CrowdStrike Falcon Reviews

We use the solution for security and in demonstrations to our partners.

The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product.

I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CrowdStrike. 

I want to be able to create independent groups, each managed by its own admin, so I can isolate the group I use for demonstration purposes.

I have heard about CrowdStrike collecting personal information for marketing purposes, but that's not something I was looking for.

I've been using this solution for about six months.

The stability of the solution varies, several weeks ago I had some difficulties deploying CrowdStrike. It may have been a bug in the latest update, but a few days later this problem was solved. Sometimes there are issues and CrowdStrike deals with them very quickly. 

It amazes me. For instance, we have an end-user with 15,000 users right now and we deployed it in one week. It's a very short time considering other solutions, some of which can take one to two years to deploy completely.

I have contacted customer support four times and they have a very quick response time which is really satisfying. I believe the support team is good.  

Positive

It's pretty straightforward but with Linux if there is a kernel conflict, you may have to change your kernel version and then restart. I can't say with certainty that you won't need to restart during installation. 
It took us 15 minutes to deploy the solution for eight users. 

I personally implemented the product.

In a week

It's an expensive solution but you get a very good product for the price. Since having threat hunters and analysts cost much more than the product itself. Compared to other products, SentinelOne is definitely cheaper and the Microsoft E5 package is probably more expensive. Not many companies are willing to purchase CrowdStrike Falcon in our region due to the cost, but the market is changing. Brand awareness is increasing day by day along with the knowledge of what CrowdStrike is capable of by users and user candidates.
This solution, as well as other EDR tools, are selling slowly in our region but this will speed up in the near future. Some companies are already asking for an MSSP version of the product. 

Our end-users and partners want to know which data are going to be collected. Financial institutions need to know what is included in the telemetry data.
As a distributor, in our region it's mandatory for us to implement, as it wouldn't make sense for us to go to partners and end users with other solutions. 

We use CrowdStrike for endpoint protection. 

As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage. 

I would like to see equal support across all versions. Aside from that, I would say most of the features are there. 

We have been working with the solution for six months. 

Yes, CrowdStrike is stable.

The solution is scalable, we have 1900 users. 

We have only required our local support, they have been sufficient for our needs. 

We previously used a Symantec product, but there was no local vendor support so we switched to CrowdStrike Falcon. 

The initial setup is straightforward, we deployed in two to three weeks. 

We implemented the solution through our vendor, they proposed the solution. 

As the solution is a preventative measure, it's hard to say exactly what the ROI is. 

We have a yearly subscription and find the price to be good. I'd give it a rating of four out of five for price, we got a good discount. 

I would rate this solution an eight out of ten. There is still some grey area for us, as we haven't been using the product long enough to give a full evaluation of all the features. 

CrowdStrike Falcon is used for endpoint protection for businesses. It's used for identifying threats.

Most of the entry-level security provisions are based on identification, but CrowdStrike Falcon is a market changer because it does not need any kind of signature to identify or update threats.

All organizations face the big challenge of maintaining and updating their security processes. They need to do the update, but then it doesn't go beyond 90%, so CrowdStrike Falcon moved away from the update requirement, so there won't be a need to upgrade for certain types of technology, or for new technology. Not needing to update means the job of maintaining the updates will be taken off the plate of the IT department, which could mean big relief for the customers.

CrowdStrike Falcon is able to identify threats based on processes, rather than looking at signatures and this is what I like about this solution.

I like that it's easy to use, as expected from any cloud solution. CrowdStrike Falcon is an intelligent solution. It's as good as the top solution in the market.

We haven't seen anybody complaining about CrowdStrike Falcon, and we haven't had any customer using this solution who had been attacked by ransomware, so this is proof of how good this solution is.

Setting up and installing CrowdStrike Falcon is not easy, so an area for improvement is for that process to be simplified.

We've been using CrowdStrike Falcon for two years.

I find CrowdStrike Falcon a stable solution.

Installing this solution was not easy. One challenge from the installation is that you always have to replace something, e.g. your Crowdstrike password, macros, etc., before you're able to complete the setup.

We are not carrying CrowdStrike Falcon Complete because it's a managed service, so customers have not really gotten to that level. What we're working with is CrowdStrike Falcon.

Deployment of this solution took us three to five days. We have 2,000 users of CrowdStrike Falcon, and we have 110 different locations across India and some other parts of the world. We have people who manage this solution, but it doesn't require much managing, because the only challenge is removing the old solution, then replacing it with the new one.

I'm recommending CrowdStrike Falcon to other people who are looking into using it, because it's a good solution.

I'm rating CrowdStrike Falcon an eight out of ten.

CrowdStrike Falcon is working on our production servers.

CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM.

In the future release of CrowdStrike Falcon, they should add a sandbox feature.

I have used CrowdStrike Falcon within the past 12 months.

The solution is stable.

CrowdStrike Falcon is scalable. We have approximately 400 servers using this solution.

We have plans to increase the usage of this solution in one or two years.

We used technical support for the implementation of the solution and it was a good experience. They know the products well and they were able to give us all the answers to the questions that we had.

The setup is really easy. The full deployment took two months.

For the deployment of the solution, we used a three-person team and for the maintenance, we use the whole infrastructure team of four people.

The price of CrowdStrike Falcon could be better. It is very expensive, we pay approximately $900 per month for the licenses. There are not any additional fees.

Before choosing CrowdStrike Falcon we evaluated Sophos and Microsoft solutions.

The product is really good, but there is a lot of additional features that you need to have for it to be a complete solution. Be sure that your budget is enough to acquire the complete solution that you need.

I rate CrowdStrike Falcon a ten out of ten.

Our primary use case is for endpoint protection.

When we have detections, I get insight into the top-down view of where it thinks it saw the problem and what triggered the detection. This allows us to have insight into what it thinks it is compared to what could have we have really been doing.

It seems to do a pretty good job of protecting the host. Gives good insights when it has a detection. It's pretty incredible.

I have been using CrowdStrike Falcon for six months.

So far, it's been 100% stable. Besides the very lightweight agent, it's all Cloud-based, so I haven't had any downtime.

Scalability is super easy. The deployment was easy. It's all price based. Money is the biggest challenge, not deploying it. It requires one system engineer. 

We have around 400 users. There are five of us who manage it, including the help desk, system engineers, and the director.

We haven't needed to contact support yet. 

We previously used Cylance. We switched because they weren't innovative. It was the same product that we bought three years ago. They were a great product and they had a job and they did it well. They just didn't ever innovate and they never improved. It's the same products we bought for the same three years. CrowdStrike was more innovative and it seemed to be a better long-term product. They seem to be improving constantly.

The initial setup was very easy. The deployment took about 60 days. We had a few methods of deployment. We did a push method. We had an agent tell all the machines that we were able to script it and push the apps to that.

We used the project management of CrowdStrike's themselves for the deployment. They were really good. 

We haven't had any outages based on malware or ransomware. I can't put numbers to it, but not having that kind of an outbreak definitely has an ROI attached to it.

We looked at a few other solutions but the main competitor was Carbon Black. 

I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement. 

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

I was able to look through some rapid analysis when bad things happen. More so than having to get, especially in the distributed world of post-COVID, being able to have a central place to be able to see what's going on, on the landscape of endpoints at any given time.

The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system. What does it usually do, and is it doing anything differently?

The UI is great, and the performance was great. The way it gathers and presents the information was very good and it integrates well with things with a central log aggregator, such as Splunk. You can do more big data analytics that includes security. It seems to be fully featured in all of those areas.

I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it. It's got a pretty good engine to do that on its own but it's one of the things that are important to us, so I'm just trying to increase the time-to-issue identification.

By comparison to buying into the Microsoft suite, it was definitely less costly. CrowdStrike can be costly.

I have had this solution for approximately three years.

It seems stable. The performance is good.

It's a scalable solution. They are running 1400 endpoints on it right now, and it seems to be fine.

There is only one person working at it right now and they are the security engineer/operator.

If you look at how they spend their day, a tool like that does a lot with a little and can make a one man band pretty effective or much more effective. It makes the response to an issue right when it happens way more possible with such small security. 

We haven't used technical support.

The initial setup was already completed before I started with this company.

When comparing to Microsoft, CrowdStrike Falcon is more expensive.

I'm going by the client and some of the things that are driving their decisions. 

It's typical when Microsoft throws things in and it seems really cheap, even though you're spending a million and a half dollars with them. You may as well increase the value of that million and a half.

My guess is that CrowdStrike is going to maintain parity or stay ahead of Microsoft.

As I came into this organization, they were moving away from CrowdStrike. 

They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. 

They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then.

I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled?

When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. 

I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool.

For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. 

I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet.

I would rate this solution an eight out of ten.

The primary use case is detection and forensics.

The product is cloud-based, so we use the latest build which is available.

We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment.

The most valuable feature is its forensics capability.

It probably needs more integration with firewall vendors. 

It needs integration with other technologies. It doesn't play well with anything else. It is more of a standalone solution. Therefore, integration with other technologies would be great.

It is extremely stable. It has been around for many years. We have been a customer for almost five years.

It has met every scale need that we have come across.

The technical support is excellent. Though, as the company has grown, the technical support has felt less personal.

Our previous detection software, Webroot, was letting too much stuff through.

The initial setup is very straightforward. It just required an agent being installed. After that, it was self-managing.

We did the deployment directly with the vendor.

The solution has helped to increase staff productivity by probably 25 percent.

We are at about $60,000 per year.

We also looked at Cylance and SentinelOne. We went with CrowdStrike based on our own experimentation with it. We threw our own vulnerabilities at it, and it performed the best.

It does everything that it claims, making our life significantly easier. Definitely consider CrowdStrike. It will probably save you from a lot of threats that other products wouldn't catch.

Our security program is relatively immature, but this product has definitely been one of the keystones of our program.

We use Falcon to check the login attempts of the users. We can see who has logged in and when. We can see which workstation is assigned to each user. CrowdStrike helps us enforce policies, such as USB policies and users recycling passwords. 

CrowdStrike is deployed on every workstation, so policy changes can be enforced on all of them. It lowers the manual work on each of the workstations. It has helped us manage device usage in our environment. 

I like CrowdStrike's policies. The integration is easy to do. I can remember once when Falcon prevented a security breach occurred because someone clicked on a phishing link, and their credential was compromised. We used threat tracking to isolate the device from networks. 

I have used Falcon for two years.

I rate Falcon nine out of 10 for stability. 

I rate Falcon eight out of 10 for scalability. 

I rate CrowdStrike Falcon nine out of 10.