CrowdStrike Falcon Reviews

I'm currently working as a cybersecurity specialist at the Arab Open University. We are trying to create centralized station input. We have nine branches in the Middle East, so we need a cloud-based solution. Our control center is in Kuwait but all nine of our branches use CrowdStrike Falcon. Our team is located in Kuwait, which is where we handle and mitigate threats from.

The most valuable CrowdStrike Falcon feature is that the user is blocked from the network completely. I think that this is a good solution. We can do a threat analysis of any machine at any time, but that threat analysis is very limited. 

There could be more flexibility in terms of policy defining and certain features, like USB controls, should come standard with the license. Many CrowdStrike Falcon competitors are cheaper and offer a slew of features in the standard license.

CrowdStrike Falcon is not so flexible. We need a specific admin control or maybe supervised controls to change or modify the settings.

I have been using CrowdStrike Falcon for almost a year now. 

CrowdStrike Falcon is stable.

CrowdStrike Falcon's scalability is good. We have thousands of students using this solution. 

CrowdStrike Falcon's technical support is good. 

Positive

Yes, we previously used Kaspersky.

I think CrowdStrike Falcon is a straightforward solution. It is not very complex. It's just plug and play.

We deployed in-house, with our own team. We just borrowed the set up files and deployed on all the stations. Only two persons at each branch worked on deployment, so we used certain software to deploy the files on the network. Deployment took us nearly a month. 

I'm not sure how much we are paying for CrowdStrike Falcon, but we have a yearly subscription. 

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

I was able to look through some rapid analysis when bad things happen. More so than having to get, especially in the distributed world of post-COVID, being able to have a central place to be able to see what's going on, on the landscape of endpoints at any given time.

The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system. What does it usually do, and is it doing anything differently?

The UI is great, and the performance was great. The way it gathers and presents the information was very good and it integrates well with things with a central log aggregator, such as Splunk. You can do more big data analytics that includes security. It seems to be fully featured in all of those areas.

I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it. It's got a pretty good engine to do that on its own but it's one of the things that are important to us, so I'm just trying to increase the time-to-issue identification.

By comparison to buying into the Microsoft suite, it was definitely less costly. CrowdStrike can be costly.

I have had this solution for approximately three years.

It seems stable. The performance is good.

It's a scalable solution. They are running 1400 endpoints on it right now, and it seems to be fine.

There is only one person working at it right now and they are the security engineer/operator.

If you look at how they spend their day, a tool like that does a lot with a little and can make a one man band pretty effective or much more effective. It makes the response to an issue right when it happens way more possible with such small security. 

We haven't used technical support.

The initial setup was already completed before I started with this company.

When comparing to Microsoft, CrowdStrike Falcon is more expensive.

I'm going by the client and some of the things that are driving their decisions. 

It's typical when Microsoft throws things in and it seems really cheap, even though you're spending a million and a half dollars with them. You may as well increase the value of that million and a half.

My guess is that CrowdStrike is going to maintain parity or stay ahead of Microsoft.

As I came into this organization, they were moving away from CrowdStrike. 

They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. 

They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then.

I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled?

When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. 

I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool.

For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. 

I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet.

I would rate this solution an eight out of ten.

We use this solution on all of our endpoints and servers.

The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately.

The most valuable features of the solution are the detection and prevention of unwanted applications and malware services.

The solution keeps changing their website to the point that it's hard to navigate. Also, the technical support is kind of hit-or-miss. Sometimes they really respond quickly and sometimes I don't hear from them for a long time.

I began using this solution when I was hired at this company about 10 months ago, and they were using it before that.

The solution looks very stable. 

It is a scalable product. 

The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak.

Neutral

The initial setup was complex. On a scale of one to five, with one being complicated and five being very easy, I would rate it about a three.

The deployment was handled in-house.

The licensing cost isn't cheap, but it's appropriate. 

My advice to those looking into this solution would be that it's in the top right quadrant of the Gartner quadrant, so it deserves consideration. You just have to be prepared to integrate it.

I would rate this solution as a four out of ten. This is mostly because of the weak technical support.

Our primary use case is for endpoint protection.

When we have detections, I get insight into the top-down view of where it thinks it saw the problem and what triggered the detection. This allows us to have insight into what it thinks it is compared to what could have we have really been doing.

It seems to do a pretty good job of protecting the host. Gives good insights when it has a detection. It's pretty incredible.

I have been using CrowdStrike Falcon for six months.

So far, it's been 100% stable. Besides the very lightweight agent, it's all Cloud-based, so I haven't had any downtime.

Scalability is super easy. The deployment was easy. It's all price based. Money is the biggest challenge, not deploying it. It requires one system engineer. 

We have around 400 users. There are five of us who manage it, including the help desk, system engineers, and the director.

We haven't needed to contact support yet. 

We previously used Cylance. We switched because they weren't innovative. It was the same product that we bought three years ago. They were a great product and they had a job and they did it well. They just didn't ever innovate and they never improved. It's the same products we bought for the same three years. CrowdStrike was more innovative and it seemed to be a better long-term product. They seem to be improving constantly.

The initial setup was very easy. The deployment took about 60 days. We had a few methods of deployment. We did a push method. We had an agent tell all the machines that we were able to script it and push the apps to that.

We used the project management of CrowdStrike's themselves for the deployment. They were really good. 

We haven't had any outages based on malware or ransomware. I can't put numbers to it, but not having that kind of an outbreak definitely has an ROI attached to it.

We looked at a few other solutions but the main competitor was Carbon Black. 

I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement. 

We use Falcon to check the login attempts of the users. We can see who has logged in and when. We can see which workstation is assigned to each user. CrowdStrike helps us enforce policies, such as USB policies and users recycling passwords. 

CrowdStrike is deployed on every workstation, so policy changes can be enforced on all of them. It lowers the manual work on each of the workstations. It has helped us manage device usage in our environment. 

I like CrowdStrike's policies. The integration is easy to do. I can remember once when Falcon prevented a security breach occurred because someone clicked on a phishing link, and their credential was compromised. We used threat tracking to isolate the device from networks. 

I have used Falcon for two years.

I rate Falcon nine out of 10 for stability. 

I rate Falcon eight out of 10 for scalability. 

I rate CrowdStrike Falcon nine out of 10. 

We use CrowdStrike Falcon XDR for endpoint protection.

It is more sophisticated than a legacy antivirus. 

When compared to the legacy antivirus, it offers more features, including the ability to do analyses, halt execution, and more. It also gives you real-time notifications.

In comparison to the earlier legacy era, it is better.

The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution.

It gives you that capability.

I am satisfied with the features that I currently use.

The interface is good, I have no complaints.

I believe that most of the features are perfect for my needs, anything else is only icing on the cake.

It can be expensive depending on the features you select.

The technical support could be improved.

I have been working with CrowdStrike Falcon XDR for more than one year.

CrowdStrike Falcon XDR is a very stable solution.

CrowdStrike Falcon XDR is simply scalable.

In my opinion, it all comes down to what is your pocket saying., and the number, of users. 

From my perspective, it's a very scalable product.

All of your endpoints are using this solution.

In our company, we have approximately 372 users.

We have contacted technical support multiple times.

I would rate the technical support a three and a half out of five. They are good but could improve.

The initial setup was very easy. 

It took less than three days.

We completed the setup with some assistance from the Falcon team.

I am not aware of the price, but I believe that it is among the most expensive XDRs out there. 

Of course, this is dependent on the features you choose. Depending on the features, the price might increase.

This is our sixth year of transitioning from a legacy antivirus. So, I believe we saw the issues that we have with legacy antivirus. That's why we went for Falcon XDR.

First, they should understand their needs, then depending on those requirements, I would be able to advise because each person has a unique use case.

I would strongly suggest this solution to anyone who is considering using it. It's a go-to for endpoint protection.

I would rate CrowdStrike Falcon XDR  an eight out of ten.

We use this solution for next generation anti-virus protection and detection. We are a premium partner of Crowdstrike. 

The EDR and XDR features have been most valuable.

For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible.  

I have been using this solution for two years. 

This is a stable solution. I would rate it a five out of five. 

This is a scalable solution because it is cloud based. 

If customers want technical support, they need to subscribe to a special service that they need to pay for. When it comes to CrowdStrike, customer use the different support services as per their needs. By default, they don't provide the telephonic support.

I would rate the support a four out of five.

Positive

The initial setup is very straightforward and required two people. I would rate it a four out of five. It take approximately one week to set up. 

We receive good ROI when using this solution. I would rate it a four out of five. CrowdStrike offers a breach warranty which greatly reduces risk for customers. 

When it comes to licensing, customers can choose a bundle or select licences based on the specific features they would like access to. This solution comes with premium pricing. It is approximately 20 to 30% more expensive than competing solutions. 

I would rate the pricing a three out of five. 

I would advise others to tell their customer upfront that staying connected to the internet is very critical to the use of this cloud based solution. 

I would rate this solution an eight out of ten.

We are using Crowdstrike Falcon XDR for security.

The most valuable features of Crowdstrike Falcon XDR are Spotlight and Discovery, they are helpful. Additionally, the console is user-friendly, with fewer false positives than other solutions.

Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations.

I have been using Crowdstrike Falcon XDR for approximately one year.

Crowdstrike Falcon XDR is a highly stable solution.

Crowdstrike Falcon XDR is scalable for what we use it for. We are using the maximum number of endpoints, which is 1,000.

The support from Crowdstrike Falcon XDR is of a middle level. It is not good and it is not bad.

I rate the support from Crowdstrike Falcon XDR a six out of ten.

Neutral

We were previously using FireEye EDR. We switched to Crowdstrike Falcon XDR because we were facing a lot of issues, such as false positives.

The initial setup of Crowdstrike Falcon XDR is easy. We installed it manually, and it took us approximately one month to complete the implementation of the solution.

I rate the setup of Crowdstrike Falcon XDR an eight out of ten.

We did the implementation of Crowdstrike Falcon XDR in-house. We use two engineers for the maintenance and it is simple. 

We evaluated SentinelOne before choosing Crowdstrike Falcon XDR.

My advice to others is this solution is easy to deploy, and there is no planning required.

I rate Crowdstrike Falcon XDR a nine out of ten.