Try our new research platform with insights from 80,000+ expert users
reviewer2322486 - PeerSpot reviewer
Security Analyst at a insurance company with 1,001-5,000 employees
Real User
Top 20
Used few system resources, can easily isolate infected machines, and add modules
Pros and Cons
  • "I like the feature called RTC, the remote time connector."
  • "I have worked with their technical support on several problems that were never fully resolved."

What is our primary use case?

We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.

Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.

What is most valuable?

I like the feature called RTC, the remote time connector. It allows us to connect to a computer via the command line and execute commands for various functions and investigations. This eliminates the need for any additional programs. We can launch the connection and its subcommands from a single console.

The containment feature is another valuable tool. It allows us to isolate any machine exhibiting suspicious behavior or facing a detected threat. Once activated, containment immediately severs the machine's network connection and blocks user access.

What needs improvement?

Despite implementing tuning rules specifically designed to address them, we are still encountering a significant number of false positives. This issue persists even after collaborating with their support team to find a solution.

I have worked with their technical support on several problems that were never fully resolved.

For how long have I used the solution?

I have been using CrowdStrike Falcon for three years.

Buyer's Guide
CrowdStrike Falcon
April 2025
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.

What do I think about the stability of the solution?

While we encountered some bugs with on-demand scanning, the overall performance and stability of the system are positive. CrowdStrike Falcon is less resource-intensive than our old McAfee solution, which often led to performance complaints due to its high memory consumption.

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable. Adding new features or licenses to CrowdStrike Falcon is seamless, with no disruption to our system's performance. Installing new modules is easy because it uses the same sensor.

How are customer service and support?

While I've found screen sharing helpful with other support teams, CrowdStrike's technical support has never proactively suggested it. Instead, they've always initiated contact by calling me back after I submitted a ticket. We recently offered to screen share, but it seems it's not their preferred method. The support is good but it is not the best I have used.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we utilized Carbon Black for our endpoint security needs. However, we transitioned to CrowdStrike for several compelling reasons. As a prominent market competitor with widespread adoption among organizations, CrowdStrike offered a robust platform capable of meeting our evolving security requirements.

The 2021 incident further underscored the importance of robust security tools. CrowdStrike's capabilities proved invaluable in navigating the aftermath and instilled confidence in its continued effectiveness for future challenges.

Beyond its proven track record, CrowdStrike seamlessly integrates with our existing security ecosystem. The platform's comprehensive feature set simplifies endpoint management from a centralized console. Additionally, its granular telemetry across various modules provides invaluable insights during incident detection, enabling us to gather holistic information from each affected machine.

Furthermore, CrowdStrike consolidates our security stack by encompassing next-generation firewalls, endpoint detection and response, and real-time endpoint scanning, eliminating the need for separate solutions like McAfee. This streamlined approach enhances operational efficiency and simplifies security management.

How was the initial setup?

The initial deployment presented some challenges due to the need to install the solution on all machines. This phase, requiring careful coordination among ten people over several weeks, involved connecting all the computers to the network. However, once this foundation was laid, the subsequent rollout proceeded smoothly.

What about the implementation team?

The implementation was completed in-house by our people.

What was our ROI?

The return on investment is evident in the enhanced security posture achieved through continuous monitoring and immediate isolation of compromised machines. This proactive approach not only mitigates risk but also provides significant peace of mind for our team, alleviating concerns and optimizing their performance.

What's my experience with pricing, setup cost, and licensing?

While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours.

What other advice do I have?

I would rate CrowdStrike Falcon a nine out of ten.

CrowdStrike Falcon is a great tool. Investing in proper training on the CrowdStrike Falcon platform is highly recommended for any organization seeking to maximize its potential and avoid navigation struggles within the console. However, it's important to note that effective utilization of Falcon without CrowdStrike's managed services necessitates the formation of a dedicated team responsible for managing the solution. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Dev Kudtharkar - PeerSpot reviewer
Director of Information Technology at Slice
Real User
Effective for threat detection and remediation
Pros and Cons
  • "The most valuable features are the complete IPS and IDS."
  • "Forensic controls have room for improvement."

What is our primary use case?

Our primary use case is IPS and IDS.

How has it helped my organization?

CrowdStrike Falcon is extensively used by all 2,000 employees.

What is most valuable?

The most valuable features are the complete IPS and IDS. Both the feature provide good measures for threat detection and prevent network intrusions. 

What needs improvement?

Forensic controls have room for improvement, and CrowdStrike Falcon can add more features here.

Another improvement could be the support for this product could be cheaper.

For how long have I used the solution?

I have been using CrowdStrike Falcon for two years. We are using version 6.5.1.

What do I think about the stability of the solution?

It is a stable solution. I would rate it a nine out of ten.

What do I think about the scalability of the solution?

The scalability of CrowdStrike Falcon is quite good. There are around 2,000 users in our organization. I would rate it an eight out of ten. There are a few things, such as the forensic part and the investigation, that can be improved.

Which solution did I use previously and why did I switch?

I have worked on many other IDS solutions, but I found CrowdStrike Falcon to be the best.

How was the initial setup?

The setup is pretty straightforward. The deployment took some time because we didn't have an NBM solution. We installed it two years ago. But now it's clear, and we don't need much time to deploy it.

What about the implementation team?

The tech support is good but can be expensive when it goes out of the subscription.

What was our ROI?

I have seen a good return on investment.

What's my experience with pricing, setup cost, and licensing?

There is a license-based model. We use the yearly license. I would rate pricing a seven out of ten, where one is cheap, and ten is very expensive.

What other advice do I have?

I highly recommend people use CrowdStrike Falcon. Overall, I rate it a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
CrowdStrike Falcon
April 2025
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
Nakul Chopra - PeerSpot reviewer
Owner at IT Solution
Reseller
Good detection and performance and uses very few resources
Pros and Cons
  • "It is an easy product to deploy."
  • "We can't do scanning audits or device blocking or application control."

What is our primary use case?

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

What is most valuable?

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

What needs improvement?

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

For how long have I used the solution?

I've been using the solution for 15 months. 

What do I think about the stability of the solution?

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

We have 55 people currently using the solution. 

This is a scalable product.

How are customer service and support?

We have yet to contact technical support. I can't speak to how their services are. 

Which solution did I use previously and why did I switch?

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

How was the initial setup?

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

What's my experience with pricing, setup cost, and licensing?

We are a partner and therefore get the solution for free. 

What other advice do I have?

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: partner/customer
PeerSpot user
Sandeep Sehrawat - PeerSpot reviewer
Information Technology Security Consultant at Sify Technologies
Real User
Your dashboards will tell you the number of the endpoints being protected and the incidents.
Pros and Cons
  • "CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
  • "CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."

What is our primary use case?

CrowdStrike Falcon is an Endpoint Detection and Response system that uses agents deployed on each endpoint. It works on mobile or wired devices. The operator provides you real-time and online protection against the latest malware and wireless attacks.

What is most valuable?

CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details.

What needs improvement?

CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats.

For how long have I used the solution?

I've been using CrowdStrike Falcon for two years. 

What do I think about the stability of the solution?

CrowdStrike is highly stable.

What do I think about the scalability of the solution?

CrowdStrike is a cloud-based solution, so it's always scalable. You can adjust your endpoint licenses at any time, so if your endpoint is decommissioned, you can reduce the licenses. If you want to add few more endpoints, you only need to deploy the agents. We have provided CrowdStrike Falcon EDR solutions for many clients, and the largest is about 2,000 licenses. 

How are customer service and support?

CrowdStrike support is great. Palo Alto and CrowdStrike both have outsourced support.

How was the initial setup?

Deploying CrowdStrike is straightforward. You can mass-deploy it using any management solution like WSS. It's a light agent that only requires 30 to 40 MB of space, so it's deployed in minutes.

One person is enough to manage the solution. A single admin can create a group based policy and deploy on hundreds of systems in a day if they are connected with their AD or WSS. If they are out of the network and out of the reach, then you need to do it manually, and that takes times for the endpoint availability.

What other advice do I have?

I rate CrowdStrike Falcon eight out of 10. I strongly recommend it. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Security Principal at Trifecta Cloud Security Solutions
Real User
A highly stable solution that is primarily used for its EDR and XDR capabilities
Pros and Cons
  • "Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
  • "CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition."

What is our primary use case?

The solution is primarily utilized for EDR and XDR capabilities, with some identity management features integrated through Falcon. In essence, it is employed like other endpoint protection platforms.

How has it helped my organization?

CrowdStrike Falcon no longer stands out compared to other endpoint protection platforms like Carbon Black or Microsoft Defender. Therefore, neither is superior to the other when used in our organization.

What is most valuable?

Regarding features, I appreciate its integration capabilities with identity providers, but it would have been better if they had their own identity product. The documentation is well-done in the solution.

What needs improvement?

CrowdStrike needs to quit making up stuff about its features and functionality to bash its competition.

I would like to see CrowdStrike become closer to an agentless solution where I wouldn't have to deploy software and maintain the version of the solution.

For how long have I used the solution?

I have been using CrowdStrike Falcon for a year. Also, I am using the solution's latest version.

What do I think about the stability of the solution?

There is no doubt about the stability of the solution. Stability-wise, I rate the solution a ten out of ten.

What do I think about the scalability of the solution?

The solution has been successfully deployed in thousands of enterprises, so it is proven to be scalable. Major customers are using it, indicating that scalability is not a concern.

How are customer service and support?

There are two numbers to reach out to the technical support team. Considering the time taken to reach out to them with a request and get a response, I rate them a ten. Based on the technical skills of the customer support team to solve a problem, I rate them between a six and seven.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup process of the solution was straightforward. However, it is important to note that I was only setting up the solution in a POC (Proof of Concept) environment and not in a production one.

What was our ROI?

That's a difficult question to answer because CrowdStrike Falcon was implemented to replace a previous solution. While it was cheaper than the previous solution, the only initial return on investment was cost savings, as we have not yet developed key performance indicators to measure the security benefits of using CrowdStrike Falcon.

The effectiveness of a solution is not always easily measurable by simply avoiding a hack on a given day. Instead, it often requires analyzing reporting data to determine its environmental impact. This data must then be used to calculate the return on investment and compare it to the cost of ownership. In my experience, the only clear return on investment has been in the initial deployment of the solution. The solution's price has typically been lower than that of previous solutions.

What's my experience with pricing, setup cost, and licensing?

In my opinion, the pricing of CrowdStrike Falcon seems aggressive.

What other advice do I have?

I recommend anyone planning to use CrowdStrike Falcon to ensure that they have an integration team. This is because the solution does not have many built-in features, and it relies on partnership integration with other significant players, such as identity and network vulnerability solutions. Consequently, when deploying CrowdStrike, hiring additional personnel is necessary to comprehend the integration process. If CrowdStrike is ranked number one, then Microsoft is above CrowdStrike due to its fully integrated features. If Microsoft ever got details of incorrect licenses, it would run CrowdStrike out of business. Overall, I rate the product eight point nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1078392 - PeerSpot reviewer
Security Systems Analyst at a retailer with 5,001-10,000 employees
Real User
Allows us to sleep better at night
Pros and Cons
  • "I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
  • "I would also like to see the endpoint firewall component produce some level of logging and feedback."

What is our primary use case?

CrowdStrike is a malware protection solution that is deployed on a private cloud across all areas of our organization. We have deployed the solution to 10,000 users. Roles-based it's the security team. 

We recently upgraded to a new feature that is set to roll out. CrowdStrike is a requirement, it's our standard. If you have a new OS deployed or a new server deployed, this is a required component. It has been automated as we grow and as we add more systems.

How has it helped my organization?

CrowdStrike allows us to sleep better at night.

What is most valuable?

I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.

What needs improvement?

This solution lacks basic functionality, such as being able to perform on-demand scanning. This presents a challenge when it comes to the payment card industry, PCI which has that as built-in requirements for the PCI DSS standard.

I would also like to see the endpoint firewall component produce some level of logging and feedback. 

For how long have I used the solution?

I have been using CrowdStrike Falcon for three years.

What do I think about the stability of the solution?

CrowdStrike is very stable, we've had very few technical issues. The false positive rate is average. It has been very easy to manage and to determine where issues are.

What do I think about the scalability of the solution?

This solution is very scalable. It is easy to roll out more agents and is fairly automated. We have it deployed in multiple environments such as hybrid versus cloud versus private. 

How are customer service and support?

We have had very positive interactions with not only our manage service provider, but the vendor directly. They've offered good support when we've had some questions and concerns. Their documentation is fairly extensive.

Which solution did I use previously and why did I switch?

We follow trends to make sure we have the best product for our organizations. The one we were using fell behind a bit. We wanted something that was completely cloud-based so that the infrastructure wasn't on-prem and we wouldn't be required to manage the upgrades of servers and applications. 

How was the initial setup?

The initial setup was moderate. There is a lot to think about and a lot to plan out, however once that is done the actual deployment is straightforward. We used a tiered deployment, deploying the product in a learning mode or logging mode only. We also did a tiered deployment by division and then enabled features by division to make sure that if there was an impact, we could at least contain it to one area and revert back as quickly as possible.

What about the implementation team?

We deployed with an integrator. They were very knowledgeable and knew what they were doing. They involved the vendor when required. We use half of an FTE to maintain the solution. We also have a managed service provided that also integrated the log files from this product into our SIM. We are pointing all the logs to a log reporting utility that allows us to react to alerts. 

What was our ROI?

Because we are information security, we come with a price tag, unfortunately. When we look at it as a whole, we are able to sleep at night, we have a good solution and it is protecting us from the zero-days and the latest malware. I don't know what you put the cost of breach prevention at.  We feel we are using a product that is at the top of the industry. We are doing as much as we can to protect our organization, so there is the return on investment that way.

What's my experience with pricing, setup cost, and licensing?

We pay yearly for the solution. It makes it easier for budgeting purposes. We did incur additional costs when we implemented their firewall solution, calling it the endpoint firewall. 

Which other solutions did I evaluate?

We're constantly looking for other options the industry's top solutions and where the industry is going next. In cybersecurity, we ensure we are protected today but also make sure that we are thinking towards the future and analyzing other solutions to see if they are better, or potentially better in the future.

What other advice do I have?

If you are looking at CrowdStrike, plan appropriately. Make sure you have planned it out and do your testing. We found that it was legacy-friendly. We have a lot of legacy applications and we were concerned about that. We ran into some minor issues but we did find that it was friendly, however, there were some newer applications that the product did not interact with as well as we expected. They were easy fixes, but you should do your due diligence so you run into fewer surprises.

I would rate CrowdStrike a 9 out of 10.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Chief Information Security Officer at a manufacturing company with 10,001+ employees
Real User
Good detection rates, nice dashboards, easy to manage, and the technical support is responsive
Pros and Cons
  • "I like the detection rates of mobile threats."
  • "The management reporting functionality needs to be improved."

What is our primary use case?

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

How has it helped my organization?

What is most valuable?

I like the detection rates of mobile threats.

The policies allow us to define the level of protection.

The dashboards are good, as well as user management.

What needs improvement?

The management reporting functionality needs to be improved.

We would like to see more features for vulnerability management included.

For how long have I used the solution?

We have been using CrowdStrike Falcon since one year.

What do I think about the stability of the solution?

This is a stable product.

What do I think about the scalability of the solution?

We haven't had any problems with scalability and it expands with the company's needs.

We have 20,000 users and about 20 of them are administrators.

How are customer service and technical support?

We have been in touch with technical support for a few issues. They are quite good and the response is fast.

Which solution did I use previously and why did I switch?

We were using Cylance prior to CrowdStrike, and these two products overlapped for a time. We also use an on-premises solution called F-Secure.

CrowdStrike has a much lower rate of false positives than Cylance and the dashboard makes it easier to use.

How was the initial setup?

The initial setup is very simple. It took two months to deploy for 20,000 clients.

What about the implementation team?

Our in-house team handled the implementation and deployment. No maintenance is required.

What was our ROI?

What's my experience with pricing, setup cost, and licensing?

The pricing is good and there are no costs in addition to the standard licensing fees. It is similar to that of Cylance and our on-premises solution.

Which other solutions did I evaluate?

What other advice do I have?

This is a product that I absolutely recommend.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Provides instant visibility and protection across an organization
Pros and Cons
  • "It's given me a level of confidence that my network is secure."
  • "CrowdStrike Falcon by itself does not supply in-depth reporting."

What is our primary use case?

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

How has it helped my organization?

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

What is most valuable?

Falcon Protect looks at processes and issues in real-time.

What needs improvement?

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

For how long have I used the solution?

I have been using CrowdStrike Falcon for the past year and a half.

What do I think about the stability of the solution?

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

How are customer service and technical support?

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

Which solution did I use previously and why did I switch?

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

How was the initial setup?

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

What's my experience with pricing, setup cost, and licensing?

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

What other advice do I have?

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.