CrowdStrike Falcon Reviews

We use it for threat detection and threat hunting.

We are an MSP. We have deployed this in our customer environment, and we use it to detect threats in their environment. It is beneficial for customers to find cybersecurity-related threats on the endpoints.

The out-of-the-box configurations and threat intelligence provided by CrowdStrike are better than other vendors and competitors in this field. It improves our security strategy because we are building threat intelligence on top of CrowdStrike-provided detection.

We are building SIEM use cases on top of the data provided by CrowdStrike. There is reliability, and the response that we get from it is very fast. If any incident happens on the endpoint, it immediately detects that and sends that to our SIEM.

Endpoint security is a very crucial aspect of cybersecurity. Integrating CrowdStrike helps a lot to identify and dig deeper into the threats.

Its integration capability is valuable. It integrates easily with any OS. 

They are good at what they are doing, but they can add more use cases. They can improve their documentation. It is a very big aspect where they are lacking. They have documentation, but it is behind the wall of authentication. It is not available publicly.

In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it. If they can add more information about an event, it will be beneficial for us and everyone else who is using CrowdStrike.

I have been using this solution for four years. I have had hands-on experience with it for about two to three years.

It is a stable product.

I have not interacted with their support team. It is not a part of my job.

I work with multiple vendors, not only CrowdStrike, in the endpoint space, and the CrowdStrike UI is better than others. The response of CrowdStrike is better than other vendors.

It is deployed on the cloud. Its deployment is of moderate complexity. It is not easy, and it is also not difficult. Overall, it is easy to deploy and manage CrowdStrike Falcon across the organization.

I would definitely recommend CrowdStrike Falcon. It is better than other solutions, such as VMware Carbon Black. CrowdStrike is doing better in this space. 

If you are using CrowdStrike Falcon for the first time, it will be easy for you. You can definitely use it.

Overall, I would rate CrowdStrike Falcon an eight out of ten. 

Our organization relies on CrowdStrike, a standalone endpoint security solution, to safeguard our bare-metal machines. CrowdStrike continuously monitors for threats on all endpoints. If it detects any suspicious activity, such as malware or malicious processes, it immediately alerts us for investigation. 

The malware protection is the most valuable feature of CrowdStrike Falcon.

The current database schema presents challenges and has potential for improvement.

The technical support response time can be improved.

There are a lot of false positives reported.

I have been using CrowdStrike Falcon for almost four years.

CrowdStrike Falcon is stable. 

CrowdStrike Falcon is scalable.

The technical support is good but the response time can be improved.

Positive

We previously used VMware Carbon Black Endpoint. CrowdStrike Falcon is more of an EDR solution.

I would rate CrowdStrike Falcon a seven out of ten.

The maintenance is straightforward.

CrowdStrike Falcon is deployed independently in our environment and we have 30 users.

While CrowdStrike Falcon offers valuable security tools for larger organizations with extensive infrastructure, its complexity might not be ideal for smaller businesses with limited IT resources.

Our primary use case is IPS and IDS.

CrowdStrike Falcon is extensively used by all 2,000 employees.

The most valuable features are the complete IPS and IDS. Both the feature provide good measures for threat detection and prevent network intrusions. 

Forensic controls have room for improvement, and CrowdStrike Falcon can add more features here.

Another improvement could be the support for this product could be cheaper.

I have been using CrowdStrike Falcon for two years. We are using version 6.5.1.

It is a stable solution. I would rate it a nine out of ten.

The scalability of CrowdStrike Falcon is quite good. There are around 2,000 users in our organization. I would rate it an eight out of ten. There are a few things, such as the forensic part and the investigation, that can be improved.

I have worked on many other IDS solutions, but I found CrowdStrike Falcon to be the best.

The setup is pretty straightforward. The deployment took some time because we didn't have an NBM solution. We installed it two years ago. But now it's clear, and we don't need much time to deploy it.

The tech support is good but can be expensive when it goes out of the subscription.

I have seen a good return on investment.

There is a license-based model. We use the yearly license. I would rate pricing a seven out of ten, where one is cheap, and ten is very expensive.

I highly recommend people use CrowdStrike Falcon. Overall, I rate it a nine out of ten.

We use the EDR feature.

This is unlike any other EDR solution that I am familiar with. It provides very good protection and the ability to crosscheck environments. It's really helpful in investigating any alerts and is easy to use. You can use some of the Splunk language to search. 

We've tried some integrations with solutions, closing off false positives and things like that. Falcon could include more features in that area. In addition, some features are modularized and we're unable to buy them as we're in the healthcare field and limited in the amount we can invest. 

I've been using this product for close to 18 months. 

We haven't had any stability issues. 

The solution is very scalable but we had issues with some groups, that manage their own devices and wanted to have access to self-manage them. We weren't able to do that, unfortunately.

My team has interacted with tech support and I believe the issues were resolved in a timely manner.

Positive

We previously used other solutions such as Setinel One.

The initial setup was very straightforward and smooth.

Falcon is more expensive than every other solution on the market. That said, they do have a better product than anyone else.

Some of the default settings are set to 'easy' which isn't sufficient. We had some conversations around this and the recommendation was to change some of these settings to more aggressive ones on the policy side. I know some organizations have had issues automatically updating CrowdStrike to the latest version. I recommend going through the change process but saving it at minus one for a while to avoid all the negative downtimes where you might need to roll back to the previous update.

When we switched to CrowdStrike, we didn't expect it to find anything that was already on the computer because the primary reason we swapped was because of EDR. But it did find things that were dormant as well as other things.

I rate this solution nine out of 10. 

The solution is primarily utilized for EDR and XDR capabilities, with some identity management features integrated through Falcon. In essence, it is employed like other endpoint protection platforms.

CrowdStrike Falcon no longer stands out compared to other endpoint protection platforms like Carbon Black or Microsoft Defender. Therefore, neither is superior to the other when used in our organization.

Regarding features, I appreciate its integration capabilities with identity providers, but it would have been better if they had their own identity product. The documentation is well-done in the solution.

CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition.

I would like to see CrowdStrike become closer to an agentless solution where I wouldn't have to deploy software and maintain the version of the solution.

I have been using CrowdStrike Falcon for a year. Also, I am using the solution's latest version.

There is no doubt about the stability of the solution. Stability-wise, I rate the solution a ten out of ten.

The solution has been successfully deployed in thousands of enterprises, so it is proven to be scalable. Major customers are using it, indicating that scalability is not a concern.

There are two numbers to reach out to the technical support team. Considering the time taken to reach out to them with a request and get a response, I rate them a ten. Based on the technical skills of the customer support team to solve a problem, I rate them between a six and seven.

Positive

The initial setup process of the solution was straightforward. However, it is important to note that I was only setting up the solution in a POC (Proof of Concept) environment and not in a production one.

That's a difficult question to answer because CrowdStrike Falcon was implemented to replace a previous solution. While it was cheaper than the previous solution, the only initial return on investment was cost savings, as we have not yet developed key performance indicators to measure the security benefits of using CrowdStrike Falcon.

The effectiveness of a solution is not always easily measurable by simply avoiding a hack on a given day. Instead, it often requires analyzing reporting data to determine its environmental impact. This data must then be used to calculate the return on investment and compare it to the cost of ownership. In my experience, the only clear return on investment has been in the initial deployment of the solution. The solution's price has typically been lower than that of previous solutions.

In my opinion, the pricing of CrowdStrike Falcon seems aggressive.

I recommend anyone planning to use CrowdStrike Falcon to ensure that they have an integration team. This is because the solution does not have many built-in features, and it relies on partnership integration with other significant players, such as identity and network vulnerability solutions. Consequently, when deploying CrowdStrike, hiring additional personnel is necessary to comprehend the integration process. If CrowdStrike is ranked number one, then Microsoft is above CrowdStrike due to its fully integrated features. If Microsoft ever got details of incorrect licenses, it would run CrowdStrike out of business. Overall, I rate the product eight point nine out of ten.

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

I've been using the solution for 15 months. 

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

We have 55 people currently using the solution. 

This is a scalable product.

We have yet to contact technical support. I can't speak to how their services are. 

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

We are a partner and therefore get the solution for free. 

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten. 

We primarily use the solution for antivirus and endpoint security.

I like its detection capabilities, number one. It's also very light. It doesn't slow down my machine.

The solution is stable.

It's quite scalable. 

The pricing is a bit too high. They need to adjust their target market.

I'd like to see a risk assessment or vulnerability management feature to show the company risk factors for the endpoints that have Crowdstrike deployed. 

I'm not sure if they offer patch management. If they don't, they really should. For larger enterprises, managing all those endpoints and trying to figure out which needs a patch can get tedious.

I've used the solution for a few months. We're still in the initial engagement.

The stability is very good. I can't complain about it. The only concern would be pricing. For this market, it's mostly SMEs and mid-market that we would target, and many would be those looking for antivirus or endpoint security.

The product is scalable. We have about 15 people working on it right now. 

We just went through training and were able to do most things ourselves. We haven't needed technical support.

I'm also working with Bitdefender. 

I switched companies. My previous company was using Crowdstrike and my new one is on Bitdefender. It uses multiple Bitdefender products.

They do have relatively high pricing. 

The target market is large enterprises. Maybe they could work on something that can be offered to even small and medium markets.

I was working for a vendor, and we were sharing pricing with a large enterprise, and it was around $800,000 USD or thereabout.

I was a Crowdstrike partner and was working with the vendor. I've since changed jobs. 

Whether or not it makes sense to use the solution depends on your budget and your pocket. The features are pretty similar to other options. Whether or not it makes sense to use depends on what you're looking for in endpoint security.

I'd rate the solution eight out of ten.

The solution is for alerts. It will trigger if there is malicious traffic or some scripting attack. Any attack that is there, then it'll alert automatically.

We can protect against the worst level of attacks. We can see everything from the dashboard.

The vulnerability monitoring is great.

It's very easy to set up.

The performance could be better. It's a bit slow. When we click to launch the dashboard, it should be more responsive.

I've been using the solution for the last six months. 

The performance could be better. It's a little bit slow. 

It's not very stable. We can't seem to support the latest version.

We don't really handle the scaling. I can't speak to that aspect of the product.

We have about 300 to 400 agents running.

Technical support is great.

Positive

We did previously use a different solution. The security team made the decision to switch. It wasn't a decision from an operations standpoint. 

We just install the agent and whatever other notes you need to monitor.

It is straightforward to set up the solution. 

There's no deployment. We just run the agents and those will take care the deployments. The security team will take care of the deployment part. Therefore, we just install the agents and hand over the environment to them. They will monitor everything.

We don't need any outside help, really. Mostly they will give you the links and how you need to deploy everything. Based on that information, we'll follow that advice.

I'm not sure of the exact cost of the solution. 

We are on the latest update of the solution. 

There isn't really any specific knowledge required to use CrowdStrike, apart from maybe general knowledge of cyber security.

I'd rate the solution seven out of ten. If it had better performance, I would rate it higher.