We performed a comparison between CrowdStrike Falcon and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer CrowdStrike Falcon over Trend Micro XDR for its setup process, lightweight design, efficient resource usage, and accurate threat detection. It also offers useful features like Overwatch and a user-friendly dashboard.
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Its most significant advantage lies in its affordability."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"Easy to use, intelligent, and stable threat detection software."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"We have a small IT Team, and this allows us to get sleep at night, knowing that someone else is taking care of any incidents that occur."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"We are happy with CloudStrike's ease of use and touch notification."
"I like the Overwatch feature the most."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"It helps us with investigations."
"The automatic EDR system that notifies us when something is wrong is valuable."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"What I like the most about Trend Micro XDR is that the detection and response domain extends to the network. It goes beyond the endpoint and includes data about the network which lets you pinpoint patient zero as well as the root cause of the attack."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"Tighter integration around XDR could be included."
"The performance could be better."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"The console is a little cluttered and at times, finding what you're looking for is not intuitive."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"Results were delayed."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"I think that continued optimization of the environment towards automation and orchestration, a kind of layer that sits underneath all of the technologies, would be extremely important."
"The information captured by Trend Vision One needs to be more detailed."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EDR (Endpoint Detection and Response) with 101 reviews while Trend Vision One is ranked 5th in EDR (Endpoint Detection and Response) with 42 reviews. CrowdStrike Falcon is rated 8.6, while Trend Vision One is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas Trend Vision One is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Fortinet FortiEDR, Cortex XDR by Palo Alto Networks and Kaspersky Endpoint Detection and Response Expert. See our CrowdStrike Falcon vs. Trend Vision One report.
See our list of best EDR (Endpoint Detection and Response) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.