CrowdStrike Falcon Complete MDR Reviews

This is their XDR/MDR service offering. Basically, we used it as our endpoint EDR software. We also leveraged their MDR services to outsource any SOC duties for threat detection and containment. 

We used it in conjunction with LogicHub to have some SOAR capabilities for specific use cases in our environment, which was very useful. It really reduced time for our analysts to do simple detections or things that are triggered for basic automation rules based on a threat instance. 

We used it as a vulnerability dashboard for endpoint management. We deployed the agent in 95% of our endpoints.

It worked much better as an endpoint management tool, like for vulnerability management to track vulnerabilities. It's more about trust and verification rather than relying on the IT Ops team to give us regular reports on the vulnerabilities on the endpoints. 

We relied on the CrowdStrike system to provide evidence to the IT Ops team for patching things that were not really patched. It really worked well for third-party patch management. It's not labeled for that use. However, it worked really well and really helped our patch management initiative with 24/7 coverage for all our endpoints.

We used the quarantine feature as well a few times. We did a trial for it. 

As an end-point solution, nothing beats it, to be honest.

Their threat intelligence is very good. Their MDR response time and the SLAs they have with their MDR SOC team are very good and responsive. Those two have saved us from breaches a few times in my previous role, so it's proven pretty valuable.

The only thing is you have to pay for it, and it's on the expensive side. That's the one thing with any of these services. It also rates highly on the Gartner scale, so obviously, pricing is a bit high.

Their agent is a bit finicky for Mac devices. It works great once you get it working, however, it is a bit finicky to get it deployed across the board. It's not CrowdStrike's fault for the Mac thing, it's just the way Mac is, even though it's not a big concern. 

Their UI is a bit noisy. They have too many sections and they have too many components. It's hard to get all that data into one dashboard, and Falcon Complete has multiple dashboards. It gets a bit cumbersome, that's the only area I would focus maybe a little bit.

Other than that, we didn't really hit any roadblocks, to be honest.

I used it in my previous role for about three and a half years.

The stability is very good. 

Scaling is very easy. We had over 4,000 systems, and we had them installed in AWS servers. Scalability and installation-wise, it is super easy.

Support has been very good.

Positive

I've also used Sophos, those guys are very similar.

Installation is very easy.

Once it's installed, we have a team of four that can handle maintenance duties. SOC operations and IT operations can handle deployment and maintenance tasks. 

IT Ops helps with the installs and they do some of the installs themselves.

I cannot recall the exact pricing of the solution. 

The pricing is fair for what it is. They do provide good service, and the threat intelligence engine is really awesome. I would rate them 4.5 out of five in terms of affordability.

We are just customers and end-users.

What you have to do with any type of endpoint management solution is look at the effort that's required to deploy any solution. I'd recommend new users do a POC for sure in the beginning. And then, based on the POC, always try to negotiate pricing. Definitely do as long as a POC as you can, proof of concept, and see if the solution meets your environment's needs.

I'd rate the solution a nine out of ten.

I use the solution for a lot of things. It has more visibility than core tech. For example, it's better the TSC scores and that any integration visibility with Zscalar.

The solution helps to provide a better security posture. 

The solution provides more visibility than Zscaler.

There's more security. It provides enhanced security with integration capabilities with third-party tools. 

The threat detection and response are easy. If you have a subscription for the Falcon Consultant Complete sublicense, then they will take care of your MDL service. They will assign their team to it, and they will manage your incident detection and monitoring. CrowdStrike will take care of it via its own expertise so you don't have to overload your existing resources. 

It helps improve our security posture by integrating with web security, email security, and other forms of security. There are also a lot of third-party tools. You have the opportunity for more alerts and security. CrowdStrike shares information with third-party tools that really help with visibility.

The solution is constantly being updated. 

I've been satisfied with the interface. 

We'd like to see the option for an uninstall feature directly on the cloud. It's a tokenless install; however, you should have a token while installing and uninstalling. 

The installation could always be a bit easier. You need to install it manually at the endpoint. 

I've used the solution for a year. 

The stability is very good. I have not witnessed any downtime. 

This is a cloud-based solution, You can easily scale it. 

Technical support has been very good. They are very helpful. It's a strong point for the product.

Positive

I have also used different solutions. For example, I have used Cortex.

The initial setup is very straightforward. It was a simple process.

I'm a technical engineer and don't have visibility on the pricing. However, it can be a bit lower than other options. 

I'd rate the solution 8 out of 10. I can completely rely on CrowdStrike. 

The solution did a good job of preventing ransomware. It is used for behavioral analysis. For instance, if something appears to be suspicious then the solution blocks it.

If someone is using the old Microsoft Office and the system is not updated then CrowdStrike takes action on behalf of the operating system. So it is not only going above the application level but also the operating system level.

The analysis of the investigation of the incident could be easier. Offline scanning can be included in the next release. 

Moreover, Crowdstrike should think about making the price cheaper.

I have been using it for one year.

It is a stable solution.

The solution is scalable. Presently, in the company, there are three hundred users, and in the group, there are one thousand users.

The technical support team is in the middle range and not very good. We have a dedicated team from CrowdStrike working for us; it is called the watch service. 

We also subscribe to EDR Plus watch service. So we have a team from CrowdStrike always monitoring things before it happens.

Previously, I used Carbon Black EDR for three years, and I was a very happy user, but their technical support was not very relevant, so I switched.

The initial setup was straightforward. The deployment took around two weeks. We have only one engineer helping with the deployment.

There has been a Return on Investment. We have been working with two incidents, and the support team was really helpful from their side.

We need to pay a yearly subscription fee, which is expensive compared to others.

Anyone using CrowdStrike should ensure that they have the watch service. Though I do not remember the name of the service, it says Crowdstrike engineers are also monitoring.

I rate the solution a nine out of ten.

The most valuable features of CrowdStrike Falcon Complete are the modern and intuitive capabilities, and because it is cloud-based it is much easier to adopt and roll out to the environment.

I have been using CrowdStrike Falcon Complete for approximately one year.

CrowdStrike Falcon Complete is a stable solution.

The scalability of CrowdStrike Falcon Complete is good.

We have approximately 1,000 users using this solution in my company. We have plans to increase our usage.

The support is good from CrowdStrike Falcon Complete. We call them and we have a response immediately. They could improve by increasing their knowledge.

I rate the support from CrowdStrike Falcon Complete a four out of five.

Previously used Symantec Endpoint Protection. We switched to CrowdStrike Falcon Complete because we had a lot of real threats that passed through the antivirus and at the same time, we were not getting the right technical support from Symantec.

The setup of CrowdStrike Falcon Complete was easy. We have not yet completed the full implementation, it is still ongoing and we hope to finish it in two to three months. 

We had some initial proof of concept and did it on test PCs and test servers. We are moving it into production. We are doing small steps every week.

We had support from CrowdStrike Falcon Complete available during the implementation.

I rate CrowdStrike Falcon Complete an eight out of ten.

CrowdStrike Falcon Complete is an XDR solution that we use for our endpoint protection.

We currently don't have a complete CrowdStrike Falcon bundle; instead, we have an enterprise bundle in place. For this bundle, agents are installed on all endpoints, and we define security rules to ensure automated workflows are executed through multiple cells using pre-defined playbooks.

CrowdStrike Falcon's detailed dashboard simplifies the process to respond to and remediate cyber threats.

CrowdStrike Falcon Complete's AI-powered analytics have demonstrated good performance and accuracy in real-world scenarios.

CrowdStrike Falcon has helped reduce the efforts of our SOC team by remediating most of the alerts, directly allowing us to manage things more efficiently.

We realized the benefits of CrowdStrike Falcon Complete within the first year.

CrowdStrike Falcon Complete highlights any endpoint vulnerabilities it detects directly on the dashboard, making it easier for our IT staff to address them and improve our overall security posture.

The overwatch module is the most valuable feature of CrowdStrike Falcon.

CrowdStrike Falcon Complete MDR offers an optional module that might not be cost-effective for all organizations.

I have been using CrowdStrike Falcon Complete for almost two years.

We frequently encounter situations where endpoint agents go offline for unknown reasons, necessitating a service restart on affected machines to restore connectivity.

I would rate the scalability of CrowdStrike Falcon Complete an eight out of ten.

The technical support is good.

Positive

As part of the integration team, I manage the entire transaction process. While the initial deployment presented a challenge due to the need to contact all end users, it was a one-time effort necessary to implement the solution. The deployment itself took four months to complete and required eight people.

We implemented a hybrid work model, allowing employees to work both from home and in the office. As a part of this model, we empowered end users to deploy the agents themselves. We carefully monitored the entire process through a designated dashboard, assigning agents to their respective groups and ensuring timely policy implementations based on individual agent online status. This approach granted us ultimate control over the process.

We used an integrator in the middle of the deployment.

We have seen a return on investment with CrowdStrike Falcon Complete.

CrowdStrike Falcon Complete is expensive.

I would rate CrowdStrike Falcon Complete a nine out of ten.

CrowdStrike Falcon Complete is deployed across our entire organization.

We are a partner of CrowdStrike Falcon Complete and it serves as our primary tool for enhanced network visibility and threat detection. Through its capabilities, we can efficiently identify and mitigate malicious activity.

The detection and response times are impressive. For example, I added a VM and made some changes. CrowdStrike Falcon Complete immediately detected these changes, halted them, and notified me of the suspicious behavior, providing all the relevant details.

Instead of a single dashboard with an overload of information, I favor a more user-friendly approach with an interactive dashboard. This would reduce visual clutter and improve information accessibility, minimizing the time users spend searching for relevant data.

The price for CrowdStrike Falcon Complete has room for improvement and should be reduced.

I have been using CrowdStrike Falcon Complete for almost five months.

I would rate the stability of CrowdStrike Falcon Complete a nine out of ten.

I would rate the scalability of CrowdStrike Falcon Complete a nine out of ten.

The technical support is good.

Positive

Before adopting CrowdStrike, we relied on Jamf Protect. As a CrowdStrike partner, we piloted the solution within our department before successfully deploying it across the organization.

CrowdStrike offers excellent visibility and comprehensive vulnerability detection, pinpointing both established and newly discovered threats within our network. Its detailed reporting allows us to track the origin, propagation, and eventual containment of vulnerabilities, a feature notably absent from Jamf Protect. Conversely, Jamf Protect possesses ECAS compliance and CSAM functionalities, which are currently unavailable in CrowdStrike. 

The initial setup is straightforward. Deploying the console through MDM takes just a few minutes, and a single person can handle deployments of up to 10,000 devices.

We have seen a return on investment with CrowdStrike. It also comes with a one million dollar money-back guarantee in the event of a breach.

CrowdStrike Falcon Complete is one of the more expensive security protection solutions. We pay an annual subscription for the enterprise bundle which includes support and deployment so there are no additional fees.

I would rate CrowdStrike Falcon Complete a nine out of ten.

The number of people required for maintenance depends on the size of the organization. A small company might benefit from a team of four, while a medium-sized company may require 12, and a large company could need as many as 20 team members dedicated to maintenance.

I recommend CrowdStrike Falcon Complete for organizations that require a primary security solution.

We use this solution for endpoint protection of a user, a computer, a server, or a virtualization.

The threat response from this solution is very comprehensive. It not only allows us to detect the threat, but also to isolate it and check the recovery capability of the compromised system.

This solution is lacking in a recovery feature. If there is a full compromise, this product can't recover the machine, which results in us having to rebuild the entire system.

We would also like some data analysis features to be developed for this product.

We have found this solution to be stable.

This product is easily scalable, if it is deployed with consideration being given to increasing the scale.

The technical support for this solution is not very good, and issues will not be picked up unless the ticket raised is extremely precise about what the problem is. Fortunately there is extensive documentation provided to allow for self-help to take place.

There is also a very good user-community group that has been set up, which allows us to contact users in other organizations and knowledge-share with them.

The initial setup of this solution was very easy. However, the deployment could be quite complicated if there is no basic understanding of computer science.

The licensing cost for this solution is $5000, per license, with each machine requiring its own license.

I would rate this solution a nine out of ten.

We use CrowdStrike Falcon Complete as an endpoint detection and response solution. We have over 10,000 users of this product. It requires less than 10 staff to deploy and maintain CrowdStrike. We are looking at rolling out more features of the product.

CrowdStrike has improved our meantime to closure on incidents. By enabling us to have more contextual awareness for each of the detections, it provides a much richer and broader scale of intelligence to each of the incidents and detections.

The threat intelligence of CrowdStrike Falcon is the most valuable feature. I also  enjoy their contextual awareness, endpoint detection and response.

The solution could use an on-demand scan feature.

I have been using CrowdStrike Falcon for 18 months.

CrowdStrike Falcon Complete is stable. 

The solution is scalable. We did a proof of concept with CrowdStrike versus others. CrowdStrik lived up to these capabilities.

I have used their technical support, and they are good. I would rate them a four out of five.

Positive

We were using a couple of other solutions before CrowdStrike and decided to move away from them as they weren't as good.

The initial setup of CrowdStrike is fairly straightforward. I would rate the initial setup a four out of five.

We used a professional service, an integrator, to implement the solution. Our organization is complex, so the roll-out took a couple of months.

From what I understand from our network architect, CrowdStrike Falcon is good value for the money required. We receive good service and support. The training is excellent. They offer a number of free classes to train users and analysts. It is a very capable product.

I would rate CrowdStrike Falcon Complete an eight out of ten overall.