CrowdStrike Falcon Reviews

The Insight feature is one we found the most useful. It does behavior-based analysis and gives us the most appropriate information.

The initial setup was easy.

It's pretty stable.

The scalability is good.

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files.

The product could be more accurate in terms of performance.

We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

I've been working with the solution for three years. 

With CrowdStrike, we have found that there are a few missed detections. We would not say it is completely reliable or 100% reliable, however, the ratio of missed detection is more in CrowdStrike. In SentinelOne, we found that it was more accurate. We are seeing it act more efficiently.

We haven't had any issues with scalability. Being a cloud solution, it can scale well. 

Technical support is average. We are not seeing any extraordinary service and not many issues also. It's average, it is as expected.

I'm also familiar with Symantec, Trend Micro, SentinelOne, and FireEye.

The initial setup was pretty straightforward. It's not overly complex. You still need expertise, however, it's pretty reasonable. 

We did not need any outside assistance. 

The pricing of the solution is average. 

We are a managed security service provider.

We are using a SaaS offering and therefore, in terms of the version, we are not bothering so much on worrying which we are on. It is automatically getting updated. We are running on the latest version at all times.

While I would recommend the solution, CrowdStrike, when it first came into the market, it was sort of a single choice for many customers. Now, we can see there are many other competitors also. Those are providing pretty good functionalities in a more efficient way. We could see that other solutions are better than CrowdStrike.

I'd rate the solution seven out of ten.

There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers. 

I started using EDR, but now they have different offerings relating to theft, security, ID theft security and XPR. Their channel management team is very good and we like working with them.

In a future release, I would like to see more integrations for data breaches and security features.

I have been using this solution for two years. 

It's very stable and the whole management console is fast. 

Once you are onboarded, they can activate different features on the same platform for you. You don't need to do the redeployment every time you click on a feature for the customer. This makes upselling really easy.

The customer support for this solution is good. We have not had any bad feedback from customers. They are very quick to the call and have been very supportive and helpful.

Positive

The initial setup is straightforward. There are a number of ways you can deploy the agent through the Play Store. The deployment is not very complex unless the customer's environment is very complex.

 CrowdStrike is well priced. On a yearly basis, it costs between $60 and $100 per user.

We compared CrowdStrike Falcon with Trend Micro, Trellix or SentinelOne.

When we talk about security to customers, we include consideration of Cisco to give them unified security plus XDR.

We use CrowdStrike Falcon for intrusion prevention management.

CrowdStrike Falcon proactively blocks threats and provides us with insights.

CrowdStrike Falcon integration is seamless.

The endpoint and server management are the most valuable features of CrowdStrike Falcon.

CrowdStrike Falcon's GUI requires improvement for user-friendliness. The console's available options are unclear, making it difficult to understand and extract details. Additionally, correlating information within the console and reports proves challenging.

I have been using CrowdStrike Falcon for two years.

CrowdStrike Falcon had some initial stability issues in our environment, likely due to its new integration. However, it appears to have matured and is now functioning reliably.

Being cloud-based, CrowdStrike Falcon offers easy scalability. Adding licenses through procurement increases resources without the need for additional hardware, making scaling straightforward.

While the technical support meets all response time commitments outlined in our Service Level Agreement, some users believe they should strive for a higher standard – a Security Level Target. This means responding to security incidents immediately, not just within SLA windows. Security tools are crucial for our environment's protection, and their use shouldn't be limited by SLA constraints.

Positive

After using Symantec, Trend Micro, McAfee, and VMware Carbon Black, we migrated to CrowdStrike Falcon due to a lack of support from the previous vendors and their shortcomings in comprehensive threat detection.

I would rate CrowdStrike Falcon eight out of ten.

The maintenance required is reasonable.

We have 6,000 endpoints in our environment.

CrowdStrike Falcon shines with its user-friendliness, providing clear insights into the endpoint environment. Proactive features are a major plus, offering actionable items and valuable attack path simulations that empower better decision-making.

We are a CrowdStrike Falcon distributor that helps clients monitor their environments for malicious activity coming from the internet.

Both users and administrators find CrowdStrike Falcon easy to use.

I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon.

To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features. The separate model pricing structure can make it challenging for clients to gain approval for their security needs.

CrowdStrike could consider regional pricing models to better reflect the economic realities of different markets.

I have been using CrowdStrike Falcon for 2 years.

CrowdStrike Falcon is stable.

CrowdStrike Falcon is scalable.

We have also used Sophos. CrowdStrike Falcon is a better solution but Sophos is more affordable.

The deployment is straightforward.

The cost of CrowdStrike Falcon in Latin America seems high relative to the economic conditions in the region.

I would rate CrowdStrike Falcon 9 out of 10.

To realize the benefits of CrowdStrike Falcon, it's recommended to conduct a proof of concept first. You should then start to see the advantages within a few months.

No maintenance is required from our end.

To ensure the successful implementation of CrowdStrike Falcon, it's essential to have a complete network map and inventory of all resources and devices.

We use it for threat detection and threat hunting.

We are an MSP. We have deployed this in our customer environment, and we use it to detect threats in their environment. It is beneficial for customers to find cybersecurity-related threats on the endpoints.

The out-of-the-box configurations and threat intelligence provided by CrowdStrike are better than other vendors and competitors in this field. It improves our security strategy because we are building threat intelligence on top of CrowdStrike-provided detection.

We are building SIEM use cases on top of the data provided by CrowdStrike. There is reliability, and the response that we get from it is very fast. If any incident happens on the endpoint, it immediately detects that and sends that to our SIEM.

Endpoint security is a very crucial aspect of cybersecurity. Integrating CrowdStrike helps a lot to identify and dig deeper into the threats.

Its integration capability is valuable. It integrates easily with any OS. 

They are good at what they are doing, but they can add more use cases. They can improve their documentation. It is a very big aspect where they are lacking. They have documentation, but it is behind the wall of authentication. It is not available publicly.

In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it. If they can add more information about an event, it will be beneficial for us and everyone else who is using CrowdStrike.

I have been using this solution for four years. I have had hands-on experience with it for about two to three years.

It is a stable product.

I have not interacted with their support team. It is not a part of my job.

I work with multiple vendors, not only CrowdStrike, in the endpoint space, and the CrowdStrike UI is better than others. The response of CrowdStrike is better than other vendors.

It is deployed on the cloud. Its deployment is of moderate complexity. It is not easy, and it is also not difficult. Overall, it is easy to deploy and manage CrowdStrike Falcon across the organization.

I would definitely recommend CrowdStrike Falcon. It is better than other solutions, such as VMware Carbon Black. CrowdStrike is doing better in this space. 

If you are using CrowdStrike Falcon for the first time, it will be easy for you. You can definitely use it.

Overall, I would rate CrowdStrike Falcon an eight out of ten. 

Our organization relies on CrowdStrike, a standalone endpoint security solution, to safeguard our bare-metal machines. CrowdStrike continuously monitors for threats on all endpoints. If it detects any suspicious activity, such as malware or malicious processes, it immediately alerts us for investigation. 

The malware protection is the most valuable feature of CrowdStrike Falcon.

The current database schema presents challenges and has potential for improvement.

The technical support response time can be improved.

There are a lot of false positives reported.

I have been using CrowdStrike Falcon for almost four years.

CrowdStrike Falcon is stable. 

CrowdStrike Falcon is scalable.

The technical support is good but the response time can be improved.

Positive

We previously used VMware Carbon Black Endpoint. CrowdStrike Falcon is more of an EDR solution.

I would rate CrowdStrike Falcon a seven out of ten.

The maintenance is straightforward.

CrowdStrike Falcon is deployed independently in our environment and we have 30 users.

While CrowdStrike Falcon offers valuable security tools for larger organizations with extensive infrastructure, its complexity might not be ideal for smaller businesses with limited IT resources.

Our primary use case is IPS and IDS.

CrowdStrike Falcon is extensively used by all 2,000 employees.

The most valuable features are the complete IPS and IDS. Both the feature provide good measures for threat detection and prevent network intrusions. 

Forensic controls have room for improvement, and CrowdStrike Falcon can add more features here.

Another improvement could be the support for this product could be cheaper.

I have been using CrowdStrike Falcon for two years. We are using version 6.5.1.

It is a stable solution. I would rate it a nine out of ten.

The scalability of CrowdStrike Falcon is quite good. There are around 2,000 users in our organization. I would rate it an eight out of ten. There are a few things, such as the forensic part and the investigation, that can be improved.

I have worked on many other IDS solutions, but I found CrowdStrike Falcon to be the best.

The setup is pretty straightforward. The deployment took some time because we didn't have an NBM solution. We installed it two years ago. But now it's clear, and we don't need much time to deploy it.

The tech support is good but can be expensive when it goes out of the subscription.

I have seen a good return on investment.

There is a license-based model. We use the yearly license. I would rate pricing a seven out of ten, where one is cheap, and ten is very expensive.

I highly recommend people use CrowdStrike Falcon. Overall, I rate it a nine out of ten.

We use the EDR feature.

This is unlike any other EDR solution that I am familiar with. It provides very good protection and the ability to crosscheck environments. It's really helpful in investigating any alerts and is easy to use. You can use some of the Splunk language to search. 

We've tried some integrations with solutions, closing off false positives and things like that. Falcon could include more features in that area. In addition, some features are modularized and we're unable to buy them as we're in the healthcare field and limited in the amount we can invest. 

I've been using this product for close to 18 months. 

We haven't had any stability issues. 

The solution is very scalable but we had issues with some groups, that manage their own devices and wanted to have access to self-manage them. We weren't able to do that, unfortunately.

My team has interacted with tech support and I believe the issues were resolved in a timely manner.

Positive

We previously used other solutions such as Setinel One.

The initial setup was very straightforward and smooth.

Falcon is more expensive than every other solution on the market. That said, they do have a better product than anyone else.

Some of the default settings are set to 'easy' which isn't sufficient. We had some conversations around this and the recommendation was to change some of these settings to more aggressive ones on the policy side. I know some organizations have had issues automatically updating CrowdStrike to the latest version. I recommend going through the change process but saving it at minus one for a while to avoid all the negative downtimes where you might need to roll back to the previous update.

When we switched to CrowdStrike, we didn't expect it to find anything that was already on the computer because the primary reason we swapped was because of EDR. But it did find things that were dormant as well as other things.

I rate this solution nine out of 10. 

The solution is primarily utilized for EDR and XDR capabilities, with some identity management features integrated through Falcon. In essence, it is employed like other endpoint protection platforms.

CrowdStrike Falcon no longer stands out compared to other endpoint protection platforms like Carbon Black or Microsoft Defender. Therefore, neither is superior to the other when used in our organization.

Regarding features, I appreciate its integration capabilities with identity providers, but it would have been better if they had their own identity product. The documentation is well-done in the solution.

CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition.

I would like to see CrowdStrike become closer to an agentless solution where I wouldn't have to deploy software and maintain the version of the solution.

I have been using CrowdStrike Falcon for a year. Also, I am using the solution's latest version.

There is no doubt about the stability of the solution. Stability-wise, I rate the solution a ten out of ten.

The solution has been successfully deployed in thousands of enterprises, so it is proven to be scalable. Major customers are using it, indicating that scalability is not a concern.

There are two numbers to reach out to the technical support team. Considering the time taken to reach out to them with a request and get a response, I rate them a ten. Based on the technical skills of the customer support team to solve a problem, I rate them between a six and seven.

Positive

The initial setup process of the solution was straightforward. However, it is important to note that I was only setting up the solution in a POC (Proof of Concept) environment and not in a production one.

That's a difficult question to answer because CrowdStrike Falcon was implemented to replace a previous solution. While it was cheaper than the previous solution, the only initial return on investment was cost savings, as we have not yet developed key performance indicators to measure the security benefits of using CrowdStrike Falcon.

The effectiveness of a solution is not always easily measurable by simply avoiding a hack on a given day. Instead, it often requires analyzing reporting data to determine its environmental impact. This data must then be used to calculate the return on investment and compare it to the cost of ownership. In my experience, the only clear return on investment has been in the initial deployment of the solution. The solution's price has typically been lower than that of previous solutions.

In my opinion, the pricing of CrowdStrike Falcon seems aggressive.

I recommend anyone planning to use CrowdStrike Falcon to ensure that they have an integration team. This is because the solution does not have many built-in features, and it relies on partnership integration with other significant players, such as identity and network vulnerability solutions. Consequently, when deploying CrowdStrike, hiring additional personnel is necessary to comprehend the integration process. If CrowdStrike is ranked number one, then Microsoft is above CrowdStrike due to its fully integrated features. If Microsoft ever got details of incorrect licenses, it would run CrowdStrike out of business. Overall, I rate the product eight point nine out of ten.

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

I've been using the solution for 15 months. 

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

We have 55 people currently using the solution. 

This is a scalable product.

We have yet to contact technical support. I can't speak to how their services are. 

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

We are a partner and therefore get the solution for free. 

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten.