CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
CrowdStrike Falcon and Microsoft Defender ATP are popular tools for EDR. Have you done a POC on these two tools, or had experience using them? If so, please share some insights on how these products perform, and which you would recommend.
In a nutshell, Microsoft as most of its products tend to be behind the leaders and ATP is no exception, we used both and stayed with Falcon. With ATP you think you are protected until you deploy Falcon, or any other NGAV, and realize you were blind. We also used Cylance and still better than MS ATP.
A few reasons why Falcon: Time response, real AI engine no signatures, support, easy to manage, one of the most well-organized vendors we've worked with, one of my favorites: if you don't have the --expertise-- and human power in-house they offer a fully managed insured ($1M) solution that monitors all the way to remediation 24x7 in less than 30min and without user intervention or interruption. Last, network containment at the click of a button in real-time with the ability to still remediate remotely
The SentinelOne Endpoint Protection Platform (EPP) unifies prevention, detection, and response in a single purpose-built agent, powered by machine learning and automation. It is not reliant on hash signatures or an internet connection. SentinelOne provides prevention and detection of attacks across all major vectors and rapid elimination of threats with a fully automated real-time response without human intervention.
SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.
Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.
Your reputation and your company's cyber security is in your hands - make an informed decision.
CrowdStrike Falcon and Microsoft Defender for Endpoint compete in the endpoint security solution category. CrowdStrike Falcon appears to have the upper hand with its advanced threat analysis and real-time response capabilities, despite certain areas requiring improvement.Features: CrowdStrike Falcon excels with its advanced threat analysis, including EDR and AI capabilities, offering real-time response and remote connection. Its concise reports provide comprehensive threat insights. Microsoft...
In a nutshell, Microsoft as most of its products tend to be behind the leaders and ATP is no exception, we used both and stayed with Falcon. With ATP you think you are protected until you deploy Falcon, or any other NGAV, and realize you were blind. We also used Cylance and still better than MS ATP.
A few reasons why Falcon: Time response, real AI engine no signatures, support, easy to manage, one of the most well-organized vendors we've worked with, one of my favorites: if you don't have the --expertise-- and human power in-house they offer a fully managed insured ($1M) solution that monitors all the way to remediation 24x7 in less than 30min and without user intervention or interruption. Last, network containment at the click of a button in real-time with the ability to still remediate remotely
@R.G. Thanks for your input! How long have you been using Falcon?
SentinelOne is my recommended solution.
The SentinelOne Endpoint Protection Platform (EPP) unifies prevention, detection, and response in a single purpose-built agent, powered by machine learning and automation. It is not reliant on hash signatures or an internet connection. SentinelOne provides prevention and detection of attacks across all major vectors and rapid elimination of threats with a fully automated real-time response without human intervention.
SentinelOne has not been breached and offers upto $1,000,000 warranty if it cannot roll back a ransomware attack.
Please contact me at CyberSec@global.co.za for more information, a demonstration, or a quote.
Your reputation and your company's cyber security is in your hands - make an informed decision.
@Steve Pender Thank for your input. Have you worked with CrowdStrike Falcon or Microsoft Defender ATP?
1 year.