We performed a comparison between CrowdStrike Falcon and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. CrowdStrike Falcon could benefit from adding a sandbox feature and more detailed firewall management options. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: CrowdStrike Falcon's customer service has been commended for its promptness and assistance. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: CrowdStrike Falcon's setup is considered to be simple and efficient, with varying deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the necessity for onsite servers. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer CrowdStrike Falcon over Trend Micro XDR for its setup process, lightweight design, efficient resource usage, and accurate threat detection. It also offers useful features like Overwatch and a user-friendly dashboard.
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft 365 Defender is a good solution and easy to use."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"The threat intelligence is excellent."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
"We have seen a reduction to the performance hit to our operating systems."
"We haven't had any issues with configurations or customizations."
"We are very impressed with the single pane of glass visibility that Trend Micro XDR provides."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"It is a stable product. It works very well."
"The solution is very easy to use."
"It helps us with investigations."
"The data recovery and backup could be improved."
"The logs could be better."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"Sometimes, configurations take much longer than expected."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"They don't really have anything when it comes to scanning attachments."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"Technical support could be better than what is currently offered."
"This solution is relatively expensive."
"The management of log aggregation is in need of improvement."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices."
"The agent system is very slow, it needs to improve its performance."
"The information captured by Trend Vision One needs to be more detailed."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"In new versions I would like to see better implementation of the reporting features, especially in regards to EDR visibility."
"The automation capabilities on-premises could be improved, as we currently have to manually activate servers and push policies."
"It is very expensive."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"It should integrate with more tools. There are a lot of tools that can do the PTP dump."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 42 reviews. CrowdStrike Falcon is rated 8.8, while Trend Vision One is rated 8.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Fortinet FortiEDR, whereas Trend Vision One is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Trend Micro Apex One, Fortinet FortiEDR and Cortex XDR by Palo Alto Networks. See our CrowdStrike Falcon vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.