Infrastructure Manager at a energy/utilities company with 201-500 employees
Real User
2021-09-13T19:25:10Z
Sep 13, 2021
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature but on the platform, you can drill down the events to find the starter of a blocked event.
It does have basic features to whitelist programs and paths, does show you information about what kind of threat was blocked, gives you information about user logged, machine details (SO, version, serial, Mac Address, Local and WAN IP,...) and grants you with the time, the file that executed the event, allows you to group devices and define exclusion, detection, response policies based on them.
It does allow you to create specific profiles for each type of user like helpdesk analysts, managers, etc (with different access, etc).
The solution is pretty good, actually and I'm pretty happy with it. I don't have experience with Microsoft Defender for Endpoint but will do in a couple of months to update this. =]
We performed a comparison between Crowdstrike Falcon and Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Ease of Deployment: Users of Microsoft Defender For Endpoint provided mixed reviews regarding the solution’s deployment. Some reviewers said that the setup was easy and straightforward, while other users felt that the initial setup could be complex (especially in regards to the...
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature but on the platform, you can drill down the events to find the starter of a blocked event.
It does have basic features to whitelist programs and paths, does show you information about what kind of threat was blocked, gives you information about user logged, machine details (SO, version, serial, Mac Address, Local and WAN IP,...) and grants you with the time, the file that executed the event, allows you to group devices and define exclusion, detection, response policies based on them.
It does allow you to create specific profiles for each type of user like helpdesk analysts, managers, etc (with different access, etc).
The solution is pretty good, actually and I'm pretty happy with it. I don't have experience with Microsoft Defender for Endpoint but will do in a couple of months to update this. =]
Depends on your budget and on the conditions of a Microsoft license. If you have an M365 license (like E3 or E5), Microsoft is cheaper.
In terms of functionality, CrowdStrike is better.