CrowdStrike Falcon Reviews

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

We rely on our environmental security and we haven't had any infections so that's valuable for us. It means we haven't lost any time due to the system being down from ransomware or anything like that, so it's quite positive. 

Improvement could be made in the number of false positives we get, there are more than there needs to be. Typical Windows functions sometimes get stopped by CrowdStrike. In general, I'd rather err on the side of safety but some of these are really straightforward functions that should get through.

For the future, I think they need to keep building on their extensibility, the capability to be extended, so that it's not lost and we can utilize the knowledge that we're gaining from the endpoints. 

I've been using this solution for a little over a year. 

This is a stable solution, I'm unaware of any failures. 

Scalability is expensive but it works. We've installed it on more than 900 machines in the corporation and it covers every role from civil engineers, architects, HR people, office workers and the server. Maintenance takes the equivalent of one full-time position but it's a shared responsibility among the IT team. 

The technical support do a good job. 

The initial setup occurred before I began working here although I believe it is quite straightforward. The install process for machines is pretty good. If we want to de-install it's not so great, but overall it's tolerable.

I believe that we pay about US$ 65,000 annually which covers 900 machines in the company. There are no other costs but there are additional features that can be purchased but we haven't done that. 

CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side.

I would rate this solution an eight out of 10. 

CrowdStrike Falcon is used for incident response.

It is very easy to hunt a threat in the organization. It keeps logs, making it very easy to investigate any kind of incident using CrowdStrike by looking at the processes that are running on a machine. There's more visibility over the endpoint through CrowdStrike.

The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features.

The new interface, the UI, seems a bit messy. The previous one was quite clear. It might be because of my adaptation to it. That's what I see as needing improvement.

I have been using CrowdStrike Falcon for more than three years, around three and a half years.

It is quite stable. I would rate it eight or nine out of ten.

I would rate customer service and support a ten. I am very satisfied with the support.

Positive

I have used antiviruses like Symantec before. Compared to all of that, I found CrowdStrike quite striking. Even compared to Defender, I find CrowdStrike more appealing.

On the terms of investigating, I find it's quite easy to investigate an event and have a broader look at the event using CrowdStrike. I would rate the time saved around eight, nine, or even ten out of ten. Compared to Defender, it makes it faster to investigate.

I think the pricing is quite reasonable with the services they provide.

For an incident investigator, it's quite easy to use, and it provides great visibility over the processes.

I'd rate the solution ten out of ten.

We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.

Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.

I like the feature called RTC, the remote time connector. It allows us to connect to a computer via the command line and execute commands for various functions and investigations. This eliminates the need for any additional programs. We can launch the connection and its subcommands from a single console.

The containment feature is another valuable tool. It allows us to isolate any machine exhibiting suspicious behavior or facing a detected threat. Once activated, containment immediately severs the machine's network connection and blocks user access.

Despite implementing tuning rules specifically designed to address them, we are still encountering a significant number of false positives. This issue persists even after collaborating with their support team to find a solution.

I have worked with their technical support on several problems that were never fully resolved.

I have been using CrowdStrike Falcon for three years.

While we encountered some bugs with on-demand scanning, the overall performance and stability of the system are positive. CrowdStrike Falcon is less resource-intensive than our old McAfee solution, which often led to performance complaints due to its high memory consumption.

CrowdStrike Falcon is scalable. Adding new features or licenses to CrowdStrike Falcon is seamless, with no disruption to our system's performance. Installing new modules is easy because it uses the same sensor.

While I've found screen sharing helpful with other support teams, CrowdStrike's technical support has never proactively suggested it. Instead, they've always initiated contact by calling me back after I submitted a ticket. We recently offered to screen share, but it seems it's not their preferred method. The support is good but it is not the best I have used.

Positive

Previously, we utilized Carbon Black for our endpoint security needs. However, we transitioned to CrowdStrike for several compelling reasons. As a prominent market competitor with widespread adoption among organizations, CrowdStrike offered a robust platform capable of meeting our evolving security requirements.

The 2021 incident further underscored the importance of robust security tools. CrowdStrike's capabilities proved invaluable in navigating the aftermath and instilled confidence in its continued effectiveness for future challenges.

Beyond its proven track record, CrowdStrike seamlessly integrates with our existing security ecosystem. The platform's comprehensive feature set simplifies endpoint management from a centralized console. Additionally, its granular telemetry across various modules provides invaluable insights during incident detection, enabling us to gather holistic information from each affected machine.

Furthermore, CrowdStrike consolidates our security stack by encompassing next-generation firewalls, endpoint detection and response, and real-time endpoint scanning, eliminating the need for separate solutions like McAfee. This streamlined approach enhances operational efficiency and simplifies security management.

The initial deployment presented some challenges due to the need to install the solution on all machines. This phase, requiring careful coordination among ten people over several weeks, involved connecting all the computers to the network. However, once this foundation was laid, the subsequent rollout proceeded smoothly.

The implementation was completed in-house by our people.

The return on investment is evident in the enhanced security posture achieved through continuous monitoring and immediate isolation of compromised machines. This proactive approach not only mitigates risk but also provides significant peace of mind for our team, alleviating concerns and optimizing their performance.

While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours.

I would rate CrowdStrike Falcon a nine out of ten.

CrowdStrike Falcon is a great tool. Investing in proper training on the CrowdStrike Falcon platform is highly recommended for any organization seeking to maximize its potential and avoid navigation struggles within the console. However, it's important to note that effective utilization of Falcon without CrowdStrike's managed services necessitates the formation of a dedicated team responsible for managing the solution. 

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

I've been using the solution for 15 months. 

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

We have 55 people currently using the solution. 

This is a scalable product.

We have yet to contact technical support. I can't speak to how their services are. 

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

We are a partner and therefore get the solution for free. 

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten. 

CrowdStrike Falcon is an Endpoint Detection and Response system that uses agents deployed on each endpoint. It works on mobile or wired devices. The operator provides you real-time and online protection against the latest malware and wireless attacks.

CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details.

CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats.

I've been using CrowdStrike Falcon for two years. 

CrowdStrike is highly stable.

CrowdStrike is a cloud-based solution, so it's always scalable. You can adjust your endpoint licenses at any time, so if your endpoint is decommissioned, you can reduce the licenses. If you want to add few more endpoints, you only need to deploy the agents. We have provided CrowdStrike Falcon EDR solutions for many clients, and the largest is about 2,000 licenses. 

CrowdStrike support is great. Palo Alto and CrowdStrike both have outsourced support.

Deploying CrowdStrike is straightforward. You can mass-deploy it using any management solution like WSS. It's a light agent that only requires 30 to 40 MB of space, so it's deployed in minutes.

One person is enough to manage the solution. A single admin can create a group based policy and deploy on hundreds of systems in a day if they are connected with their AD or WSS. If they are out of the network and out of the reach, then you need to do it manually, and that takes times for the endpoint availability.

I rate CrowdStrike Falcon eight out of 10. I strongly recommend it. 

CrowdStrike is a malware protection solution that is deployed on a private cloud across all areas of our organization. We have deployed the solution to 10,000 users. Roles-based it's the security team. 

We recently upgraded to a new feature that is set to roll out. CrowdStrike is a requirement, it's our standard. If you have a new OS deployed or a new server deployed, this is a required component. It has been automated as we grow and as we add more systems.

CrowdStrike allows us to sleep better at night.

I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.

This solution lacks basic functionality, such as being able to perform on-demand scanning. This presents a challenge when it comes to the payment card industry, PCI which has that as built-in requirements for the PCI DSS standard.

I would also like to see the endpoint firewall component produce some level of logging and feedback. 

I have been using CrowdStrike Falcon for three years.

CrowdStrike is very stable, we've had very few technical issues. The false positive rate is average. It has been very easy to manage and to determine where issues are.

This solution is very scalable. It is easy to roll out more agents and is fairly automated. We have it deployed in multiple environments such as hybrid versus cloud versus private. 

We have had very positive interactions with not only our manage service provider, but the vendor directly. They've offered good support when we've had some questions and concerns. Their documentation is fairly extensive.

We follow trends to make sure we have the best product for our organizations. The one we were using fell behind a bit. We wanted something that was completely cloud-based so that the infrastructure wasn't on-prem and we wouldn't be required to manage the upgrades of servers and applications. 

The initial setup was moderate. There is a lot to think about and a lot to plan out, however once that is done the actual deployment is straightforward. We used a tiered deployment, deploying the product in a learning mode or logging mode only. We also did a tiered deployment by division and then enabled features by division to make sure that if there was an impact, we could at least contain it to one area and revert back as quickly as possible.

We deployed with an integrator. They were very knowledgeable and knew what they were doing. They involved the vendor when required. We use half of an FTE to maintain the solution. We also have a managed service provided that also integrated the log files from this product into our SIM. We are pointing all the logs to a log reporting utility that allows us to react to alerts. 

Because we are information security, we come with a price tag, unfortunately. When we look at it as a whole, we are able to sleep at night, we have a good solution and it is protecting us from the zero-days and the latest malware. I don't know what you put the cost of breach prevention at.  We feel we are using a product that is at the top of the industry. We are doing as much as we can to protect our organization, so there is the return on investment that way.

We pay yearly for the solution. It makes it easier for budgeting purposes. We did incur additional costs when we implemented their firewall solution, calling it the endpoint firewall. 

We're constantly looking for other options the industry's top solutions and where the industry is going next. In cybersecurity, we ensure we are protected today but also make sure that we are thinking towards the future and analyzing other solutions to see if they are better, or potentially better in the future.

If you are looking at CrowdStrike, plan appropriately. Make sure you have planned it out and do your testing. We found that it was legacy-friendly. We have a lot of legacy applications and we were concerned about that. We ran into some minor issues but we did find that it was friendly, however, there were some newer applications that the product did not interact with as well as we expected. They were easy fixes, but you should do your due diligence so you run into fewer surprises.

I would rate CrowdStrike a 9 out of 10.

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

I like the detection rates of mobile threats.

The policies allow us to define the level of protection.

The dashboards are good, as well as user management.

The management reporting functionality needs to be improved.

We would like to see more features for vulnerability management included.

We have been using CrowdStrike Falcon since one year.

This is a stable product.

We haven't had any problems with scalability and it expands with the company's needs.

We have 20,000 users and about 20 of them are administrators.

We have been in touch with technical support for a few issues. They are quite good and the response is fast.

We were using Cylance prior to CrowdStrike, and these two products overlapped for a time. We also use an on-premises solution called F-Secure.

CrowdStrike has a much lower rate of false positives than Cylance and the dashboard makes it easier to use.

The initial setup is very simple. It took two months to deploy for 20,000 clients.

Our in-house team handled the implementation and deployment. No maintenance is required.

The pricing is good and there are no costs in addition to the standard licensing fees. It is similar to that of Cylance and our on-premises solution.

This is a product that I absolutely recommend.

I would rate this solution a nine out of ten.

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

Falcon Protect looks at processes and issues in real-time.

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

I have been using CrowdStrike Falcon for the past year and a half.

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.