The primary use case is threat protection.
Solution Architect at a comms service provider with 1,001-5,000 employees
The AWS configuration is good, but the cost is quite pricey
Pros and Cons
- "The most valuable feature is its threat analysis."
- "Scalability is good. We have had no issues with it."
- "I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
- "Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
What is our primary use case?
How has it helped my organization?
It improves a lot of our security operations for threat management. It provides a lot for our day-to-day operations too.
What is most valuable?
The most valuable feature is its threat analysis.
What needs improvement?
I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.
Buyer's Guide
CrowdStrike Falcon
December 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
It is quite stable. However, whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing.
We have not put that much stress on it, about 20 percent.
What do I think about the scalability of the solution?
Scalability is good. We have had no issues with it.
Currently, we have about 4800 resources in the cloud.
How are customer service and support?
Their technical support is good and helpful.
How was the initial setup?
The AWS integration is good, and its configuration is straightforward.
What was our ROI?
We have seen ROI.
What's my experience with pricing, setup cost, and licensing?
Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace.
I would like them to further reduce the price, because it is quite pricey at the moment.
What other advice do I have?
I would recommend CrowdStrike as a first option product, but to look at others as well.
The new features that they have released were not bad.
AWS is better than the on-premise version because it can support cloud resources.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Financial Analyst - Data Analytics at a energy/utilities company with 1,001-5,000 employees
We can see what processes are running on the system, what registry keys have been enabled
Pros and Cons
- "Enables us to understand what processes are running on the system, what registry keys have been enabled."
What is our primary use case?
Primary use is for endpoint investigations.
How has it helped my organization?
It allows us to determine root cause, do the analysis, a lot quicker.
What is most valuable?
Visibility into the endpoint rate. Understanding what processes are running on the system, what registry keys have been enabled. Pretty much understanding the whole frantic side of the endpoint.
What needs improvement?
It would be nice if we could extrapolate indicators of compromise and write them within sandboxes.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It's fairly stable. We haven't been having too many issues with that.
What do I think about the scalability of the solution?
It scales quite well because it's cloud-based and subscription-based. It can scale pretty quickly.
How is customer service and technical support?
I would say technical support is fairly good. They understand the technology quite well so they are able to support us a lot better.
What other advice do I have?
The most important criteria when selecting a vendor come down to the capability of the technology, the cost, the support, how it fits into our overall architecture strategy, and the stability of the company. For instance, if it's a small company and they go under, you might as well have not invested in it.
I would rate this solution an eight out of 10 because it has all the features that we need. It's within our budget, and it fits into our overall architecture strategy. There are a few features that could be added, as mentioned.
I would recommend this technology.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
CrowdStrike Falcon
December 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Engineering manager at a consultancy with 1,001-5,000 employees
Good support, easy to install, and protects our developers against cloud-based threats
Pros and Cons
- "The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
- "CrowdStrike should add support for ransomware protection."
What is our primary use case?
CrowdStrike Falcon is an EDR and we use it to protect our developers. They have a lot of risks that come from cloud services, such as AWS.
How has it helped my organization?
Without CrowdStrike, our environment is risky for the developers. As it is now, we have not had any security issues for two years.
What is most valuable?
The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it.
What needs improvement?
CrowdStrike should add support for ransomware protection.
Additional antivirus functionality should be included. However, this is not a big problem.
For how long have I used the solution?
I have been working with CrowdStrike Falcon for approximately two years.
What do I think about the stability of the solution?
We have not faced any problems with the product.
How are customer service and support?
We have support from the CrowdStrike team in Japan and we haven't had any problems with them.
How was the initial setup?
We have installed CrowdStrike on both Mac and Windows PCs, and we haven't had any problem.
What about the implementation team?
Our engineer was responsible for the installation.
What other advice do I have?
I would rate this solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head Of Infrastructure at a insurance company with 201-500 employees
Provides reliable detection that protects our endpoints and servers
Pros and Cons
- "The detection is very reliable. Also, OverWatch is a great feature."
- "The Integration with tools, SOC tools, could be better."
What is our primary use case?
We use CrowdStrike Falcon to secure the endpoints and servers that we have on-premise.
What is most valuable?
The detection is very reliable. Also, OverWatch is a great feature.
What needs improvement?
The reporting part is basic. It's not that intuitive and you cannot go further backward in terms of historical information.
The Integration with tools, SOC tools, could be better.
For how long have I used the solution?
I have been using CrowdStrike Falcon for two years, more or less.
What do I think about the stability of the solution?
The stability is good, it's compatible with most of our platform. The agent upgrade could be better, but it's more or less aligned with the platforms. We also use Mac OS on some endpoints. Mac is not always the reflection of the agent that is the latest.
What do I think about the scalability of the solution?
We haven't experienced any issues relating to scalability.
How are customer service and technical support?
Their customer support is good. I've always gotten the answers that I needed timely and with the content I needed.
How was the initial setup?
The initial setup was a bit complex, but that was due to our environment. In the beginning, we used the outdated VDI infrastructure of Citrix, but we have since evolved along the way and now it's straightforward; however, in the beginning, it was a bit difficult to get the CDI working properly, deploying the agents.
Deployment time varies, but for most endpoints, it only takes a few minutes.
What's my experience with pricing, setup cost, and licensing?
The price is too high. When we are reaching a new renewal, management always asks what's going on in the market.
What other advice do I have?
For the purpose of starting, yes, it's a very good solution, but you need to take two things into consideration: proper alignment with the infrastructure and the price. The price negatively affects the adoption of this solution.
On a scale from one to ten, I would give this solution a rating of eight — because of the price and reporting.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Consultant at a tech vendor with 501-1,000 employees
I like the overall reports of this solution. They are crisp, and to the point.
Pros and Cons
- "I like the overall reports of this solution. They are crisp, and to the point."
- "It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
- "It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
- "The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."
What is our primary use case?
We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response.
How has it helped my organization?
First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.
In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues.
What is most valuable?
The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well.
I also like the overall reports. They are crisp and to the point.
What needs improvement?
There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.
A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The product is quite stable.
What do I think about the scalability of the solution?
It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.
How is customer service and technical support?
Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.
How was the initial setup?
Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.
What was our ROI?
CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.
What's my experience with pricing, setup cost, and licensing?
The pricing will depend upon your volume of usage.
Which other solutions did I evaluate?
I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.
What other advice do I have?
It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Analista de segurança de TI at a tech services company with 1-10 employees
Useful search host detection, simple to scale, and great support
Pros and Cons
- "I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon."
- "The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
What is our primary use case?
I am using CrowdStrike Falcon for network protection. We have government customers.
What is most valuable?
I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon.
What needs improvement?
The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need.
In the next release, it would be beneficial to have a DLP or CASB solution.
For how long have I used the solution?
I have been using CrowdStrike Falcon for approximately one year.
What do I think about the stability of the solution?
The stability of CrowdStrike Falcon is very good. We have never had an issue.
What do I think about the scalability of the solution?
CrowdStrike Falcon is scalable. We were able to deploy it in a 5,000 hosts environment it is easy to scale.
We plan to increase usage in the future. We are always looking for new clients.
How are customer service and support?
The technical support is very good, it is perfect.
How was the initial setup?
The setup is simple, it took approximately one week.
What about the implementation team?
We deploy the solution with two people.
What's my experience with pricing, setup cost, and licensing?
We are on an annual subscription for the solution. There are not any additional costs.
What other advice do I have?
My advice for others is to purchase the solution it is simple to use and effective.
I rate CrowdStrike Falcon a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Engineer at a tech services company with 10,001+ employees
It can connect to host and isolate it from the network if needed
What is our primary use case?
We are currently using this solution as an ERD tool to control and remediate threat from the endpoint remotely, it serves as a next-gen antivirus solution. It can also be used in a forensic investigation, threat hunting, trend analysis, malware analysis, etc.
How has it helped my organization?
- CrowdStrike is a SaaS-based solution which means it can be operated from anywhere, which gives the admins access to control the endpoints from multiple endpoints.
- It has a very low footprint, using 1-2 % CPU and around 40 Mb of RAM, and the agent size is small and easy to deploy as well.
- It has segregation of roles at various levels for the analysts, admins, SMEs, etc.
What is most valuable?
- It can connect to host and isolate it from the network if needed; this feature helps us to investigate the endpoint without visiting the endpoint and then testing.
- It saves time and helps to contain the threat in less time.
- complete visibility into the endpoint
What needs improvement?
The current version of Falcon does not support DLP which is a may be a good to have in a EDR Solution. It must be included in the future version if possible. There must be a on-premise versions. MDM is also coming soon must also have ability to be controled from same dashboard.
For how long have I used the solution?
One Year
What do I think about the stability of the solution?
The solution is pretty stable, and it does pretty accurate work. I have never encountered any issue in this dept.
What do I think about the scalability of the solution?
The solution is scalable to multiple thousands of systems at once. There is no restriction for that.
How are customer service and technical support?
The support portal of CrowdStrike is active and helpful if needed.
Which solution did I use previously and why did I switch?
We compared multiple solutions in EDR and out of them, CrowdStrike gave the most features and value for money.
How was the initial setup?
It is pretty straightforward and without any complex mechanism.
What about the implementation team?
We as a team implemented the solution on our own, with the help of the manual and help desk.
What was our ROI?
It helps to manage a lot of threats with pretty less manpower and in a graceful way.
What's my experience with pricing, setup cost, and licensing?
The setup of CrowdStrike is very simple. It supports all three platforms (Windows, MacOS, Linux), and it has support for the specific version of the above OS. Which means sometimes, a particular OS won't be compatible with the CrowdStrike version.
Which other solutions did I evaluate?
Before choosing the solution, we evaluated various products from the Gartner magic quadrant for endpoint protection platforms (EDR and MDR).
What other advice do I have?
It comes with various modules, so you can choose the module that you need on the basis of the costing it comes with. This is definitely not cheap; it comes with a cost which may depend on the organization if they need it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Architect at a consultancy with 10,001+ employees
An easy to navigate interface and it maintains itself, but the detection capability needs improvement
Pros and Cons
- "At this point what is most valuable is the interface, which is easy to navigate."
- "In the six months that I have been using CrowdStrike, it has not been able to detect anything."
What is our primary use case?
The primary use case of this solution is as endpoint detection and response.
What is most valuable?
At this point what is most valuable is the interface, which is easy to navigate.
What needs improvement?
In the six months that I have been using CrowdStrike, it has not been able to detect anything. We have been using Trend Micro and it has detected some malicious activities.
We have CrowdStrike conduct some inner forensic investigations in hopes that it will be more advanced and detect things that may have been missed by Trend Micro.
It would be helpful to have some prebuilt search queries based on the top ten queries in the industry for detection.
For how long have I used the solution?
I have been using CrowdStrike for six months.
It's a SaaS-based solution that maintains itself. It updates automatically so that we are always using the latest version.
It is not like an on-premises solution where you maintain and upgrade the version to get the newest release. It's a cloud service that is maintained by the vendor.
What do I think about the scalability of the solution?
From my understanding, CrowdStrike is scalable as it's a cloud solution.
This is not an area that we have fully explored as we have less than 20 end-points.
How are customer service and technical support?
There has not been any contact with technical support or community support. I have been able to do what I needed through the documentation provided.
Which solution did I use previously and why did I switch?
We are currently using CrowdStrike, and also running another AV because CrowdStike is not detecting any malicious activities and the other AV is. We are giving it some more time to see if anything happens.
We decided to start using CrowdStrike for our external facing servers because it is the market leader in EDRs. While Trend Micro has an EDR, they call it XPR it is still new to the market.
How was the initial setup?
The initial setup is straightforward, it is easy to install and only took a few minutes.
We have deployed it on our external facing servers.
What's my experience with pricing, setup cost, and licensing?
The pricing could be reduced. If it was more reasonable that would be great.
What other advice do I have?
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Endpoint Detection and Response (EDR) Security Information and Event Management (SIEM) Endpoint Protection Platform (EPP) Identity Management (IM) Threat Intelligence Platforms Active Directory Management Extended Detection and Response (XDR) Attack Surface Management (ASM) Ransomware Protection Identity Threat Detection and Response (ITDR) AI-Powered Cybersecurity PlatformsPopular Comparisons
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
SentinelOne Singularity Complete
Microsoft Defender XDR
IBM Security QRadar
Elastic Security
Intercept X Endpoint
Trend Vision One Endpoint Security
Kaspersky Endpoint Security for Business
Check Point Harmony Endpoint
Trend Vision One
VMware Carbon Black Endpoint
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- What is the biggest difference between CrowdStrike and Cylance?
- CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
- Is Crowdstrike Falcon better than Trend Micro Deep Security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?
Crowdstrike has recently announced the EDR platform support to iOS and Android devices as well. So now Security teams can provide better security for external and roaming user devices.