CrowdStrike Falcon Reviews

Our primary use case is EDR and ransomware.

The features I like the most are the response time and the dashboard are both excellent.

I would like to see a more accurate integration and an option to check the local machine.

I have been using CrowdStrike Falcon for more than two years.

The stability is around ninety-eight percent. The other two percent deals directly with the node being unable to detect as normal.

There is scalability but this is not our focus.

We have not had any issues with technical support. Much of what we use is online documentation.

We have used Microsoft Defender for Endpoint, SentinelOne, Carbon Black, and Trend Micro. The observation we have made is the accuracy and detection of CrowdStrike Falcon is excellent.

The initial setup is very straightforward given you have set your file control and detection levels correctly.

The cost is usually a challenge in the industry. I think we pay around sixty-eight dollars.

I would rate CrowdStrike Falcon an eight out of ten.

We use it to monitor everything related to the activity and to block any malicious activity. We are new in the security field in our company.

All the features are beneficial.

They should provide us with good visibility for everything.

We have been using this solution for two years, and it is deployed on cloud. We are also using the latest version.

The stability is amazing, and we don't have any issues.

It is scalable. We have 700 users, and we plan to increase the usage. We only need about three technical staff for deployment and maintenance, a senior systems engineer and two infrastructure managers.

We've used technical support, and I rate them a ten out of ten.

Positive

The setup was straightforward, and it took one month to enable the policy and use cases. We completed it in-house.

It has an annual license, and it is not that expensive.

We evaluated Trend Micro before moving forward with CrowdStrike Falcon.

I rate this solution a ten out of ten. Regarding advice, it is important to learn about CrowdStrike Falcon's capabilities and features. It would be easier to use if they gave that understanding.

The primary use case is detection and forensics.

The product is cloud-based, so we use the latest build which is available.

We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment.

The most valuable feature is its forensics capability.

It probably needs more integration with firewall vendors. 

It needs integration with other technologies. It doesn't play well with anything else. It is more of a standalone solution. Therefore, integration with other technologies would be great.

It is extremely stable. It has been around for many years. We have been a customer for almost five years.

It has met every scale need that we have come across.

The technical support is excellent. Though, as the company has grown, the technical support has felt less personal.

Our previous detection software, Webroot, was letting too much stuff through.

The initial setup is very straightforward. It just required an agent being installed. After that, it was self-managing.

We did the deployment directly with the vendor.

The solution has helped to increase staff productivity by probably 25 percent.

We are at about $60,000 per year.

We also looked at Cylance and SentinelOne. We went with CrowdStrike based on our own experimentation with it. We threw our own vulnerabilities at it, and it performed the best.

It does everything that it claims, making our life significantly easier. Definitely consider CrowdStrike. It will probably save you from a lot of threats that other products wouldn't catch.

Our security program is relatively immature, but this product has definitely been one of the keystones of our program.

This is an EDR solution used for antivirus purposes. It is used for vulnerability assessments, security posture management and to safeguard a business from all kind of attacks.

This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs.

This solution could be improved with greater scope for admins to make changes to the solution. Human input and intelligence has little value as the solution is built on artificial intelligence. 

I have used this solution for two years. 

This is a stable solution. 

This is a scalable solution. 

The customer service and support team are very good but it can be challenging to get hold of them.

Neutral

The initial setup is straightforward because it is a cloud only solution. 

This solution offers annual subscriptions. The pricing for this solution could be reduced.

The policies are very simple to create and offers very minimum options. Based on this, I would recommend those implementing this system make full use of all the features from the beginning. 

I would rate this solution a nine out of ten. 

The primary use case is threat protection.

It improves a lot of our security operations for threat management. It provides a lot for our day-to-day operations too.

The most valuable feature is its threat analysis.

I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.

It is quite stable. However, whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing.

We have not put that much stress on it, about 20 percent.

Scalability is good. We have had no issues with it.

Currently, we have about 4800 resources in the cloud.

Their technical support is good and helpful.

The AWS integration is good, and its configuration is straightforward.

We have seen ROI.

Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace.

I would like them to further reduce the price, because it is quite pricey at the moment.

I would recommend CrowdStrike as a first option product, but to look at others as well.

The new features that they have released were not bad.

AWS is better than the on-premise version because it can support cloud resources.

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.

In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues. 

The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well. 

I also like the overall reports. They are crisp and to the point.

There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.

A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.

The product is quite stable. 

It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.

Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.

Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.

CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.

The pricing will depend upon your volume of usage.

I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.

It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.

We primarily use CrowdStrike Falcon for malware detection, endpoints, and application behavior detection. The company has different teams, but our team handles the Windows and Mac hosts.

Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches.

Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement.

Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data.

In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.

I've been using CrowdStrike Falcon since January or February, so it's been eleven months, but my company used it even before I joined the organization.

Overall, CrowdStrike Falcon is a stable product. My company is satisfied with its stability.

Per my experience, CrowdStrike Falcon is scalable.

The CrowdStrike Falcon technical support is good because it's responsive, and the team reverts to you within a reasonable timeframe and in an excellent manner, which is essential for support. However, my team didn't have many cases because CrowdStrike Falcon doesn't require much support.

My company also took product training and implemented the learnings within the environment. CrowdStrike Falcon is effective and gives the required throughput and output, so in the last ten or eleven months, support cases have been very low, but whenever an issue is raised, the level of support has been excellent.

The company previously used Kaspersky, but CrowdStrike Falcon was far better. I heard that there was some attack, and Kaspersky couldn't handle that. CrowdStrike Falcon, on the other hand, offers excellent protection even from multiple malware attacks, and it has a good application behavior analysis feature.

My company did extensive penetration testing on CrowdStrike Falcon, which had good or far better results than Kaspersky. The company had a bad experience with Kaspersky.

The initial setup for CrowdStrike Falcon is moderate in terms of difficulty, so it's not very easy, but it's not complex as well.

How long the setup takes depends on how you want to deploy CrowdStrike Falcon, but at the moment, it doesn't take much time for my company. It's quicker, but any company implementing CrowdStrike Falcon for the first time may need some good training or some hands-on experience. Otherwise, compared to other products, I would say CrowdStrike Falcon is better, implementation-wise.

As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing.

My company uses multiple products related to cybersecurity, for example, Netskope. For endpoint security, my company uses Microsoft Defender ATP and Endgame. My company is also working with CrowdStrike Falcon. For vulnerability management, my company uses Qualys, in particular for the AWS environment.

I don't remember the exact version of CrowdStrike Falcon I'm using, but I know that the tool is on Windows, Mac, and some AWS environments within the company.

Within the company, the total number of endpoints is around seven hundred. Two admins handle the endpoints for CrowdStrike Falcon.

My advice for anyone looking to implement CrowdStrike Falcon is to go for it, especially if you want to add value to your cybersecurity, specifically endpoint protection and application behavior analysis. CrowdStrike Falcon has reliable results, so I prefer it over other tools.

My rating for CrowdStrike Falcon is nine out of ten.

My company is a customer, and not a partner of CrowdStrike Falcon.

We are a CrowdStrike partner, selling their products to our customers. We have small and medium-sized enterprise clients and clients in the government sector. Depending on customer requirements, we provide different CrowdStrike Falcon products, ranging from Spotlight to XDR.

The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature.

Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that.

I would like to see a web filtering feature, and better application features. This would make the product easier to sell to smaller businesses, and would make it so that devices follow the applied policies anywhere; even when users are at home or travelling in another country, for example.

We have been working with the solution for three years. 

Crowdstrike Falcon XDR is a stable product. 

The solution is scalable. 

The technical support is good; we raise a case using the portal and get a call back within a day. Help is available specifically for India, which is where we are based.

The initial setup is towards the middle; it isn't remarkably straightforward or complex. The GUI changes complicate setup, so our process begins with consulting the documentation, and then we can download and implement the agent onto a machine. This typically takes around 15 minutes per machine.

I'm not directly involved in sales, so I can't comment on the exact price, but I know the price decreases the higher the quantity we purchase.

I would rate this solution an eight out of ten.