CrowdStrike Falcon Complete MDR Reviews

The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution.

They have very good knowledge of how to hunt for threats. It is all about the intelligence you put into a solution for detection. It is about making sure that if you see a number of things, you can interpret them correctly and take the right action against them. They're one of the best vendors because they come from that background. 

They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage. 

I have been working with this solution for three years.

We don't see any specific limitations on that at the moment. 

We have large implementations, and we don't really see any issues with the scalability of the solution. It seems to be able to scale up fairly quickly within the environment.

Their support is top-notch. They're very dedicated. Their experts are online when you need them. 

It is very straightforward. It takes very limited time to set it up. People get used to it very quickly.

Being a cloud-based solution, you don't really have to do a lot of installation. They have their own cloud. It is maintaining itself. There are automatic updates. That's one of the reasons why you want to go to the cloud-based approach. It is very easy in terms of maintenance.

I would advise anyone interested in such a solution to try it out. It is very easy to try it out. 

It is an absolute requirement to get an EDR solution in place. You should go with the ones that really have the most advanced capabilities for threat hunting. It is best to go with the experts. They've had some competition from Microsoft, which is not a bad solution, but Microsoft is not a security expert. CrowdStrike knows very well how to identify threats and link them to specific behavior. That's what you really want to have in there, and that's their strength. One of the reasons why they're still leading is that they are the only ones who can say, "We manage your network, and we would give you money back if we could not detect the issues upfront." That's one of their strong points.

If they don't do any specific scanning, they will adapt themselves to that. If it is a new system, they would need to learn that. If there is something new in there, it could be harder for them to detect it because they don't yet know the behavior, and they have to learn about it. That's the only negative element I see in it. 

They're doing quite a bit of work in improving it. They are doing a good job in evolving the product. I don't see any specific needs at this given moment on that. You could ask a lot, but in the end, you still need to make sure that the core is functioning well. They should stick with what they do best. Evolve that but not start doing everything. That's because it will not work. I'd rather have them stick to their niche.

I would rate it a nine out of 10.

We primarily use the solution for server endpoint protection as well as client and user client endpoint protection.

The solution allows us to have a single pane of glass for observing our antivirus and for any malicious activity. It allowed us to simplify investigations as well. It's basically helped keep our organization more secure.

The AI detection has been excellent in terms of detection and stopping malicious processes with little to no input on our end. 

Over the last year, we've had two instances where we've actually had to take a machine offline and do some forensics, however, for the most part, it's been great in terms of stopping anything suspicious from running on people's machines.

The solution is user-friendly.

The product seems to integrate well with other products.

The initial setup is pretty easy.

The solution isn't missing any features at this point. It's ticking all the boxes for our organization. There really isn't anything that I can see that would make me want to change providers.

The customization could be tweaked. We can do a bunch of custom dashboards. However, the one thing that I'm not a fan of is when you go to do an investigation, the way that the processes are laid out on the screen is very bland looking. While the information is there, it could be laid out better. I've seen other products like Cisco Secure that gives you a better view of the issues. Cisco just presents the data differently, and it's easier to look at.

I've been using the solution for about one year at this point.

We haven't suffered from bugs and have had no issues with updates. Everything is very light. It's very reliable and very stable.

We added about a thousand hosts since we rolled this out, and we have more coming online and have had no impact on our environment due to the fact that it's a cloud staff solution. The product is very scalable. There's no issue in that sense.

We have granted access to the dashboard to about five people, and it can be anyone from IT operations, server operations, and IT security.

Technical support has been great. I'd rate them ten out of ten. You can open up tickets right from the dashboard itself, and they're very quick to answer questions. We're quite satisfied with their level of service.

We used a different solution, and we switched due to the fact that CrowdStrike gave us the ability to replace our antivirus. At the time, we didn't have an EDR solution, therefore, CrowdStrike did both in terms of being able to detect an antivirus as well as proper endpoint detection and remediation.

The initial setup is not complex at all. The implementation is extremely straightforward and very easy.

Actually, one of the companies that we recently acquired was using another product and they wanted to know how easy it was to install our CrowdStrike. We had them uninstall their products on their servers and then install CrowdStrike, and it turns out uninstalling the other product took longer than the actual install of CrowdStrike.

Our company is very mindful when it comes to purchasing - whether it's software or equipment. I believe the folks that made the decision to purchase this product did so based on price and performance. I wouldn't say there is an issue with pricing. We are redoing our license with them. If that was an issue, I'm pretty sure I would have been asked to look at other products. Therefore, although I don't know the exact pricing, my assumption is that the cost is rather reasonable.

We're just customers. We don't have a business relationship with the company.

I'd advise other organizations to definitely do a proof of concept in their organization, and then go from there.

Overall, I'd give the solution a nine out of ten. It ticks all the boxes for everything that we need to do for investigations in our environment.

We use CrowdStrike as our endpoint protection solution for all of our devices.

The previous solution that we had for our endpoints was lacking. It was a blacklist/whitelist solution and every time you tried to run something, it would get stuck in a model of having to check the file, update the system, check the server, get approval to run a piece of software, and so forth. It was just a nightmare.

Its machine learning and AI features are good.

The real-time updates that it gets with respect to threats are very good.

It would be nice to have full-scale ESR reporting.

In the future, I would like to see better reporting and better SIEM integration.

We have been using CrowdStrike Falcon for about a year.

The stability seems fine and we haven't had any problems.

This product is cloud-based, so there is plenty of room for it to grow. I think that there are about 250 endpoints including everything from customer service to warehouse functions to C-suite.

I have been in contact with technical support and they seemed competent, as well as quick to respond. I would rate them a nine out of ten. Nothing is perfect and there is always a little bit of room for improvement. Ideally, there would be fewer canned responses for the first go around.

Prior to CrowdStrike Falcon, we were using Carbon Black. It was more of a blacklist-type software and it was just cumbersome to do anything for any of my users.

The initial setup was pretty simple, once the implementor showed us a couple of the tips and tricks, and what the nomenclature is.

The price is okay, although you're not going to get away cheap when it comes to security.

My advice for anybody who is implementing CrowdStrike Falcon Complete is to get the training and make sure that they understand the system. If they are going to be doing their own admin work then they have to make sure that they understand it all.

I would rate this solution an eight out of ten.

CrowdStrike Falcon Complete is used for endpoint protection, which includes anti-malware, and some MDR capabilities, such as threat hunting.

The most valuable feature of CrowdStrike Falcon Complete is the overall endpoint protection.

CrowdStrike Falcon Complete could improve the threat visibility and have remediated vulnerabilities that they find.

I have been using CrowdStrike Falcon Complete for approximately four years.

We have not had any problems with the solution.

I rate the stability CrowdStrike Falcon Complete a nine out of ten.

The scalability is good.

We have approximately 20,000 users that are using this solution.

I rate the scalability CrowdStrike Falcon Complete an eight out of ten.

I have not used the support.

We are looking to move to SentinelOne because of the lack of threat visibility.

My advice to others is to take the full package of the solution to determine what are the most useful features and then adjust the package later.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use CrowdStrike Falcon Complete for the management of endpoints, which are located onshore and offshore. 

CrowdStrike Falcon Complete is mainly for endpoint protection, and we used it alongside Microsoft Defender, to secure our assets, which are either domains or newgroups.

CrowdStrike Falcon Complete's most valuable features are efficient dashboards and their ease of management.

The improvements needed for CrowdStrike Falcon Complete are in the way the agent updates. The overall management of endpoints needs to be better.

In the next release of CrowdStrike Falcon Complete, they should include more security towards endpoints, add device management, and PAM solutions along with their endpoint solutions.

I have been using CrowdStrike Falcon Complete for approximately two years.

CrowdStrike Falcon Complete is stable. If they make any changes in the backend, then they leave their clients with very little choice, they either have to force manage everything or they can be left out.

The scalability of CrowdStrike Falcon Complete is good. We are in the cloud making scalability not a problem.

The support for CrowdStrike Falcon Complete is not good. They take a very long time to respond, it takes 24 to 28 hours for them to get back to us.

I have used previously Microsoft Defender for Endpoints.

Microsoft Defender for Endpoints is a very basic endpoint security solution. I cannot even compare it with CrowdStrike Falcon Complete.

The initial implementation of CrowdStrike Falcon Complete, including the creation of policies and aspects, is fairly easy. However, the only challenge is to roll out the endpoints individually onto all systems. If you have a large network and you don't have an SCCM or any other solution through which you can roll out, it becomes cumbersome. The solution does not come with any auto ruling platform feature.

The price of this solution is expensive compared to others solutions.

I have been using CrowdStrike Falcon Complete a seven out of ten.

It is working well. I tried a ransomware attack myself, and they were very fast in mitigating. I am very convinced of this product, and I am very satisfied with how it is working.

The team behind the program itself is very valuable. If you don't have your own security team, they can do a great job for you. If your IT team isn't in the company, this can be of great value to you.

Its documentation is very good. They have many different dashboards, and they do have a lot of information. Sometimes, it can be a bit overwhelming how much information is there, but once you find your way through with them, everything is very logical.

Some dashboards can be very complex, but once you get to know them, it is very logical.

I have been using this solution since 2019.

It is absolutely stable.

It is very scalable. It really doesn't matter whether you are a company using 100 endpoints or more than 2,000 endpoints. We have around 1,700 people in our company. There are around 200 people that need to be onboarded again.

They were very fast in responding. If you have a technical question, it only takes a couple of hours before they answer your questions. They are very skilled.

We had Symantec endpoints previously. They were very traditional points. There isn't a resemblance between these two solutions because CrowdStrike is more into machine learning in terms of the behavior of the system. Symantec is more of a traditional antivirus that starts scanning your computer and new files. They both are very different in the way they work.

Its setup is fairly basic. It is not very complex. We had the support of the Falcon Complete team to set it up. It took a couple of days.

 The Falcon Complete team introduced the platform.

It is a fairly firm price. It is not the cheapest solution, but if you take the complete team into consideration, it is a great value. 

You need to know that CrowdStrike is different in the way it works as opposed to the traditional software. It is fairly self-explaining, but you just need to know that this endpoint is based on the behavior. This means that if you introduce a USB stick with malicious software on it and the software or the file isn't opened yet or is dormant, CrowdStrike won't detect it. The minute you are trying to use that file, and the file is trying to execute things, CrowdStrike detects it instantly and takes action to mitigate a problem.

I would rate CrowdStrike Falcon Complete a nine out of ten. It is a great product. For our company, it is the right product. It is company deployed, and we will stick with CrowdStrike.

We use virtually every module within the solution, including identity protection. It boasts its own robust EDR capabilities, essentially positioning it as the top EDR solution in the market.

The prevention capabilities hold the utmost value.

The only aspect where we've offered feedback for potential enhancement is essentially the user experience.

I have been working with it for two years now.

It exhibits exceptional stability, with no instances of downtime experienced since its implementation.

In terms of scalability, we haven't encountered any issues. We have intentions to expand our usage in the future. Continuously striving for improvement, we aim to broaden the scope of what we utilize within the platform.

The customer service is quite satisfactory, with a reliable response time adhering to the service level agreement. I would rate it nine out of ten.

Positive

It's deployed across all aspects of our infrastructure, providing comprehensive coverage for our entire environment. It requires no maintenance.

The return on investment has been significant, aiding us in various simulated assessments and playing a crucial role in both detecting and preventing incidents early on. Moreover, it has proven beneficial for overall asset management.

While the cost is relatively high, it is justified by the value it brings.

We evaluated nearly fifteen solutions, including some of the top ones in the market. However, we opted for CrowdStrike because it aligns perfectly with our requirements and fits within our budget. Upon testing it out, we found that it effectively fulfills its intended purpose.

Overall, I would rate it nine out of ten.

Typically, we use the solution for detection, as we outsourced the response element to an MSSP. It also gives us visibility into security threats and allows us to find and eliminate them. For issues that outweigh our capacity, we escalate to our third-party MSSP.

The detection and investigation capabilities are my favorite parts of the solution. It has good threat intelligence and threat-hunting features.  

I want better integration with other security solutions; integrating with third-party apps wasn't as seamless as I expected.

I've been using the solution for one to two years. 

The solution is stable. 

I can't say because our usage remained flat; we didn't up or downscale.

On a scale of one to ten, I put the difficulty of the initial setup at five, right in the middle.

CrowdStrike offers training at an additional cost, so many organizations wouldn't want that route.

I rate the solution eight out of ten.

My advice is to be clear in the negotiation phase about your expectations, the strengths and weaknesses of the solution, and how much of the implementation CrowdStrike will be doing for you. It's good to keep in mind what the required integrations are based on existing infrastructure to understand what is and isn't feasible in the integration.