CrowdStrike Falcon Reviews

CrowdStrike Falcon is used for incident response.

It is very easy to hunt a threat in the organization. It keeps logs, making it very easy to investigate any kind of incident using CrowdStrike by looking at the processes that are running on a machine. There's more visibility over the endpoint through CrowdStrike.

The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features.

The new interface, the UI, seems a bit messy. The previous one was quite clear. It might be because of my adaptation to it. That's what I see as needing improvement.

I have been using CrowdStrike Falcon for more than three years, around three and a half years.

It is quite stable. I would rate it eight or nine out of ten.

I would rate customer service and support a ten. I am very satisfied with the support.

Positive

I have used antiviruses like Symantec before. Compared to all of that, I found CrowdStrike quite striking. Even compared to Defender, I find CrowdStrike more appealing.

On the terms of investigating, I find it's quite easy to investigate an event and have a broader look at the event using CrowdStrike. I would rate the time saved around eight, nine, or even ten out of ten. Compared to Defender, it makes it faster to investigate.

I think the pricing is quite reasonable with the services they provide.

For an incident investigator, it's quite easy to use, and it provides great visibility over the processes.

I'd rate the solution ten out of ten.

We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.

Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.

I like the feature called RTC, the remote time connector. It allows us to connect to a computer via the command line and execute commands for various functions and investigations. This eliminates the need for any additional programs. We can launch the connection and its subcommands from a single console.

The containment feature is another valuable tool. It allows us to isolate any machine exhibiting suspicious behavior or facing a detected threat. Once activated, containment immediately severs the machine's network connection and blocks user access.

Despite implementing tuning rules specifically designed to address them, we are still encountering a significant number of false positives. This issue persists even after collaborating with their support team to find a solution.

I have worked with their technical support on several problems that were never fully resolved.

I have been using CrowdStrike Falcon for three years.

While we encountered some bugs with on-demand scanning, the overall performance and stability of the system are positive. CrowdStrike Falcon is less resource-intensive than our old McAfee solution, which often led to performance complaints due to its high memory consumption.

CrowdStrike Falcon is scalable. Adding new features or licenses to CrowdStrike Falcon is seamless, with no disruption to our system's performance. Installing new modules is easy because it uses the same sensor.

While I've found screen sharing helpful with other support teams, CrowdStrike's technical support has never proactively suggested it. Instead, they've always initiated contact by calling me back after I submitted a ticket. We recently offered to screen share, but it seems it's not their preferred method. The support is good but it is not the best I have used.

Positive

Previously, we utilized Carbon Black for our endpoint security needs. However, we transitioned to CrowdStrike for several compelling reasons. As a prominent market competitor with widespread adoption among organizations, CrowdStrike offered a robust platform capable of meeting our evolving security requirements.

The 2021 incident further underscored the importance of robust security tools. CrowdStrike's capabilities proved invaluable in navigating the aftermath and instilled confidence in its continued effectiveness for future challenges.

Beyond its proven track record, CrowdStrike seamlessly integrates with our existing security ecosystem. The platform's comprehensive feature set simplifies endpoint management from a centralized console. Additionally, its granular telemetry across various modules provides invaluable insights during incident detection, enabling us to gather holistic information from each affected machine.

Furthermore, CrowdStrike consolidates our security stack by encompassing next-generation firewalls, endpoint detection and response, and real-time endpoint scanning, eliminating the need for separate solutions like McAfee. This streamlined approach enhances operational efficiency and simplifies security management.

The initial deployment presented some challenges due to the need to install the solution on all machines. This phase, requiring careful coordination among ten people over several weeks, involved connecting all the computers to the network. However, once this foundation was laid, the subsequent rollout proceeded smoothly.

The implementation was completed in-house by our people.

The return on investment is evident in the enhanced security posture achieved through continuous monitoring and immediate isolation of compromised machines. This proactive approach not only mitigates risk but also provides significant peace of mind for our team, alleviating concerns and optimizing their performance.

While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours.

I would rate CrowdStrike Falcon a nine out of ten.

CrowdStrike Falcon is a great tool. Investing in proper training on the CrowdStrike Falcon platform is highly recommended for any organization seeking to maximize its potential and avoid navigation struggles within the console. However, it's important to note that effective utilization of Falcon without CrowdStrike's managed services necessitates the formation of a dedicated team responsible for managing the solution. 

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

I've been using the solution for 15 months. 

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

We have 55 people currently using the solution. 

This is a scalable product.

We have yet to contact technical support. I can't speak to how their services are. 

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

We are a partner and therefore get the solution for free. 

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten. 

CrowdStrike Falcon is an Endpoint Detection and Response system that uses agents deployed on each endpoint. It works on mobile or wired devices. The operator provides you real-time and online protection against the latest malware and wireless attacks.

CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details.

CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats.

I've been using CrowdStrike Falcon for two years. 

CrowdStrike is highly stable.

CrowdStrike is a cloud-based solution, so it's always scalable. You can adjust your endpoint licenses at any time, so if your endpoint is decommissioned, you can reduce the licenses. If you want to add few more endpoints, you only need to deploy the agents. We have provided CrowdStrike Falcon EDR solutions for many clients, and the largest is about 2,000 licenses. 

CrowdStrike support is great. Palo Alto and CrowdStrike both have outsourced support.

Deploying CrowdStrike is straightforward. You can mass-deploy it using any management solution like WSS. It's a light agent that only requires 30 to 40 MB of space, so it's deployed in minutes.

One person is enough to manage the solution. A single admin can create a group based policy and deploy on hundreds of systems in a day if they are connected with their AD or WSS. If they are out of the network and out of the reach, then you need to do it manually, and that takes times for the endpoint availability.

I rate CrowdStrike Falcon eight out of 10. I strongly recommend it. 

We use this product as an antivirus. We use it as an add-on for Arctic Wolf, which it integrates with. 

The solution integrates well with Arctic Wolf. 

Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue.

It's very scalable.

The stability is excellent.

I'm very impressed by its low pricing.

The initial setup was simple, and the deployment was fast.

I do not have any notes for improvement. It just works. 

They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution. 

I've been using the solution for five years. 

The product is rock solid. I've never had an issue with stability. It is reliable and the performance is good. There are no bugs or glitches and it doesn't crash or freeze. 

The product is very scalable. You can extend it as needed.

We have between 220 and 300 users at this time. 

I've never dealt with technical support. 

We had multiple other antiviruses, including Norton, Avast, and Defender. We chose Falcon due to its Arctic Wolf integration. 

The initial setup was very easy.

We did not need a lot of people to set it up. It took a couple of people and less than five hours to have everything up and running. 

No maintenance is required. 

The licensing is very low. It's quite affordable. 

The solution is excellent. I'd advise people that if they have Arctic Wolf, they'll have an easy time.

I'd rate the solution ten out of ten.

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

I like the detection rates of mobile threats.

The policies allow us to define the level of protection.

The dashboards are good, as well as user management.

The management reporting functionality needs to be improved.

We would like to see more features for vulnerability management included.

We have been using CrowdStrike Falcon since one year.

This is a stable product.

We haven't had any problems with scalability and it expands with the company's needs.

We have 20,000 users and about 20 of them are administrators.

We have been in touch with technical support for a few issues. They are quite good and the response is fast.

We were using Cylance prior to CrowdStrike, and these two products overlapped for a time. We also use an on-premises solution called F-Secure.

CrowdStrike has a much lower rate of false positives than Cylance and the dashboard makes it easier to use.

The initial setup is very simple. It took two months to deploy for 20,000 clients.

Our in-house team handled the implementation and deployment. No maintenance is required.

The pricing is good and there are no costs in addition to the standard licensing fees. It is similar to that of Cylance and our on-premises solution.

This is a product that I absolutely recommend.

I would rate this solution a nine out of ten.

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

Falcon Protect looks at processes and issues in real-time.

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

I have been using CrowdStrike Falcon for the past year and a half.

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.

It's security-related product. A security environment based on AIML. It is not like the older stuff, which used to have signature-based updates.

It has helped us with security and managing threats that we see currently in our environment.

Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures.

Unfortunately, native applications are not supported.

It manages around a few thousand endpoints and servers in our environment, and it is doing well so far.

There are no issues in terms of scalability. 

We can call the tech support, if needed. Then, they have a dedicated rep for us.

It went well. We just installed an app on all the endpoints or devices. They have a good console which helps do this. So, it is as simple as that.

We are using this for endpoint security, so it doesn't need to integrate with anything else.

We evaluated three to four other vendors.

During the PoC, we figured out that this product is far better, and it met our requirements. That is why we went for CrowdStrike. With our PoC, they did a good job in explaining the product. So, the PoC went well, and we were able to achieve what we intended to with it.

Do a thorough PoC. Don't go ever go by the sales team unless you have tested it and know it works for your environment, because every environment is unique. The sales guy will promise you the moon. Only unless you have tested, you know it delivers.

The product has met its purpose for us.

We use both the on-premise and AWS versions. They are both good products and very simple to move, install, and configure.