CrowdStrike Falcon Complete MDR Reviews

Our customers use it, but we deliver the services. We use it for advanced endpoint protection capabilities and threat-hunting capabilities. We use it for data lakes and repositories to reduce the cost and computational efforts for submitting or uploading in the cloud.

By implementing CrowdStrike Falcon Complete, we wanted to improve the visibility of our operators, analysts, and engineers. We wanted to be more efficient in our operations. Instead of finding information themselves, they can use the platform to find the information automatically.

Its benefits can be seen from the beginning. It is super easy in terms of deployment, and it works perfectly with the human resources and the stack of technologies that our clients have.

Partner support is beneficial. They are a trusted partner. They plan to continue in the market by themselves. They are not expecting somebody to purchase them. It helps to build confidence with the clients, and we can trust that nothing will change in that aspect.

They continue to improve their threat-hunting capabilities, which is important for me because there are more and more advanced threats, such as zero-day attacks. If we combine these threat-hunting capabilities with endpoint detection, we have an extra layer of response. It is super strong for us. We have different agents: one for detection and monitoring and the other one for the preventing aspect, which means threat hunting and response. I can combine the telemetry for threat hunting and monitoring and respond properly.

They are working hard to continue and enhance their labs for identifying new threats and malware. They are continuously labeling them with fancy names for marketing, but they are super helpful and useful because malware and attacks are labeled as per what is happening in specific industries or at specific locations. They give you an overall idea about what is going on not only in your country but also all over the world, and more specifically, in the industry you are working with.

The team of Falcon Complete works around the clock and does monitoring around the clock. It is quite good because it is a solution that combines monitoring and response, and at the same time, it labels all the threats in the world. They are super helpful in managing the threat exposure that companies face on a daily basis. 

The continuous improvement in detections and response times is valuable. They are more focused on threats that come from the cloud, not only that we see. Five or six years ago, we were just focusing on the infrastructure. They, for sure, have better coverage for the supply chain devices or assets that are in the environment of the clients. We have better coverage of third-party vendors, and we have more visibility and more interactions with those third-party vendor solutions.

Some features can be enhanced or improved. For example, there can be more integration capabilities.

There can be an application for the mobile device for the administrator of the platform to have an overview. In less than two minutes, they should be able to see what is going on and take action. Having an overview in a mobile phone would be super helpful for the administrators because everybody has a mobile phone nowadays.

I have been working with CrowdStrike Falcon Complete for four years.

It is stable. It is 90% compliant with what they promised.

It is scalable.

Their support is quite good. I would rate them a seven out of ten. They can add better resources or more resources locally.

Neutral

I am not involved in its deployment, but it can be deployed on-premises and on the cloud. The cloud provider depends on the client's preference. We do not have any issues.

It is expensive, but looking at the capabilities that it brings, it is reasonable.

There are no additional costs to the licensing costs. If you increase the number of licenses, support is included.

I would rate CrowdStrike Falcon Complete an eight out of ten.

We are using CrowdStrike Falcon Complete for fileless attacks, ransomware, and zero-day attacks.

The most valuable feature of CrowdStrike Falcon Complete is the lightweight design, easily manageable portal, and minimal IT maintenance required.

CrowdStrike Falcon Complete could improve by having advanced features, such as SOC, and HDR. There would have been a lot of processes involved.

I have been using CrowdStrike Falcon Complete for approximately three years.

CrowdStrike Falcon Complete is a stable solution.

The scalability of rowdStrike Falcon Complete is good.

We have approximately 500 computers using the solution. We have approximately 1,200 people using the solution.

I have not contacted the technical support from CrowdStrike Falcon Complete.

The initial setup of CrowdStrike Falcon Complete is easy. The time it took for the deployment was approximate one week for 500 computers.

We did the deployment of CrowdStrike Falcon Complete in-house.

There is a license needed to use the solution. The price of the solution is fair.

We evaluated McAfee and Symantec before choosing CrowdStrike Falcon Complete.

Symantec is complicated and it did not have as many features when compared to CrowdStrike Falcon Complete. McAfee is also a very complicated solution.

If you use this solution your environment will be safe.

I rate CrowdStrike Falcon Complete an eight out of ten.

We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

The initial setup is straightforward. 

The stability and performance have been pretty good overall. 

The solution has proven to be very easy to implement and easy to manage.

It is very simple to use and not overly technical. 

The product gives us very low false positives. 

Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

We are customers and end-users.

We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.

This is their XDR/MDR service offering. Basically, we used it as our endpoint EDR software. We also leveraged their MDR services to outsource any SOC duties for threat detection and containment. 

We used it in conjunction with LogicHub to have some SOAR capabilities for specific use cases in our environment, which was very useful. It really reduced time for our analysts to do simple detections or things that are triggered for basic automation rules based on a threat instance. 

We used it as a vulnerability dashboard for endpoint management. We deployed the agent in 95% of our endpoints.

It worked much better as an endpoint management tool, like for vulnerability management to track vulnerabilities. It's more about trust and verification rather than relying on the IT Ops team to give us regular reports on the vulnerabilities on the endpoints. 

We relied on the CrowdStrike system to provide evidence to the IT Ops team for patching things that were not really patched. It really worked well for third-party patch management. It's not labeled for that use. However, it worked really well and really helped our patch management initiative with 24/7 coverage for all our endpoints.

We used the quarantine feature as well a few times. We did a trial for it. 

As an end-point solution, nothing beats it, to be honest.

Their threat intelligence is very good. Their MDR response time and the SLAs they have with their MDR SOC team are very good and responsive. Those two have saved us from breaches a few times in my previous role, so it's proven pretty valuable.

The only thing is you have to pay for it, and it's on the expensive side. That's the one thing with any of these services. It also rates highly on the Gartner scale, so obviously, pricing is a bit high.

Their agent is a bit finicky for Mac devices. It works great once you get it working, however, it is a bit finicky to get it deployed across the board. It's not CrowdStrike's fault for the Mac thing, it's just the way Mac is, even though it's not a big concern. 

Their UI is a bit noisy. They have too many sections and they have too many components. It's hard to get all that data into one dashboard, and Falcon Complete has multiple dashboards. It gets a bit cumbersome, that's the only area I would focus maybe a little bit.

Other than that, we didn't really hit any roadblocks, to be honest.

I used it in my previous role for about three and a half years.

The stability is very good. 

Scaling is very easy. We had over 4,000 systems, and we had them installed in AWS servers. Scalability and installation-wise, it is super easy.

Support has been very good.

Positive

I've also used Sophos, those guys are very similar.

Installation is very easy.

Once it's installed, we have a team of four that can handle maintenance duties. SOC operations and IT operations can handle deployment and maintenance tasks. 

IT Ops helps with the installs and they do some of the installs themselves.

I cannot recall the exact pricing of the solution. 

The pricing is fair for what it is. They do provide good service, and the threat intelligence engine is really awesome. I would rate them 4.5 out of five in terms of affordability.

We are just customers and end-users.

What you have to do with any type of endpoint management solution is look at the effort that's required to deploy any solution. I'd recommend new users do a POC for sure in the beginning. And then, based on the POC, always try to negotiate pricing. Definitely do as long as a POC as you can, proof of concept, and see if the solution meets your environment's needs.

I'd rate the solution a nine out of ten.

The primary purpose of this solution is to safeguard against malicious software, ransomware, and other unknown security threats.

The solution is excellent; it meets customers' expectations for threat protection and provides an array of credit protection capabilities, features, and functions. As a system integrator, I am helping organizations find the best solutions to protect their environment.

The most valuable feature is AML-based threat detection.

The solution is geared more towards larger organizations, so it can be difficult for organizations with smaller budgets to utilize the solution. The cost has room for improvement.

I have been using the solution for the last four years.

The solution is stable, and while there may be opportunities for further improvements, the solution is well-designed and works well at this time.

The solution is cloud-based, so it offers scalable capabilities without any additional requirements.

CrowdStrike Falcon Complete's technical support is very good; they respond accurately, on time, and in accordance with their Service Level Agreement.

This solution is highly acclaimed for its seamless implementation and ease of use. Deployment is effortless, with simple policy creation and enabling processes. All aspects of this product work together smoothly.

Our clients must always receive technical and partner support when deploying our solution. We provide recommendations and best practices to ensure a successful integration that won't negatively affect existing systems. We can also provide guidance on how our product will interact with preexisting solutions.

CrowdStrike offers solutions with the same functionality for both large enterprises and small to medium organizations with competitive pricing. CrowdStrike is able to provide its customers with a solution that fits within their budget.

I give the solution a ten out of ten.

At my job, I am often working with CrowdStrike, as it is a well-designed solution that works effectively and has been tested by numerous customers. However, I am not limited to just this product and will provide a solution to customers no matter their preferences. I offer suggestions and recommendations to customers and work to meet their needs and terms and conditions.

I believe at times that CrowdStrike is the best option on the market when it comes to MDR. CrowdStrike is a very good solution.

The market provides a lot of capabilities when it comes to product offerings, not just endpoint security. Now, a single solution can offer different types of protection. So, there is no limit to how much a tool can be extended and expanded. It is up to the companies to decide what features and capabilities they want to offer.

What's most valuable about CrowdStrike Falcon Complete as an endpoint security solution is that it provides different features against malware outbreaks. The solution is also cloud-based so it offers flexibility in terms of managing it. It's also easy to deploy the agent and you can deploy it through CrowdStrike, your CloudStrike console, or you can take that agent out and you can use different solutions to deploy it through your group policy, your SSCM, or any asset management tool.

What could be improved in CrowdStrike Falcon Complete is the threat hunting feature and the insights it provides, in particular, the variable analysis feature. Protection against zero-day threats and sandboxing could also be improved in CrowdStrike Falcon Complete. If you compare it with other solutions, it can go head-to-head, but the features I mentioned still need improvement.

CrowdStrike Falcon Complete is a stable solution.

CrowdStrike Falcon Complete is a scalable solution. From the infrastructure and operation side, it's one of the best tools in terms of scalability.

I have not worked directly with the technical support team of CrowdStrike Falcon Complete. My company has a different team that worked directly with the CrowdStrike presale team, and that CrowdStrike team was really good, always supportive, and helpful.

I have no idea on the licensing cost of CrowdStrike Falcon Complete.

I have experience with CrowdStrike Falcon Complete, and I've worked with it recently. I work as a solution architect, so I work with different products, and I can't tell you exactly which version of CrowdStrike Falcon Complete I used.

I manage different customers, so the solution is deployed on various clouds, but mostly on a hybrid cloud, with providers being AWS and GCP.

My advice to anyone looking into implementing CrowdStrike Falcon Complete is to go for it. You should move from the traditional antivirus to the next-gen antivirus. Next-gen antivirus such as CrowdStrike Falcon Complete has malware detection, exploit detection, and endpoint detection and response (EDR) features that you won't find in the traditional antivirus. Signature-based antivirus also fails to detect zero-day attacks as well as crypto locker, ransomware, etc. CrowdStrike Falcon Complete has IOA behavioral protection, and it has an analysis functionality and great reporting capabilities, so you should go for it.

My rating for CrowdStrike Falcon Complete is eight out of ten. Sometimes on remote users as it is release-signed, there's some issue with the agent and some false positives as well. In terms of detection, an antivirus or EDR solution, or any kind of threat protection product, you have to check a few things. One is how good it is when malware is in the pre-execution stage and the post-execution stage. I have done some analysis on CrowdStrike Falcon Complete on seventy-five different parameters and controls, and I concluded that the product is really good. It's not a ten out of ten because I cannot provide a perfect score for any product. Eight out of ten is a good score in my point of view because you'd still feel that other things are missing in the product.

It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.

It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. 

It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.

It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.

Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.

I have been providing this solution for three years.

It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.

It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.

One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.

The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer. 

Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks. 

Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast. 

The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer. 

We are a team of two. I and my colleague do the deployment. 

It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.

Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.

CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.

We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector. 

There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints. 

I would rate CrowdStrike Falcon Complete an eight out of ten.

We are a partner of CrowdStrike Falcon Complete and it serves as our primary tool for enhanced network visibility and threat detection. Through its capabilities, we can efficiently identify and mitigate malicious activity.

The detection and response times are impressive. For example, I added a VM and made some changes. CrowdStrike Falcon Complete immediately detected these changes, halted them, and notified me of the suspicious behavior, providing all the relevant details.

Instead of a single dashboard with an overload of information, I favor a more user-friendly approach with an interactive dashboard. This would reduce visual clutter and improve information accessibility, minimizing the time users spend searching for relevant data.

The price for CrowdStrike Falcon Complete has room for improvement and should be reduced.

I have been using CrowdStrike Falcon Complete for almost five months.

I would rate the stability of CrowdStrike Falcon Complete a nine out of ten.

I would rate the scalability of CrowdStrike Falcon Complete a nine out of ten.

The technical support is good.

Positive

Before adopting CrowdStrike, we relied on Jamf Protect. As a CrowdStrike partner, we piloted the solution within our department before successfully deploying it across the organization.

CrowdStrike offers excellent visibility and comprehensive vulnerability detection, pinpointing both established and newly discovered threats within our network. Its detailed reporting allows us to track the origin, propagation, and eventual containment of vulnerabilities, a feature notably absent from Jamf Protect. Conversely, Jamf Protect possesses ECAS compliance and CSAM functionalities, which are currently unavailable in CrowdStrike. 

The initial setup is straightforward. Deploying the console through MDM takes just a few minutes, and a single person can handle deployments of up to 10,000 devices.

We have seen a return on investment with CrowdStrike. It also comes with a one million dollar money-back guarantee in the event of a breach.

CrowdStrike Falcon Complete is one of the more expensive security protection solutions. We pay an annual subscription for the enterprise bundle which includes support and deployment so there are no additional fees.

I would rate CrowdStrike Falcon Complete a nine out of ten.

The number of people required for maintenance depends on the size of the organization. A small company might benefit from a team of four, while a medium-sized company may require 12, and a large company could need as many as 20 team members dedicated to maintenance.

I recommend CrowdStrike Falcon Complete for organizations that require a primary security solution.