CrowdStrike Falcon Reviews

It also helps you with access, like we have dark web monitoring and admin protection management. So, the use cases can vary from organization to organization, but every organization has different value in it.

It helps to prevent unauthorized access or identity theft from external sites. If your identity is stolen, you can ban it.

Real-time monitoring is important because it runs multiple things on a single platform, like IDA, EDR, XDR, and SIM solutions. It captures all technology with one agent, which makes it easier for us to fix customer issues. 

Having a single console is helpful, especially when customers have multiple vendors for their products. It's easier to manage one partner. In this case, CrowdStrike Falcon helps.

One thing that is not yet available is attack simulation. For example, if someone tries to attack your Active Directory on inactive accounts, a cyber attacker could hack those accounts and try to get into your company. This could be a feature to add. It would give a fake reply each time someone tries to hack it. Multiple companies that I know of would like that.

I have been using it for two years. 

It is a stable product.

I would rate the scalability a nine out of ten.  It's a scalable solution that is very easy to deploy.

It is suitable for every kind of business, including small, medium, or enterprise businesses.

Technical support depends on a system integrator.

CrowdStrike technical support regarding Identity Protection has a team, but if there's no issue with the agent, you can work it out yourself.

The support is good.

Positive

The initial setup is easy. We only have one option available right now: on the cloud. It gets applied to endpoints, but it's cloud-based.

It is very easy to integrate this product into our existing environment.

It's a premium product.

From my end, it works. But it can be recommended or viewed by a personal customer. We are not the sole user of CrowdStrike Falcon. It's the end user.

I would recommend using it. For me, it is the best product ever. Overall, I would rate it an eight out of ten.  

We use CrowdStrike Falcon to investigate security detections for malicious activities in our environment.

CrowdStrike utilizes machine learning algorithms and detection rules to generate alerts for suspicious activity within our environment. We then investigate these detections individually, analyzing the details of each event.

In addition to automated detection, CrowdStrike allows for custom queries. For instance, if we need to investigate a specific host, we can leverage a cloud security language to examine its activity. Similarly, we can use CrowdStrike to search for activity related to particular users or hosts.

CrowdStrike Falcon provides significant additional value. It excels at identifying suspicious activity the moment an application appears in the environment, immediately bringing these incidents to the attention of our response team. Upon receiving an alert, our team can investigate and take appropriate action if anything malicious is found. In essence, CrowdStrike Falcon acts as a strong barrier against attackers.

In the past 3 years, we have encountered many scenarios where CrowdStrike Falcon has helped mitigate potential security breaches.

The detection and response console is the most valuable feature.

We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike. In these cases, the access disable process can be quite slow.

I'm using CrowdStrike Query Language, and I've noticed an issue with event backups. Searches exceeding a certain event threshold aren't capturing all results. For instance, if I run a search that returns 10,000 events in a single day, only 2,000 events are backed up. This limitation with CrowdStrike Query Language needs to be investigated.

I have been using CrowdStrike Falcon for over 3 years.

CrowdStrike Falcon is generally stable, although event searches may occasionally experience slow performance.

CrowdStrike Falcon's scalability is dependent on the license acquired.

The technical support live chat can experience long wait times. Submitting a ticket may result in a quicker response.

The company was using Carbon Black before I joined. When I came on board, they decided to switch to CrowdStrike.

I would rate CrowdStrike Falcon 9 out of 10.

CrowdStrike Falcon is deployed across multiple end-user systems and locations.

I recommend CrowdStrike Falcon. It's a wonderful security platform that's easy to use and requires minimal effort to maintain.

Our organization uses CrowdStrike Falcon for a variety of security tasks, including incident response, investigations, malware analysis, and threat hunting. This comprehensive platform excels at detecting malware across various technologies and endpoints within our environment.

CrowdStrike Falcon functions as a threat detection platform. It identifies malware based on pre-defined signatures and rules. Upon detection, it triggers a response and provides a dashboard for further analysis. This allows us to assess if the malware poses a risk to our organization or if it's a false positive. For confirmed threats, we can then delve deeper for a thorough investigation to uncover any underlying malicious intent.

Our primary goal is to prevent malware-related risks proactively. By leveraging CrowdStrike Falcon, a premium endpoint detection and response tool, we can safeguard our organization from malware exploitation attempts employed by hackers.

The primary advantage of CrowdStrike Falcon is twofold: reducing malware risk and providing advanced investigation capabilities. Traditional antivirus solutions struggle to keep pace with ever-evolving malware threats. CrowdStrike Falcon utilizes cutting-edge technology to proactively prevent these threats, minimizing the risk of infection. Falcon also features a threat intelligence platform that keeps us informed about the latest global malware threats and compromised tactics. This real-time awareness empowers us to proactively prevent threats before they impact our environment.

Recently CrowdStrike Falcon detected and mitigated malware that would have compromised several vulnerabilities in our environment.

Falcon's real-time response capability ensures we can quickly access any compromised host. This is a valuable advantage over other EDR tools.

The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities.

I've found that CrowdStrike's technical support could benefit from increased technical expertise. In my experience, their representatives haven't been able to resolve my issues as effectively as I would have liked.

I have been using CrowdStrike Falcon for 1.5 years.

I would rate the stability of CrowdStrike Falcon nine out of ten.

I would rate the scalability of CrowdStrike Falcon eight out of ten.

I've found the technical support staff to be less knowledgeable than I'd expect. Ideally, they should have expertise in all CrowdStrike modules, as we utilize a wide range of them.

Neutral

We previously used security solutions from Symantec, Trend Micro, Trellix, and Mandiant. However, CrowdStrike Falcon stood out as a more premium offering. Its advanced capabilities and comprehensive approach to security ultimately led us to switch providers after careful consideration of several factors.

The initial deployment was straightforward and took less than 15 days to complete.

There were between 30 to 40 people involved in the deployment. 

Our security engineering team implemented CrowdStrike Falcon entirely in-house. We also received some support from our internal desktop team and leveraged the expertise of an internal managed service provider team. No third-party vendors were involved in the deployment.

CrowdStrike Falcon is more expensive than other EDR solutions with similar features.

I would rate CrowdStrike Falcon nine out of ten.

After deployment, there are some simple maintenance tasks to keep everything functioning well.

New users should learn about the different modules of CrowdStrike Falcon and their functionalities to work effectively with the tool.

I'm a security analyst. We get alerts on the cloud side that appear in the CrowdStrike console and also in our email. We can consolidate them on the console and check the process tree. You can see the hostname, user details, and all the information on the right side.  On the file part, we can see whether the malicious file has been executed and decode it to see where the hash appears.

I worked with an event-tracking tool before I started working at this company, and any insights that were triggered in that tool would be noted in the infrastructure certificate tool. The information we gather from CrowdStrike will be updated in Azure, so all the information, resolutions, etc. will be added to Azure. We can check the activity and whether the malicious file is being blocked, quarantined, or allowed.

I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution. We determine the root cause of an alert and contact the end user via our Slack channel if necessary to gather additional information to determine whether they know about the activity. We can download and investigate the malicious file in the sandbox to see what's happening. We check to see if it has been executed. We can easily delete it in the CrowdStrike console if it hasn't.

I have used CrowdStrike for two years. 

I rate CrowdStrike Falcon ten out of ten for stability. 

I rate CrowdStrike Falcon ten out of ten for scalability. 

I rate CrowdStrike support eight out of ten. They respond quickly on weekdays, but the weekend response times are slower. 

Positive

I'm working on two projects. One is using CrowdStrike Falcon and the other is using Crowdstrike XDR, which is the advanced version.

Falcon is a cloud-based platform so deployment is easy. You only need to deploy the agent to the endpoints, but the data is stored in CrowdStrike. 

I rate CrowdStrike Falcon ten out of ten. I would recommend Falcon to others. 

Due to compliance requirements, our organization utilizes CrowdStrike Falcon as our Endpoint Detection and Response solution. This decision was particularly driven by the need to address a surge of ransomware attacks within our environment, experiencing between ten and 15 incidents at the time. The implementation of an EDR solution became crucial for effectively responding to these threats.

Our existing system lacked real-time monitoring and visibility, causing detection delays of even several minutes. CrowdStrike addressed this by offering near-instantaneous detection across the entire system. Furthermore, it allows for manual or automated response actions, significantly improving our overall incident response speed.

Integrating CrowdStrike Falcon with other solutions such as our SIEM was easy.

The key aspect of CrowdStrike Falcon is its behavioral detection approach. Unlike traditional signature-based platforms that rely on pre-defined patterns, Falcon analyzes an application's behavior to identify and respond to threats much faster. This makes it lightweight and minimizes impact on system performance. The sandbox feature is also valuable, while it incurs an additional cost, it can be valuable for deeper investigation.

The UI is not efficient. We are required to dig down to get more information, jumping from screen to screen.

I have been using CrowdStrike Falcon for three and a half years.

CrowdStrike Falcon generally ran smoothly with minimal lag.

CrowdStrike Falcon meets our scaling needs. To increase usage we simply add more agents.

Frustrated by CrowdStrike's slow and inconsistent technical support, we ended up having more success researching and resolving the issue ourselves.

Neutral

Leveraging the cloud platform, the initial deployment was straightforward. We simply needed to activate and deploy the agents. While configuration for a seasoned professional only took one to two hours, the entire deployment process typically takes a couple of days.

CrowdStrike Falcon can be more expensive than some competitors, and its base price doesn't cover every feature. For instance, adding sandboxing for advanced malware analysis incurs an extra cost.

We evaluated CrowdStrike and SentinelOne. However, since we bought the CrowdStrike, we did not move forward with SentinelOne.

CrowdStrike stands out for its superior threat detection speed, lightweight agents that don't impact system performance, and its helpful recommendations for responding to threats. This combination allows us to swiftly stop even unknown threats in their tracks.

I would rate CrowdStrike Falcon eight out of ten.

Two engineers max are required for maintenance.

We have 5,000 CrowdStrike Falcon users within our organization.

CrowdStrike Falcon utilizes a behavioral approach to security, proactively identifying threats based on their actions rather than relying on pre-defined signatures. This allows for faster response times compared to traditional signature-based systems.

We rely on CrowdStrike Falcon for comprehensive threat detection, prevention, and valuable insights. This robust solution also offers identity protection features. Our dedicated team of six professionals effectively manages the platform, ensuring its effectiveness across multiple locations, including our data centers and core facility.

CrowdStrike's advanced detection and prevention capabilities offer a superior level of protection against potential threats. Its unique feature of automated rules is designed to effectively confine threats at the device level. This automatic confinement of high alerts ensures that the device is secured immediately, buying crucial time for the dedicated response team to identify and neutralize the threat. This proactive strategy not only minimizes the potential impact of threats but also guarantees a rapid and efficient response to any security incidents, thereby enhancing the overall security posture.

We appreciate Falcon's network visibility feature as it allows us to monitor the evolution of threats on PCs and within the company network. The solution's real-time incident response is notably swift. Initially, we encountered numerous false positives during the project initiation phase. However, we managed to resolve most of them independently or with assistance from CrowdStrike support. Consequently, our security levels were significantly improved, and we elevated all parameters to their maximum. Currently, we seldom encounter false positives. Most of these were low-level alerts, while the high-level alerts were automatically quarantined.

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

We have been using CrowdStrike Falcon for nearly five years already.

Crowdstrike Falcon demonstrates exceptional stability once it has been properly configured with the appropriate settings. While there may be a period of adaptation and configuration required to ensure optimal performance, once the solution is in place, it operates with remarkable stability. Users can rely on Crowdstrike Falcon to consistently deliver reliable and secure protection without significant disruptions or instability.

I would rate Crowdstrike Falcon a nine out of 10 for scalability. It offers seamless scalability, allowing easy expansion of the sensor deployment to accommodate growing needs. However, it's worth noting that the primary limitation one may encounter is the cost associated with deploying additional sensors.

I rate CrowdStrike support nine out of 10. It's fantastic. 

Positive

We made the switch from Symantec to Falcon because we required a solution that offered greater speed, reliability, and the ability to effectively handle the wide range of advanced threats present in the wild.

The initial setup of Crowdstrike Falcon was straightforward and efficient. The cloud-based deployment process was seamless for most components, with the exception of the sensors. Deploying the sensors to PCs was automated and hassle-free, requiring just a few minutes per device. However, to ensure the highest level of protection and customization, we opted to manually install the sensors on our servers. This hands-on approach allowed us to have greater control and assurance over the server deployment, ensuring the best possible protection for our critical infrastructure.

We've seen an ROI in terms of time saved. It's probably around 5 percent. 

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

Of course but I can't disclose this information.

I rate Crowdstrike Falcon nine out of 10. 

A lot of customers face ransomware and malware attacks. The solution helps protect endpoints and servers from ransomware and malware attacks.

The solution has multiple layers of security, including web security. We can monitor endpoints, conduct root cause analysis, and find geolocations. If the tool finds any suspicious activity, it blocks and remediates it.

The solution makes our security operations easier. After an incident, we get complete reports and insights. The product provides good monitoring features. The product also has teams that help customers find suspicious activities. The team calls and asks us to check the updates and remediate issues. If the system can remediate it, the team does it through the system. The detection and response are in real-time. There are no security breaches. Resolving issues doesn’t take much time.

The tool is more expensive than other products in the market.

I have been using the solution for more than 3 years.

I did not have any stability issues.

It is easy to scale up. We just need to add the licenses. The product is suitable for small, medium, and large businesses. We must buy a minimum of 50 licenses.

The support is excellent. We rarely need support.

Positive

The initial setup is pretty simple and clear. The time taken for deployment depends on the endpoints. It's a cloud solution. We can use Active Directory or the group policies to deploy it.

The product has a lot of use cases. There are companies that need to run their operations 24/7. It will be a big challenge if their server or infrastructure goes down. They cannot afford downtime. They need to choose the right solution for their needs.

The price depends on the kind of service we need. If we need excellent service, we must pay a reasonable price. We can choose any pricing model if we do not want excellent service. The product is excellent. We need to pay a premium price for the tool.

Microsoft Defender Threat Intelligence, IBM, and Cisco are some competitors. CrowdStrike entered the market with a USP to protect endpoint servers. It has a different approach. Malwarebytes has a similar setup. I prefer CrowdStrike, though.

I will recommend the tool to others depending on their budget. If customers have a good budget and need a premium product, they can choose CrowdStrike. No product is perfect. Overall, I rate the tool an 8 out of 10.

We use it for threat detection and threat hunting.

We are an MSP. We have deployed this in our customer environment, and we use it to detect threats in their environment. It is beneficial for customers to find cybersecurity-related threats on the endpoints.

The out-of-the-box configurations and threat intelligence provided by CrowdStrike are better than other vendors and competitors in this field. It improves our security strategy because we are building threat intelligence on top of CrowdStrike-provided detection.

We are building SIEM use cases on top of the data provided by CrowdStrike. There is reliability, and the response that we get from it is very fast. If any incident happens on the endpoint, it immediately detects that and sends that to our SIEM.

Endpoint security is a very crucial aspect of cybersecurity. Integrating CrowdStrike helps a lot to identify and dig deeper into the threats.

Its integration capability is valuable. It integrates easily with any OS. 

They are good at what they are doing, but they can add more use cases. They can improve their documentation. It is a very big aspect where they are lacking. They have documentation, but it is behind the wall of authentication. It is not available publicly.

In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it. If they can add more information about an event, it will be beneficial for us and everyone else who is using CrowdStrike.

I have been using this solution for four years. I have had hands-on experience with it for about two to three years.

It is a stable product.

I have not interacted with their support team. It is not a part of my job.

I work with multiple vendors, not only CrowdStrike, in the endpoint space, and the CrowdStrike UI is better than others. The response of CrowdStrike is better than other vendors.

It is deployed on the cloud. Its deployment is of moderate complexity. It is not easy, and it is also not difficult. Overall, it is easy to deploy and manage CrowdStrike Falcon across the organization.

I would definitely recommend CrowdStrike Falcon. It is better than other solutions, such as VMware Carbon Black. CrowdStrike is doing better in this space. 

If you are using CrowdStrike Falcon for the first time, it will be easy for you. You can definitely use it.

Overall, I would rate CrowdStrike Falcon an eight out of ten.