CrowdStrike vs Microsoft Defender for Cloud

2023. Microsoft 365 Defender is becoming Microsoft Defender XDR



Microsoft has integrated cloud workload alerts, signals, and asset information from Microsoft Defender Cloud into Microsoft 365 Defender - it's cloud-based service designed to help protect on-premise, cloud and hybrid environments. This integration now removes any infrastructure blind spots in an organization’s digital landscape. As part of this integration, the company is rolling out new correlations and content tailored to cross-workload correlations and cloud-specific content, giving you a richer, more contextual understanding of the threats, your organization faces. In the Defender portal, SOC analysts can now run end-to-end investigations if they’re faced with this type of cyberattack. They can monitor, triage, and investigate multicloud alerts across Azure, AWS, and GCP. This end-to-end prioritization of information and alerts streamlines the investigation process and greatly improves SOC efficiency. With the incorporation of cloud signals, the company has renamed Microsoft 365 Defender to Microsoft Defender XDR to better represent its capabilities that broadly span multiplatform and multicloud assets.


2023. CrowdStrike acquires Bionic.ai for $350M



CrowdStrike has acquired Bionic.ai — a security posture management platform for cloud services — for $350 million. Bionic.ai's primary function is to provide security teams with a comprehensive overview of a company's technology and IT landscape, helping them identify vulnerabilities. It's worth noting that Bionic.ai's annual recurring revenue (ARR) was below $10 million, a pivotal metric in the Software as a Service (SaaS) sector for assessing business performance. CrowdStrike primarily focuses on services related to endpoint security, threat intelligence, breach response, and it already offers its own security posture management service under the brand "Falcon." The acquisition of Bionic.ai is expected to provide CrowdStrike with an enhanced level of visibility and observability for security operations teams.


2021. Microsoft is buying cybersecurity startup RiskIQ



Microsoft has announced its acquisition of RiskIQ, a cybersecurity company based in San Francisco, for a reported $500 million. RiskIQ specializes in providing organizations with threat intelligence and cloud-based software-as-a-service solutions. The company extensively analyzes the web, gathering information about websites, networks, domain name records, certificates, and WHOIS registration data. By offering customers visibility into assets, devices, and services beyond their firewall, RiskIQ enables organizations to secure their assets and reduce their vulnerability to malicious actors. Notably, RiskIQ's data played a significant role in the discovery and understanding of Magecart, a collective term for groups that inject credit card-stealing malware into vulnerable websites.


2021. CrowdStrike acquires logging startup Humio for $400M



CrowdStrike, an enterprise-focused cloud-native cybersecurity company specializing in endpoint protection and threat intelligence, has revealed its intention to acquire Humio, a log analysis and observability startup based in the United Kingdom. The deal, primarily conducted through cash transactions, is estimated to be valued at around $400 million. Humio gained recognition in the realm of cloud log-management and observability since its establishment in 2016 in London. The company has distinguished itself through its innate capability to ingest and analyze both unstructured and semi-structured data. Backed by investors like Accel and Dell, Humio has secured over $30 million in funding, while serving prominent customers such as Microsoft and Bloomberg.