We use CrowdStrike Falcon for endpoint protection against malicious activity.
Cybersecurity Analyst at a computer software company with 51-200 employees
Seamlessly integrates, is stable, and is suitable for all sized organizations
Pros and Cons
- "Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
- "The detection time has room for improvement."
What is our primary use case?
What is most valuable?
Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution.
What needs improvement?
The detection time has room for improvement.
For how long have I used the solution?
I have been using CrowdStrike Falcon for two years.
Buyer's Guide
CrowdStrike Falcon
March 2025

Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
What do I think about the stability of the solution?
I would rate the stability of CrowdStrike Falcon ten out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of CrowdStrike Falcon a nine out of ten.
How are customer service and support?
The technical support is good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are an MSP and have used and provided IBM QRadar, Bit Defender, and CrowdStrike Falcon based on each client's requirements.
CrowdStrike Falcon is the most popular choice for our clients because of its price.
How was the initial setup?
Deploying CrowdStrike is straightforward. We initially had a technical representative guide us through the process, but now we can handle it ourselves for our clients.
One architect and two engineers are used for the deployments.
What about the implementation team?
We implement the solution for our clients.
What's my experience with pricing, setup cost, and licensing?
The licenses are offered on a one-year and two-year basis. The more endpoints an organization adds the cheaper the cost.
What other advice do I have?
I would rate CrowdStrike Falcon a ten out of ten.
Our clients range from small up to enterprise level.
The maintenance is simple. We just need to stay on top of the updates.
CrowdStrike Falcon is user-friendly and the analysis provided is good making it an efficient solution.
Disclosure: My company has a business relationship with this vendor other than being a customer: MSP

Chief Technical and Solution Architect at Vertigo Inc.
Beneficial crowdsourcing intelligence, robust, and useful multi-tenant architecture
Pros and Cons
- "The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
- "The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
What is our primary use case?
I use CrowdStrike Falcon for endpoint security and compliance auditing.
How has it helped my organization?
We use CrowdStrike Falcon for discovery when anything goes wrong because it gives us a full history of what's happening. It acts as a preventative model for inappropriate activity. Additionally, we use it for compliance reasons.
What is most valuable?
The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence.
What needs improvement?
The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool.
In a future release, the mobile space can use improvement. However, some of those constrained are by Apple and other platforms as to what they can do on the platform. Some of the limitations are industry-based.
For how long have I used the solution?
I have been using CrowdStrike Falcon for approximately one year.
What do I think about the stability of the solution?
The stability of CrowdStrike Falcon is great, I have never had the slightest problems.
What do I think about the scalability of the solution?
CrowdStrike Falcon is highly scalable.
CrowdStrike Falcon is implemented company-wide on every device.
I have approximately one hundred protected endpoints, but the number of users that log on to the tools is approximately four.
How are customer service and support?
CrowdStrike Falcon needs to better its SE sales engineer team. The people didn't fully understand all the different parts of their solution. It's the endpoint protection and it is the essence of what we're trying to receive, they should know their solution very well.
I rate the support from CrowdStrike Falcon a three out of five.
Which solution did I use previously and why did I switch?
I previously used an anti-virus solution, but it didn't do all the things I needed regarding endpoint protection. That's why I added the CrowdStrike Falcon piece to the puzzle. I still have the anti-virus running. I don't need it technically, but I still have it running.
How was the initial setup?
The initial setup of CrowdStrike Falcon is in the medium range of difficulty. You will need a coach and be guided through it.
The time it took to do the full implementation from the beginning to end, from when the contract was turned on, and by the time I turned it on and had everything up was fairly fast because we piloted CrowdStrike Falcon at first. When I bought the solution, it was almost fully implemented. The full process took approximately two months.
I rate the ease of deployment for CrowdStrike Falcon a two out of five.
What about the implementation team?
We had some coaching help from the vendor to do the implementation of the solution. We have three people that can manage this solution.
What was our ROI?
This is not a tool you buy because it gives a return on investment. It's a tool you buy because the cost of not having it is far greater than the cost of having it if you have a problem.
What's my experience with pricing, setup cost, and licensing?
There are approximately a hundred different modules you have to purchase, depending on what you want to do. I have most of the modules. How it works is you buy the portfolio, you have to decide all the components you want in it, and then they price out a bundle for you. I have almost all of the package features in my bundle. You only need to pay for the modules you want.
The cost of CrowdStrike Falcon annually is approximately $10,000.
I rate the price of CrowdStrike Falcon a three out of five.
Which other solutions did I evaluate?
I studied the entire industry before choosing CrowdStrike Falcon. I evaluated many other solutions, such as Manage Engine, Malwarebytes, Checkpoint, McAfee, and Microsoft.
We choose CrowdStrike Falcon because it was fit for the purpose of our business. I needed a cloud solution and I needed it to be a SAS offering that was easy to use. It boiled down to features and fit for purpose, not features and functionality.
CrowdStrike Falcon platform was more robust. It was a true multi-tenant architecture, not a hosted instance. The crowdsourcing nature of CrowdStrike Falcon is a large benefit, all of the threat data is real-time and applied to you real-time from all around the world.
What other advice do I have?
My advice to others is to take a serious look at CrowdStrike Falcon. It's a good solution.
I rate CrowdStrike Falcon an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
CrowdStrike Falcon
March 2025

Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Senior Cyber Security Analyst with 1,001-5,000 employees
Detailed incident reporting, stable, and the technical support team is well trained
Pros and Cons
- "The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
- "Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
What is our primary use case?
The primary use case is digital security investigations using the dashboard.
How has it helped my organization?
Every week, a manager would look at a detailed report to see what kind of CrowdStrike incidents we had.
What is most valuable?
The most valuable feature is the indicator of compromise, which shows you what file was either quarantined or removed. It shows you the malicious files in question, as well as the exact time, the machine, the endpoint, and the host IP address. Everything you need to know is right there in a single dashboard.
What needs improvement?
Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do. It is quite a pricey product.
For how long have I used the solution?
I used CrowdStrike Falcon in my last two cybersecurity jobs, over a period of at least two years.
What do I think about the stability of the solution?
The product is stable as a rock. I have never seen any crashes. When it came to patching updates, we were always notified. It is not Windows-based, but rather Linux or Unix-based. It was more stable than any Windows product.
What do I think about the scalability of the solution?
We had a small shop, so we never had any reason to scale.
How are customer service and technical support?
The technical support is pretty good. They're trained in their product and they have a system in place where if the first line of support does not resolve the issue, they are emailing us directly back and forth, and they'll hand over the problem from one shift to the next.
It is not very difficult to get in touch with the support team, although it does require clearance from whoever handles the money aspect. You have to be really careful because they will charge you fees for any kind of solution that they provide.
I have used them twice, once for each company that I was working for. The first time, we used the CrowdStrike service to do the investigation so that we could focus our time on other products. They have teams that will act like a managed service provider to take care of incidents. We handled major incidents in-house but we let them handle the minor ones.
With the second company, we had to do the investigations as the incidents came in, so it was two totally separate vantage points. Both worked extremely well in both manners and forms.
Which solution did I use previously and why did I switch?
CrowdStrike was already in place before I arrived, at both places where I have used it.
We were also using Carbon Black, as well as other tools, but they were not being used to the same degree. I think that we were using Carbon Black for white-listing applications.
I also spent a lot of time using Nessus, which is a vulnerability scanner. I would look at scans to see what kind of vulnerabilities were present, and patch management updates with other teams.
How was the initial setup?
I was not there for the initial setup, but what I did learn was that the implementation team came in and worked with our engineering team. They set it up and then our team verified that all of the endpoints where there and that we had the visibility we needed for all of the subnets in all of the locations.
When I spoke with my teammate, I was told that it was pretty much straightforward and out of the box. The fact that it is a cloud-based deployment made it easier, too.
What's my experience with pricing, setup cost, and licensing?
Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business. It is not a one-time payment. Any upgrades that you want to do, you're going to have to pay multiple times.
What other advice do I have?
My advice for anybody who is implementing CrowdStrike Falcon is to get in touch with the vendor and then follow best practices. They have a lot of documentation and everything is there. For the most part, I would suggest looking at the technical support documentation first and then contacting a representative at the vendor to continue the process.
Most companies have it integrated with the SIEM and with their ticketing system, although I did not use it in that capacity because it costs more money.
Most of the time, you're not going to have to lay a finger. Once it finds an infected file, you might have to reboot the computer if it can't immediately remove it, or other such minor stuff. In general, however, it's never given me any issues and it's never given me a headache. Overall, it's very straightforward and just one tool out of the whole.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CTSO at Cyb3r
Provides efficient security posture and has diverse threat intelligence capabilities
Pros and Cons
- "The platform is very scalable."
- "Enhancements in reporting and forensic analysis could benefit the product."
What is our primary use case?
Our primary use case for the product is to enhance our threat intelligence capabilities. We use it to ensure comprehensive security coverage.
How has it helped my organization?
The solution has significantly improved our threat detection capabilities. It has helped us identify and respond to potential threats more effectively, contributing to our security posture. There have been no notable drawbacks; the solution meets our needs and complies with local regulations.
What is most valuable?
The product's most valuable features include its global reach and extensive threat data. Its wide exposure helps gather diverse threat intelligence, crucial for effective security management.
What needs improvement?
Enhancements in reporting and forensic analysis could benefit the product. CrowdStrike could publish detailed threat reports and analyses more consistently than other providers.
For how long have I used the solution?
I have been using CrowdStrike Falcon Threat Intelligence since early 2016.
What do I think about the stability of the solution?
I rate the platform's stability an eight.
What do I think about the scalability of the solution?
The platform is very scalable. It can effectively accommodate growing security needs, which is crucial for organizations with evolving threat landscapes.
How are customer service and support?
Customer service and support vary based on the level of service. Premium support is excellent, but standard support can be less responsive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used a different solution. We switched to CrowdStrike due to its comprehensive threat intelligence capabilities and global reach, which we found to be more effective for our needs.
How was the initial setup?
The initial setup was straightforward, with the installation taking less than two hours. However, fine-tuning alerts and configuring rules required additional time and effort.
What about the implementation team?
The implementation was carried out in-house.
What was our ROI?
The product has helped us detect threats that might have gone unnoticed, contributing to overall security.
What's my experience with pricing, setup cost, and licensing?
The product is expensive.
Which other solutions did I evaluate?
We evaluated several other options before choosing CrowdStrike. Our decision was based on the product's effectiveness and ability to meet our security requirements.
What other advice do I have?
Overall, it is a robust solution that meets our security needs. However, potential users should know the cost implications and ensure the product meets their requirements.
I rate it an eight.
Disclosure: My company has a business relationship with this vendor other than being a customer:
Last updated: Aug 3, 2024
Flag as inappropriateProduct Manager at E-DATA TEKNOLOJİ
Offers excellent protection with great integration and fast customer support
Pros and Cons
- "The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
- "I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
What is our primary use case?
We use the solution for security and in demonstrations to our partners.
What is most valuable?
The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product.
What needs improvement?
I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CrowdStrike.
I want to be able to create independent groups, each managed by its own admin, so I can isolate the group I use for demonstration purposes.
I have heard about CrowdStrike collecting personal information for marketing purposes, but that's not something I was looking for.
For how long have I used the solution?
I've been using this solution for about six months.
What do I think about the stability of the solution?
The stability of the solution varies, several weeks ago I had some difficulties deploying CrowdStrike. It may have been a bug in the latest update, but a few days later this problem was solved. Sometimes there are issues and CrowdStrike deals with them very quickly.
What do I think about the scalability of the solution?
It amazes me. For instance, we have an end-user with 15,000 users right now and we deployed it in one week. It's a very short time considering other solutions, some of which can take one to two years to deploy completely.
How are customer service and support?
I have contacted customer support four times and they have a very quick response time which is really satisfying. I believe the support team is good.
How would you rate customer service and support?
Positive
How was the initial setup?
It's pretty straightforward but with Linux if there is a kernel conflict, you may have to change your kernel version and then restart. I can't say with certainty that you won't need to restart during installation.
It took us 15 minutes to deploy the solution for eight users.
What about the implementation team?
I personally implemented the product.
What was our ROI?
In a week
What's my experience with pricing, setup cost, and licensing?
It's an expensive solution but you get a very good product for the price. Since having threat hunters and analysts cost much more than the product itself. Compared to other products, SentinelOne is definitely cheaper and the Microsoft E5 package is probably more expensive. Not many companies are willing to purchase CrowdStrike Falcon in our region due to the cost, but the market is changing. Brand awareness is increasing day by day along with the knowledge of what CrowdStrike is capable of by users and user candidates.
This solution, as well as other EDR tools, are selling slowly in our region but this will speed up in the near future. Some companies are already asking for an MSSP version of the product.
What other advice do I have?
Our end-users and partners want to know which data are going to be collected. Financial institutions need to know what is included in the telemetry data.
As a distributor, in our region it's mandatory for us to implement, as it wouldn't make sense for us to go to partners and end users with other solutions.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer: partner/reseller
AVP of Tech at a insurance company with 201-500 employees
Integrates well with Arctic Wolf, simple to set up, and offers excellent pricing
Pros and Cons
- "Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
- "They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."
What is our primary use case?
We use this product as an antivirus. We use it as an add-on for Arctic Wolf, which it integrates with.
What is most valuable?
The solution integrates well with Arctic Wolf.
Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue.
It's very scalable.
The stability is excellent.
I'm very impressed by its low pricing.
The initial setup was simple, and the deployment was fast.
What needs improvement?
I do not have any notes for improvement. It just works.
They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The product is rock solid. I've never had an issue with stability. It is reliable and the performance is good. There are no bugs or glitches and it doesn't crash or freeze.
What do I think about the scalability of the solution?
The product is very scalable. You can extend it as needed.
We have between 220 and 300 users at this time.
How are customer service and support?
I've never dealt with technical support.
Which solution did I use previously and why did I switch?
We had multiple other antiviruses, including Norton, Avast, and Defender. We chose Falcon due to its Arctic Wolf integration.
How was the initial setup?
The initial setup was very easy.
We did not need a lot of people to set it up. It took a couple of people and less than five hours to have everything up and running.
No maintenance is required.
What's my experience with pricing, setup cost, and licensing?
The licensing is very low. It's quite affordable.
What other advice do I have?
The solution is excellent. I'd advise people that if they have Arctic Wolf, they'll have an easy time.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cloud Operations Center Analyst at a pharma/biotech company with 10,001+ employees
Easy to set up with good vulnerability monitoring but the performance could be better
Pros and Cons
- "It's very easy to set up."
- "The performance could be better."
What is our primary use case?
The solution is for alerts. It will trigger if there is malicious traffic or some scripting attack. Any attack that is there, then it'll alert automatically.
What is most valuable?
We can protect against the worst level of attacks. We can see everything from the dashboard.
The vulnerability monitoring is great.
It's very easy to set up.
What needs improvement?
The performance could be better. It's a bit slow. When we click to launch the dashboard, it should be more responsive.
For how long have I used the solution?
I've been using the solution for the last six months.
What do I think about the stability of the solution?
The performance could be better. It's a little bit slow.
It's not very stable. We can't seem to support the latest version.
What do I think about the scalability of the solution?
We don't really handle the scaling. I can't speak to that aspect of the product.
We have about 300 to 400 agents running.
How are customer service and support?
Technical support is great.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did previously use a different solution. The security team made the decision to switch. It wasn't a decision from an operations standpoint.
How was the initial setup?
We just install the agent and whatever other notes you need to monitor.
It is straightforward to set up the solution.
There's no deployment. We just run the agents and those will take care the deployments. The security team will take care of the deployment part. Therefore, we just install the agents and hand over the environment to them. They will monitor everything.
What about the implementation team?
We don't need any outside help, really. Mostly they will give you the links and how you need to deploy everything. Based on that information, we'll follow that advice.
What's my experience with pricing, setup cost, and licensing?
I'm not sure of the exact cost of the solution.
What other advice do I have?
We are on the latest update of the solution.
There isn't really any specific knowledge required to use CrowdStrike, apart from maybe general knowledge of cyber security.
I'd rate the solution seven out of ten. If it had better performance, I would rate it higher.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT Department at a pharma/biotech company with 10,001+ employees
Effective cyber attack prevention, light on resource, and great user expereince
Pros and Cons
- "The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment."
What is our primary use case?
CrowdStrike Falcon is leading the market in EDR. They are the first that to have this kind of solution against malware. They have an advantage in respect to the rest of the competitors. They offer a certain amount to protect in case of malware or cyber-attacks. They have a policy or insurance connected to the service. That's the reason why we choose CrowdStrike over other solutions.
What is most valuable?
The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment.
I am very happy with CrowdStrike Falcon because it does not use a lot of resources in the endpoint, it's a lightweight solution. It provides good protection and it is very effective. Additionally, it is easy to integrate, has great features, good capabilities, and the users have a positive experience.
For how long have I used the solution?
I have been using CrowdStrike Falcon for approximately one year.
What do I think about the stability of the solution?
CrowdStrike Falcon is stable.
What do I think about the scalability of the solution?
I have found CrowdStrike Falcon to be scalable.
How are customer service and support?
I have not needed to use technical support.
What's my experience with pricing, setup cost, and licensing?
The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky.
What other advice do I have?
My advice to those wanting to use CrowdStrike Falcon is to try it out to see if it works well in their environment. I consider CrowdStrike Falcon is a very accurate solution. They are confident about the capabilities of their solutions because they offer money or payback if there is a high-impact cyber incident or cyberattack while using the solution.
They need to have special consideration about the different plans and budgets that they need to get the solution that they want.
I rate CrowdStrike Falcon a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Endpoint Detection and Response (EDR) Security Information and Event Management (SIEM) Endpoint Protection Platform (EPP) Identity Management (IM) Threat Intelligence Platforms Active Directory Management Extended Detection and Response (XDR) Attack Surface Management (ASM) Ransomware Protection Identity Threat Detection and Response (ITDR) AI-Powered Cybersecurity Platforms Continuous Threat Exposure Management (CTEM)Popular Comparisons
Microsoft Defender for Endpoint
Fortinet FortiEDR
SentinelOne Singularity Complete
Microsoft Defender XDR
IBM Security QRadar
Cisco Secure Endpoint
Elastic Security
HP Wolf Security
Trend Vision One Endpoint Security
Kaspersky Endpoint Security for Business
Intercept X Endpoint
Trend Vision One
Check Point Harmony Endpoint
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- What is the biggest difference between CrowdStrike and Cylance?
- CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
- Is Crowdstrike Falcon better than Trend Micro Deep Security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?