CrowdStrike Falcon Complete MDR Reviews

I use the solution in my company on the endpoint, and then we're using it on our point of sales in all of our franchisees' locations, and then we have about seven brands. We are deploying a new point. We are using it as our main endpoint protection. We are trying to monitor all activities happening at our franchisees' locations proactively, allowing us to realize we have to be very proactive. Most of the time, our franchisees are not as proactive. The changes in PCI DSS 4.0 are forcing everyone to be a little bit more proactive, so we have to educate and be a little more involved to ensure we have solutions in place because we are the ones who select the point of sale system. We often tell the franchisee what point of sale to use in the back end, and because of that, they feel like that is our company's responsibility, but it is really a shared responsibility. Even though we make that selection and buy the tool, they also own the responsibility of making sure they protect the brand. We decided to take that out of their hands and decide their endpoint solution. We made it a part of the package, and it got deployed, but that allows us to be proactive in protecting our brands. If they do anything that actually puts our brands in jeopardy, we are able to proactively respond and stay on top of that to avoid breaches and things of that nature.

The most valuable features of the solution stem from the fact that we can track all of it in one place across all those different locations. Because it's cloud-based and reports up to the cloud, we also have access to the back end, and an incident response team monitors all incidents. We also have an escalation process in place. From my perspective, there are other pieces of CrowdStrike that the security architect team uses as well, but I don't get involved with those as much. I usually just wait for the end results or the notification if I need to get involved if there is an incident.

We are using CrowdStrike Falcon Complete. We are using the managed service program, where they do proactive monitoring.

My usage usually includes logging in and looking at the dashboard for any anomalies or anything I need to know and responding to any severity alerts in red, yellow, or green. 

They actively stopped someone scanning our network and found vulnerabilities that we did not know. They were put to the test quickly. Pretty much after we signed the contract, they were responding to something at 1:30 in the morning.

It went live in Q4 when we acquired a hospital. I cannot even tell how many patches were down. CrowdStrike did a vulnerability scan, and as they were doing the scan, they caught a bad actor. We finalized everything at 5 PM, and at 1:30 in the morning, they caught someone.

We use CrowdStrike Falcon Complete as our MSSP.

We previously relied on antivirus products like Sophos and Malwarebytes, which seemed to function adequately. However, Sophos lacked centralized management, requiring our IT team to manually review over a hundred security notifications daily. This became an unsustainable workload, prompting us to seek a solution that could automate the notification review process. That's when we began exploring different options.

CrowdStrike Falcon Complete has significantly bolstered our security posture. While the active monitoring itself is valuable, it was consuming resources from our IT team. Now, with CrowdStrike's Managed Detection and Response service, our IT team is freed up to focus on other critical tasks.

I am an analyst in cybersecurity with a focus on detection and response. I entered this portal because I needed comprehensive, comparative bundles for endpoints. 

My experience includes working with CrowdStrike, SentinelOne, Microsoft Defender, and Kaspersky using the licenses we have. I am an endpoint analyst in deployment services, and we practice reclamation. We use this in our clients, primarily for detection and response. The next-gen Censi works best with other clients, but detections perform best with our clients.

The features of Firewall Management control, combined with controls in NextGen, are the most useful for our clients. These features are crucial in detection. We have achieved 100% success in detection with our clients and have no need for reclamation. The documentation is well-prepared for deployment, and the support team responds quickly. Processing performance for detection and configuration is also beneficial.

We wanted a very high level of endpoint protection and intrusion detection. Based on all the reviews, you have a bunch of products out there to choose from. One differentiator of CrowdStrike is that it's nearly what I would call zero-touch on the workstation. You don't have to worry about upgrades and all that. Then, when something suspicious is detected, the CrowdStrike team investigates that for us. It's part of the service that we purchased from them. Basically, we use the solution for security.

Basically, from an overall management perspective of the devices, you really only install the sensor once, and then you set up policies on the portal to say, okay, we want to stay on the N minus one version of the sensor. If there's an update that's required, the portal pushes it to the workstation. It makes everything very easy and doesn't require any touch.

We leverage CrowdStrike Falcon Complete, our EDR solution, alongside Microsoft Defender.

We implemented CrowdStrike Falcon Complete to safeguard our end users from unwanted applications, as recommended. Its IoC technology prevents the installation of both vulnerable applications and adware.

CrowdStrike Falcon Complete is deployed in the AWS, Azure, and GCP clouds.

CrowdStrike Falcon Complete made our incident response and remediation effort smoother.

Deep analysis is a valuable tool because whenever an unauthorized process is executed, it provides us with a comprehensive understanding of how the attacker is behaving within our system.

CrowdStrike Falcon Complete's 24/7 monitoring simplifies security management for our organization. We receive notifications through the message center regarding any detected incidents. Additionally, their cybersecurity engineers are available for consultation via phone call should any questions arise.

Our organization has benefited significantly from CrowdStrike Falcon Complete. It allows us to easily add Indicators of Compromise and perform on-demand scans. When threats are detected during these scans, the files are automatically blocked, preventing them from executing on the machine. Additionally, the support team is responsive and helpful, offering assistance without requiring the creation of a ticket.

Our overall security response time has improved by up to 80 percent.

It basically works as an XDR. We have the kind of servers on which our XDR CrowdStrike is installed, and it generates alerts. 

For example, if someone tries to install a systematic agent from their end, it generates an alert. We can then investigate through the incident task and see all the information: the device name, the hostname, and which servers and devices are trying to uninstall the particular product.

It basically works as a security device and provides an extra layer of security to our devices and computers.

Earlier, we used SentinelOne. CrowdStrike has more features than SentinelOne. For example, SentinelOne doesn't have as many features like remediating and showing more information. In CrowdStrike, we can see more information about the incident.

Falcon is a threat intelligence platform. In cybersecurity, there's always a chance you'll get breached and gaps that need to be addressed, but you'll never know unless there is a threat seeking to exploit that particular weakness. Most use cases for Falcon will be directly ingested into our Siemens server. The total number of users on the solution is around 1,500.

Falcon's threat intel is strong, and the solution allows our customers to automate their site intelligence. We can integrate Falcon X with the other platforms we use, like FireEye, Insight, Cybertech, and Kaspersky. 

The threat intelligence comes from Falcon X and goes directly into the SIEM and SOAR. That provides us valuable feedback for the use cases being used. If my analyst wants to check suspicious or malicious activities, they get the maximum information from Falcon X about URLs, IPs, domains, hashes, etc.