""Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing.""For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity.""The ability to integrate and observe a more cohesive narrative across the products is crucial.""Its most significant advantage lies in its affordability.""The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."

More Microsoft Defender XDR Pros →

"The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions.""As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage.""The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately.""Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down.""The stability is very good.""The detection and response console is the most valuable feature.""The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system.""The most valuable features are the complete IPS and IDS."

More CrowdStrike Falcon Pros →

"The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc."

More Forescout XDR Pros →

Cons
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups.""In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals.""We should be able to use the product on devices like Apple, Linux, etc.""Advanced attacks could use an improvement.""The tool gives inconsistent answers and crashes a lot.""The price should be adjustable by region.""Microsoft tends to provide too many features, which makes the solution prone to bugs.""The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."

More Microsoft Defender XDR Cons →

"CrowdStrike Falcon by itself does not supply in-depth reporting.""There is room for improvement in managing multiple customer IDs.""Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.""They should provide us with good visibility for everything.""CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time.""I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.""Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations.""It would be nice if the dashboard had some more information upfront, and looked a little better."

More CrowdStrike Falcon Cons →

"The product is more expensive than other vendors in terms of features."

More Forescout XDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "The pricing will depend upon your volume of usage."
  • "I would like them to further reduce the price, because it is quite pricey at the moment."
  • "Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace."
  • "I do not have experience with the cost or licensing of the product."
  • "The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end users PC and we can tell if it's something that we actually need or something that's malicious."
  • "We are at about $60,000 per year."
  • "This solution has a very competitive price."
  • "Our company pays approximately US$ 65,000 annually for 900 machines."

    • More CrowdStrike Falcon Pricing and Cost Advice →

  • "The product is more expensive than other vendors in terms of features."

    • More Forescout XDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    769,662 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    How does Crowdstrike Falcon compare with Darktrace?
    Top Answer:Both of these products perform similarly and have many outstanding attributes CrowdStrike Falcon offers an amazing… more »
    How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
    Top Answer:The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push… more »
    Read all 2 answers   →
    What do you like most about Forescout XDR?
    Top Answer:The product has valuable features for cloud IoT device enhancement, intelligent threat detection, etc.
    What is your experience regarding pricing and costs for Forescout XDR?
    Top Answer:The product is more expensive than other vendors in terms of features. In comparison, Qualys offers good support… more »
    What needs improvement with Forescout XDR?
    Top Answer:The product's support services have limitations. We have to connect with their senior executives to get correct and… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    CrowdStrike Falcon, CrowdStrike Falcon XDR
    Learn More
    Microsoft
    CrowdStrike
    Forescout
    Video Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    CrowdStrike Falcon offers advanced threat detection, real-time visibility, easy interface, and responsive customer support. It enhances workflow and efficiency, promotes collaboration, streamlines processes, and boosts productivity. With features like incident response options, customizable alerts, and proactive threat hunting, it helps protect organizations from malware and ransomware attacks.

    Forescout XDR is an eXtended detection and response solution that converts telemetry and logs into high fidelity, SOC-actionable probable threats.

    It automates the detection, investigation, hunt for and response to advanced threats across all connected assets – IT, OT/ICS, IoT and IoMT – from campus to cloud to data center to edge. Forescout XDR combines essential SOC technologies and functions into a unified, cloud-native platform, viewable and actionable from a single console.

    Forescout XDR Business Value

    • Reduces business risk: Reduce the risk and magnitude of a successful attack, business disruption or data breach by eliminating alert noise so you can quickly and accurately detect, investigate, and respond to the broadest range of advanced threats.
    • Optimize security operations: Streamline the analyst function and speed complex investigation and threat-hunting processes with enriched, normalized, and contextualized data correlated to produce a small number of detections that warrant investigation – all in a unified console that integrates with case management systems and other security tools.​
    • Support Compliance: Combine long-term log storage with automated threat detection and threat intelligence to close the potential gap between when a breach or disruption is noticed and when a response action is taken.​
    • Lower costs: Consolidate point solutions (data lake, security analytics, SOAR, UEBA, threat intel platform) and reduce costs related to data onboarding, rules management and analyst turnover with a solution that simplifies and supports their workflow.​
    • Leverage multi-vendor security investments: Derive more value from existing solutions and make better use of asset data and threat intel via automation across case management and incident response systems, sensors (network, endpoint, cloud) and enforcement points. ​


    Improve SOC efficiency by 450x with better detection and response of true threats

    Security operations center (SOC) teams face a daily barrage of incomplete and inaccurate alerts that lack vital contextual information, many of them false positives. As a result, analysts miss critical threats and take longer to investigate and respond to them, increasing the risk of a breach. In fact, the typical SOC receives an estimated 11,000 alerts per day, or 450 alerts per hour – most of them low fidelity, low confidence alerts, and false positives. 

    With Forescout XDR, that number is reduced to one SOC-actionable detection an hour – or one probable threat that warrants human investigation.

    Key Features

    • Data ingestion: Natively supports Forescout eyeSight, eyeInspect and Medical Device Security data – and over 170 vendor- and EDR-agnostic sources including: security, infrastructure, enrichment, applications and cloud/SaaS.
    • Data onboarding: Helps ensure that you extract maximum detection value to support your most important use cases. Forescout data engineers work alongside your team to plan and prioritize the data sources to be onboarded, then help configure the data pipeline and ensure your data is being properly parsed, cleansed, normalized, and enriched. ​
    • Advanced data pipeline: Applies a rigorous data science-centric approach to manage data flowing from enterprise-wide sources into its advanced threat detection engine.
    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Information Not Available
    Information Not Available
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm15%
    Manufacturing Company8%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm10%
    Manufacturing Company8%
    Government7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Retailer18%
    Manufacturing Company11%
    Financial Services Firm9%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business33%
    Midsize Enterprise23%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise18%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise14%
    Large Enterprise61%
    Buyer's Guide
    Extended Detection and Response (XDR)
    April 2024
    Download Free Report
    Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: April 2024.
    DOWNLOAD NOW
    769,662 professionals have used our research since 2012.

    CrowdStrike Falcon is ranked 1st in Extended Detection and Response (XDR) with 105 reviews while Forescout XDR is ranked 29th in Extended Detection and Response (XDR) with 1 review. CrowdStrike Falcon is rated 8.8, while Forescout XDR is rated 6.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Forescout XDR writes "Provides efficient network access control, but its support services need improvement". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Forescout XDR is most compared with Arctic Wolf Managed Detection and Response.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.