CrowdStrike Falcon is used for incident response.
IT Specialist at a consultancy with 1-10 employees
Remote investigations with enhanced visibility and easy to use
Pros and Cons
- "The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features."
- "The new interface, the UI, seems a bit messy."
What is our primary use case?
How has it helped my organization?
It is very easy to hunt a threat in the organization. It keeps logs, making it very easy to investigate any kind of incident using CrowdStrike by looking at the processes that are running on a machine. There's more visibility over the endpoint through CrowdStrike.
What is most valuable?
The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features.
What needs improvement?
The new interface, the UI, seems a bit messy. The previous one was quite clear. It might be because of my adaptation to it. That's what I see as needing improvement.
Buyer's Guide
CrowdStrike Falcon
June 2026
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.
For how long have I used the solution?
I have been using CrowdStrike Falcon for more than three years, around three and a half years.
What do I think about the stability of the solution?
It is quite stable. I would rate it eight or nine out of ten.
How are customer service and support?
I would rate customer service and support a ten. I am very satisfied with the support.
Which solution did I use previously and why did I switch?
I have used antiviruses like Symantec before. Compared to all of that, I found CrowdStrike quite striking. Even compared to Defender, I find CrowdStrike more appealing.
What was our ROI?
On the terms of investigating, I find it's quite easy to investigate an event and have a broader look at the event using CrowdStrike. I would rate the time saved around eight, nine, or even ten out of ten. Compared to Defender, it makes it faster to investigate.
What's my experience with pricing, setup cost, and licensing?
I think the pricing is quite reasonable with the services they provide.
What other advice do I have?
For an incident investigator, it's quite easy to use, and it provides great visibility over the processes.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
CTSO at Cyb3r
Provides efficient security posture and has diverse threat intelligence capabilities
Pros and Cons
- "The platform is very scalable."
- "Enhancements in reporting and forensic analysis could benefit the product."
What is our primary use case?
Our primary use case for the product is to enhance our threat intelligence capabilities. We use it to ensure comprehensive security coverage.
How has it helped my organization?
The solution has significantly improved our threat detection capabilities. It has helped us identify and respond to potential threats more effectively, contributing to our security posture. There have been no notable drawbacks; the solution meets our needs and complies with local regulations.
What is most valuable?
The product's most valuable features include its global reach and extensive threat data. Its wide exposure helps gather diverse threat intelligence, crucial for effective security management.
What needs improvement?
Enhancements in reporting and forensic analysis could benefit the product. CrowdStrike could publish detailed threat reports and analyses more consistently than other providers.
For how long have I used the solution?
I have been using CrowdStrike Falcon Threat Intelligence since early 2016.
What do I think about the stability of the solution?
I rate the platform's stability an eight.
What do I think about the scalability of the solution?
The platform is very scalable. It can effectively accommodate growing security needs, which is crucial for organizations with evolving threat landscapes.
How are customer service and support?
Customer service and support vary based on the level of service. Premium support is excellent, but standard support can be less responsive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used a different solution. We switched to CrowdStrike due to its comprehensive threat intelligence capabilities and global reach, which we found to be more effective for our needs.
How was the initial setup?
The initial setup was straightforward, with the installation taking less than two hours. However, fine-tuning alerts and configuring rules required additional time and effort.
What about the implementation team?
The implementation was carried out in-house.
What was our ROI?
The product has helped us detect threats that might have gone unnoticed, contributing to overall security.
What's my experience with pricing, setup cost, and licensing?
The product is expensive.
Which other solutions did I evaluate?
We evaluated several other options before choosing CrowdStrike. Our decision was based on the product's effectiveness and ability to meet our security requirements.
What other advice do I have?
Overall, it is a robust solution that meets our security needs. However, potential users should know the cost implications and ensure the product meets their requirements.
I rate it an eight.
Disclosure: My company has a business relationship with this vendor other than being a customer.
Buyer's Guide
CrowdStrike Falcon
June 2026
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.
Cybersecurity Analyst at a computer software company with 51-200 employees
Seamlessly integrates, is stable, and is suitable for all sized organizations
Pros and Cons
- "Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution."
- "The detection time has room for improvement."
What is our primary use case?
We use CrowdStrike Falcon for endpoint protection against malicious activity.
What is most valuable?
Among CrowdStrike Falcon's most valuable capabilities are its UEBA and SOAR functionalities, along with its seamless integration with any other SIEM solution.
What needs improvement?
The detection time has room for improvement.
For how long have I used the solution?
I have been using CrowdStrike Falcon for two years.
What do I think about the stability of the solution?
I would rate the stability of CrowdStrike Falcon ten out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of CrowdStrike Falcon a nine out of ten.
How are customer service and support?
The technical support is good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are an MSP and have used and provided IBM QRadar, Bit Defender, and CrowdStrike Falcon based on each client's requirements.
CrowdStrike Falcon is the most popular choice for our clients because of its price.
How was the initial setup?
Deploying CrowdStrike is straightforward. We initially had a technical representative guide us through the process, but now we can handle it ourselves for our clients.
One architect and two engineers are used for the deployments.
What about the implementation team?
We implement the solution for our clients.
What's my experience with pricing, setup cost, and licensing?
The licenses are offered on a one-year and two-year basis. The more endpoints an organization adds the cheaper the cost.
What other advice do I have?
I would rate CrowdStrike Falcon a ten out of ten.
Our clients range from small up to enterprise level.
The maintenance is simple. We just need to stay on top of the updates.
CrowdStrike Falcon is user-friendly and the analysis provided is good making it an efficient solution.
Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
AVP of Tech at a insurance company with 201-500 employees
Integrates well with Arctic Wolf, simple to set up, and offers excellent pricing
Pros and Cons
- "Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
- "They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."
What is our primary use case?
We use this product as an antivirus. We use it as an add-on for Arctic Wolf, which it integrates with.
What is most valuable?
The solution integrates well with Arctic Wolf.
Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue.
It's very scalable.
The stability is excellent.
I'm very impressed by its low pricing.
The initial setup was simple, and the deployment was fast.
What needs improvement?
I do not have any notes for improvement. It just works.
They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The product is rock solid. I've never had an issue with stability. It is reliable and the performance is good. There are no bugs or glitches and it doesn't crash or freeze.
What do I think about the scalability of the solution?
The product is very scalable. You can extend it as needed.
We have between 220 and 300 users at this time.
How are customer service and support?
I've never dealt with technical support.
Which solution did I use previously and why did I switch?
We had multiple other antiviruses, including Norton, Avast, and Defender. We chose Falcon due to its Arctic Wolf integration.
How was the initial setup?
The initial setup was very easy.
We did not need a lot of people to set it up. It took a couple of people and less than five hours to have everything up and running.
No maintenance is required.
What's my experience with pricing, setup cost, and licensing?
The licensing is very low. It's quite affordable.
What other advice do I have?
The solution is excellent. I'd advise people that if they have Arctic Wolf, they'll have an easy time.
I'd rate the solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
SOC Analyst at a financial services firm with 1,001-5,000 employees
Sophisticated, robust, feature-rich, and includes the ability to do analyses
Pros and Cons
- "The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
- "It can be expensive depending on the features you select."
What is our primary use case?
We use CrowdStrike Falcon XDR for endpoint protection.
It is more sophisticated than a legacy antivirus.
When compared to the legacy antivirus, it offers more features, including the ability to do analyses, halt execution, and more. It also gives you real-time notifications.
In comparison to the earlier legacy era, it is better.
What is most valuable?
The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution.
It gives you that capability.
I am satisfied with the features that I currently use.
The interface is good, I have no complaints.
What needs improvement?
I believe that most of the features are perfect for my needs, anything else is only icing on the cake.
It can be expensive depending on the features you select.
The technical support could be improved.
For how long have I used the solution?
I have been working with CrowdStrike Falcon XDR for more than one year.
What do I think about the stability of the solution?
CrowdStrike Falcon XDR is a very stable solution.
What do I think about the scalability of the solution?
CrowdStrike Falcon XDR is simply scalable.
In my opinion, it all comes down to what is your pocket saying., and the number, of users.
From my perspective, it's a very scalable product.
All of your endpoints are using this solution.
In our company, we have approximately 372 users.
How are customer service and support?
We have contacted technical support multiple times.
I would rate the technical support a three and a half out of five. They are good but could improve.
How was the initial setup?
The initial setup was very easy.
It took less than three days.
What about the implementation team?
We completed the setup with some assistance from the Falcon team.
What's my experience with pricing, setup cost, and licensing?
I am not aware of the price, but I believe that it is among the most expensive XDRs out there.
Of course, this is dependent on the features you choose. Depending on the features, the price might increase.
Which other solutions did I evaluate?
This is our sixth year of transitioning from a legacy antivirus. So, I believe we saw the issues that we have with legacy antivirus. That's why we went for Falcon XDR.
What other advice do I have?
First, they should understand their needs, then depending on those requirements, I would be able to advise because each person has a unique use case.
I would strongly suggest this solution to anyone who is considering using it. It's a go-to for endpoint protection.
I would rate CrowdStrike Falcon XDR an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Excellent capabilities, with a real advantage over the competition, and straightforward customer service
Pros and Cons
- "The features I like the most are the response time and the dashboard are both excellent."
- "I would like to see a more accurate integration and an option to check the local machine."
What is our primary use case?
Our primary use case is EDR and ransomware.
What is most valuable?
The features I like the most are the response time and the dashboard are both excellent.
What needs improvement?
I would like to see a more accurate integration and an option to check the local machine.
For how long have I used the solution?
I have been using CrowdStrike Falcon for more than two years.
What do I think about the stability of the solution?
The stability is around ninety-eight percent. The other two percent deals directly with the node being unable to detect as normal.
What do I think about the scalability of the solution?
There is scalability but this is not our focus.
How are customer service and support?
We have not had any issues with technical support. Much of what we use is online documentation.
Which solution did I use previously and why did I switch?
We have used Microsoft Defender for Endpoint, SentinelOne, Carbon Black, and Trend Micro. The observation we have made is the accuracy and detection of CrowdStrike Falcon is excellent.
How was the initial setup?
The initial setup is very straightforward given you have set your file control and detection levels correctly.
What's my experience with pricing, setup cost, and licensing?
The cost is usually a challenge in the industry. I think we pay around sixty-eight dollars.
What other advice do I have?
I would rate CrowdStrike Falcon an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Cyber Security Regional Head at a computer software company with 1,001-5,000 employees
Cyber security and protection solution with powerful EDR and XDR features that offer return on investment
Pros and Cons
- "The EDR and XDR features have been most valuable."
- "We receive good ROI when using this solution."
- "For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
What is our primary use case?
We use this solution for next generation anti-virus protection and detection. We are a premium partner of Crowdstrike.
What is most valuable?
The EDR and XDR features have been most valuable.
What needs improvement?
For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible.
For how long have I used the solution?
I have been using this solution for two years.
What do I think about the stability of the solution?
This is a stable solution. I would rate it a five out of five.
What do I think about the scalability of the solution?
This is a scalable solution because it is cloud based.
How are customer service and support?
If customers want technical support, they need to subscribe to a special service that they need to pay for. When it comes to CrowdStrike, customer use the different support services as per their needs. By default, they don't provide the telephonic support.
I would rate the support a four out of five.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is very straightforward and required two people. I would rate it a four out of five. It take approximately one week to set up.
What was our ROI?
We receive good ROI when using this solution. I would rate it a four out of five. CrowdStrike offers a breach warranty which greatly reduces risk for customers.
What's my experience with pricing, setup cost, and licensing?
When it comes to licensing, customers can choose a bundle or select licences based on the specific features they would like access to. This solution comes with premium pricing. It is approximately 20 to 30% more expensive than competing solutions.
I would rate the pricing a three out of five.
What other advice do I have?
I would advise others to tell their customer upfront that staying connected to the internet is very critical to the use of this cloud based solution.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Pre Sales Architect at network techlab
A stable, scalable solution offering robust threat protection and vulnerability assessment
Pros and Cons
- "The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting, and vulnerability assessment is another valuable feature."
- "Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
What is our primary use case?
We are a CrowdStrike partner, selling their products to our customers. We have small and medium-sized enterprise clients and clients in the government sector. Depending on customer requirements, we provide different CrowdStrike Falcon products, ranging from Spotlight to XDR.
What is most valuable?
The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature.
What needs improvement?
Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that.
I would like to see a web filtering feature, and better application features. This would make the product easier to sell to smaller businesses, and would make it so that devices follow the applied policies anywhere; even when users are at home or travelling in another country, for example.
For how long have I used the solution?
We have been working with the solution for three years.
What do I think about the stability of the solution?
Crowdstrike Falcon XDR is a stable product.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The technical support is good; we raise a case using the portal and get a call back within a day. Help is available specifically for India, which is where we are based.
How was the initial setup?
The initial setup is towards the middle; it isn't remarkably straightforward or complex. The GUI changes complicate setup, so our process begins with consulting the documentation, and then we can download and implement the agent onto a machine. This typically takes around 15 minutes per machine.
What's my experience with pricing, setup cost, and licensing?
I'm not directly involved in sales, so I can't comment on the exact price, but I know the price decreases the higher the quantity we purchase.
What other advice do I have?
I would rate this solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Senior Engineer at Neosecure
Useful full EDR, effective hunting, and good reports
Pros and Cons
- "The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control."
- "CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve."
What is our primary use case?
We use CrowdStrike Falcon for malware mitigation and hunting.
What is most valuable?
The most valuable features in CrowdStrike Falcon are the full EDR with antivirus, hunting, reporting, and RTR remote control.
What needs improvement?
CrowdStrike Falcon could improve by having an easier way to search and use the interface for extracting queries from the data. The interface could improve.
For how long have I used the solution?
I have been using CrowdStrike Falcon for approximately eight years.
What do I think about the stability of the solution?
CrowdStrike Falcon is stable.
What do I think about the scalability of the solution?
The scalability of CrowdStrike Falcon is good.
We have approximately 500 people using this solution in my organization.
How are customer service and support?
We have contacted the support from CrowdStrike Falcon and it is very good.
How was the initial setup?
The initial setup of CrowdStrike Falcon is straightforward.
What's my experience with pricing, setup cost, and licensing?
The price of CrowdStrike Falcon is expensive and should be reduced.
What other advice do I have?
I rate CrowdStrike Falcon a nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer.
Server Administrator at TIR Canada
Stable solution that detects and prevents malware, but unreliable and weak tech support
Pros and Cons
- "The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
- "The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak."
What is our primary use case?
We use this solution on all of our endpoints and servers.
How has it helped my organization?
The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately.
What is most valuable?
The most valuable features of the solution are the detection and prevention of unwanted applications and malware services.
What needs improvement?
The solution keeps changing their website to the point that it's hard to navigate. Also, the technical support is kind of hit-or-miss. Sometimes they really respond quickly and sometimes I don't hear from them for a long time.
For how long have I used the solution?
I began using this solution when I was hired at this company about 10 months ago, and they were using it before that.
What do I think about the stability of the solution?
The solution looks very stable.
What do I think about the scalability of the solution?
It is a scalable product.
How are customer service and support?
The technical support team often just replies to an issue with a link to an article rather than actually calling back and talking to someone and making sure the problem is solved. To me, that's kind of weak.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup was complex. On a scale of one to five, with one being complicated and five being very easy, I would rate it about a three.
What about the implementation team?
The deployment was handled in-house.
What's my experience with pricing, setup cost, and licensing?
The licensing cost isn't cheap, but it's appropriate.
What other advice do I have?
My advice to those looking into this solution would be that it's in the top right quadrant of the Gartner quadrant, so it deserves consideration. You just have to be prepared to integrate it.
I would rate this solution as a four out of ten. This is mostly because of the weak technical support.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Extended Detection and Response (XDR) Security Information and Event Management (SIEM) Endpoint Protection Platform (EPP) Threat Intelligence Platforms (TIP) Endpoint Detection and Response (EDR) Attack Surface Management (ASM) Identity Threat Detection and Response (ITDR) AI-Powered Cybersecurity PlatformsPopular Comparisons
Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint
Splunk Enterprise Security
SentinelOne Singularity Endpoint
Darktrace
IBM Security QRadar
Microsoft Sentinel
Varonis Platform
Elastic Security
Huntress Managed EDR
HP Wolf Security
Trellix Endpoint Security Platform
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- What is the biggest difference between CrowdStrike and Cylance?
- CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
- Is Crowdstrike Falcon better than Trend Micro Deep Security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?



















