CrowdStrike Observability Reviews

We are currently finishing the configuration of the solution, making the playbooks and configurations with the use cases. From CrowdStrike Observability, we use all the solution including XDR and all Falcon solution for the servers or infrastructure on-premise and on the laptops and desktops, with the XDR solution.

The best features of CrowdStrike Observability include the way they show issues to the client or agent, and their data collection method is interesting because they use an agent-less approach in some cases, collecting data from infrastructure such as firewalls. Additionally, they have the agent, but the presentation in the management console is excellent as we have observability end-to-end with the servers and all the services configured in the use cases.

The intelligent alerting feature is excellent and configured on our console, being highly effective as it detects real alerts and just warnings or real issues.

Identifying performance bottlenecks is important because they collect numerous MD5 or hash keys including movements or playbooks. The way they organize that in the console is excellent, allowing you to have reports detecting issues, which not only includes detection but also provides solutions to those issues.

The product at this moment is really good; CrowdStrike Observability is still working to improve it and they are including new features. At this time, I cannot provide an opinion about what else to include because we are still configuring the solution and discovering all the benefits that CrowdStrike Observability will give us. I think that in some months I will be able to give a better opinion about that. What I have seen until this moment is excellent.

We have been using it for the last three months and it is excellent, but we are still collecting data to activate all the features that need information to make the reports and to bring us automated reports.

Until this moment, it is not complex. I think that it is easy because CrowdStrike Observability or the Falcon engineers are always available when we need them, working together with us to configure the solution.

We are still configuring the solution, but we have some results from the feature and it is excellent.

I would rate CrowdStrike Observability's support as a nine. We had some difficulties at the beginning, but at this moment they are improving, so probably in some months I will give them a ten.

Positive

This is something that I used before with the Conecta company.

We are configuring the service at this moment.

My current company is migrating at this moment to GCP as our main cloud provider.

I cannot give a good review about Unit 42 because we did not use the service directly; it is just Cortex.

The pricing and setup with CrowdStrike Observability is really competitive versus other solutions such as Cortex or Kaspersky.

My current company is migrating at this moment to GCP as our main cloud provider.

We did not use Falcon Sandbox or Falcon Exposure Management. We are using a local partner and they have a marketplace, but we are working with a local partner from Google. We are just customers, not partners or resellers with CrowdStrike Observability. We have experience with them through using the Cortex service. We did not have a product contract or service directly with Unit 42. What we had is the Cortex service, and with the Cortex service, they gave us some advice to configure the solution. On a scale of 1-10, I rate CrowdStrike Observability a perfect 10.

We are using CrowdStrike Observability now instead of Cisco or Dell. We are using the CrowdStrike EDR products. I'm working with CrowdStrike EDR. We are also using CrowdStrike Observability or Falcon LogScale.

The product provides complete hardware and software inventory. When we install the connector on one machine, it gives us all the details regarding hardware as well as software.

I use its predictive analytics.

In the logs and the trajectory, it shows detailed information about where the source of infection comes from, how it travels, and how to reach there. It gives us the complete trajectory.

I use the intuitive dashboard.

There are categories for mean, medium, high, and critical threats. If we determine something is a critical or high threat, we can investigate and follow up.

If they can provide us with the XDR features within the package with no extra cost, that would be beneficial for us.

In the whole CrowdStrike package regarding the XDR feature, we need the ability to integrate our other security products so we can get visibility on one platform.

I have been using CrowdStrike Observability for almost one year.

It was very straightforward to deploy CrowdStrike Observability products.

I didn't need technical support as the product is stable.

I don't have new ideas at the moment regarding CrowdStrike Observability because we have one security team monitoring it. I use it sometimes to view policies and other things. It is a very stable product and doesn't require much interference from the user end.

Every security product has false positives.

We have not experienced any issues with technical support from CrowdStrike Observability, but I don't know the exact details.

Neutral

We switched over from Trend Micro to CrowdStrike Observability last year, and we are satisfied at the moment and are continuing with it.

I took part in the implementation of CrowdStrike Observability in my system.

Regarding the return on investment from CrowdStrike Observability, it's difficult to quantify. If it defends and protects us, we can say our money is not wasted. However, it is not easy to give a specific answer to that question.

The cost price is a little bit high, but if you feel at ease, it's easy to use. The pricing is very high and small companies cannot afford it. They should reduce the price because the backend infrastructure is the same. Since it's a cloud-based solution and backend infrastructure does not require many changes, they should reduce the price to accommodate small to medium businesses.

We have our security team monitoring our threats. I can log in with admin rights, but I don't use it very much.

I have not found anything disadvantageous in CrowdStrike Observability. They have all the features. In the legacy products, they are offering connectors and supporting Server 2012 or even earlier versions.

Sometimes the intelligent alerting shows false positives, but it's under our control and we can ignore those alerts.

Based on my experience with the consoles and alerts, it gives us complete detail alerts, and the documentation is very comprehensive. I would rate it seven out of ten.

The stability can be rated as nine out of ten.

I recommend it mostly to enterprise companies.

Overall rating: 7/10.

I have been using CrowdStrike Observability for the past two months with a focus on the cloud environment, specifically integrating with Google Cloud. We are currently utilizing it for detection purposes and have not yet experienced any incidents that require a response.

I find the most effective feature of CrowdStrike Observability to be its cloud vision and attack surface vision, which enhance network traffic analysis. The visibility it provides is crucial for understanding what is happening globally. Despite its high cost, I prefer it for the protection it offers.

CrowdStrike Observability could improve in terms of understanding the functionality of different modules. The complexity of having multiple modules such as vulnerability management and identity management makes it challenging to comprehend and integrate into one platform.

I have been working with CrowdStrike Observability for two months.

CrowdStrike Observability is a robust platform with no errors for me. However, this year there was an important incident due to a mistake in the deployment of signatures. Similar issues have occurred with other providers in the past.

CrowdStrike Observability is very scalable. We currently have 2,000 users and plan to expand this to approximately 8,000 people in the future. I have not detected any problems with scalability, and I would rate it as nine out of ten for scalability.

The customer service is not satisfactory for me. The support is only available in English, and my users in LATAM regions such as Peru and Colombia require local language support, which is not currently provided.

Negative

I used only the Security Solution from Sophos before switching to CrowdStrike, using part of the XDR from CrowdStrike.

The setup part of CrowdStrike Observability takes a couple of days, depending on the volume of the infrastructure. My team, which consists of two engineers, handled the setup.

My team consists of two engineers who participated in the installation process for CrowdStrike Observability.

From my point of view, CrowdStrike Observability is the most expensive tool available. While it is a good solution, compared to Sophos and SentinelOne, it has a much higher cost.

Pricing for CrowdStrike Observability is expensive, similar to a Rolls-Royce in terms of cost. Compared to Sophos and SentinelOne, which offer competitive pricing, CrowdStrike is the most expensive. Despite this, the protection it offers is very important to me.

I have used Sophos and considered SentinelOne as they offer more competitive pricing. However, I prefer CrowdStrike for its superior protection.

CrowdStrike Observability is especially useful when using a multi-cloud environment. Although it is expensive, the protection level it provides justifies the price. For users on Google Cloud, I prefer using Google's GTI technology. Overall, I would rate CrowdStrike Observability as nine out of ten. I rate the overall solution as nine.

The typical use case for CrowdStrike Observability is for customers who are looking for the best protection for their endpoints, data, and overall EDR and XDR solution. CrowdStrike Observability would be best, and it also comes as a signature-less solution where you don't need to update your endpoints or the CrowdStrike Observability agents regularly. It is also completely based on AI and ML search engines.

The data centralization feature of CrowdStrike Observability comes as an add-on. If you want the data to be kept on the cloud, customers will be charged for it. The best practice many customers have is they would retain 90 days or three months of data as per their policy. However, sometimes it gets exceeded, and the customer needs additional data from the past. The problem is that the data keeps getting purged, so once the data is purged, it's difficult to recover it.

The areas of CrowdStrike Observability that have room for improvement include the approach towards customer issues, where resolution takes time. When raising a ticket for a customer, it takes time to get resolved, and the response from the CrowdStrike Observability team is sometimes very slow.

Technical support from CrowdStrike Observability rates between seven to eight out of ten.

I haven't personally worked on Fortinet products, as I work for a partner company that handles Fortinet products. I was completely focused on endpoint protection and data protection, but I don't have any personal experience with FortiGate.

The initial setup of CrowdStrike Observability is complex. The demo or the POC itself makes customers curious. CrowdStrike Observability has many add-on options; it doesn't come with one license, and you have to add many other features to the base product. This sometimes confuses customers.

We implemented CrowdStrike Observability for several customers, and we were hired for the implementation and troubleshooting of the product.

The pricing, setup costs, and licensing of CrowdStrike Observability are always handled by our pre-sales and sales team. We are completely based in the technical team.

We deal with many products such as CrowdStrike Observability, SentinelOne, Trend Micro, Broadcom, Sophos, and Kaspersky. Regarding our clients, we deal with all types: medium and enterprise-sized businesses, and small businesses. However, looking at the prices, CrowdStrike Observability is always preferred by enterprise or medium-sized businesses.

The complete portfolio of CrowdStrike Observability includes multiple solutions for various customers. I am currently on medical leave due to an accident that required surgery. My previous position was senior manager at ISS Technologies. On a scale of 1-10, I would rate CrowdStrike Observability a 7.

I use CrowdStrike Observability for endpoint security and log management. The main use case involves using its sandbox technology, ensuring efficient sandbox updates, and focusing on fraud and threat protection.

The intelligence database provided by CrowdStrike is very impressive. It does not affect system performance, which is crucial for development purposes. Unlike other software that requires a lot of local resources, CrowdStrike is a thin tool and does not significantly impact the development environment. Additionally, manual intervention is minimal, leading to resource savings.

For reporting or log management, having a longer duration for backup without needing to purchase a paid subscription would be beneficial. Currently, there is a default ninety-day backup period.

I have been using CrowdStrike tools for the past three to four years.

I am mostly satisfied with stability.

I frequently contact CrowdStrike's support and generally find it to be mostly good. There are options for either partner support or direct support.

Positive

I use Cisco for some security purposes, however, CrowdStrike is my primary EDR tool.

The deployment of CrowdStrike Observability is cloud-based with predefined rules, which need to be adapted for custom actions.

To access reports and extend backup duration beyond 90 days, a paid subscription is necessary.

I am familiar with the Palo Alto Firewall and VPN, but for endpoint security, I use CrowdStrike instead of Cisco.

I rate CrowdStrike Observability seven on a scale of one to ten. 

It's a cost-effective tool, providing substantial resource savings.

The main use cases for CrowdStrike Observability include distributed tracing and log management capabilities.

CrowdStrike Observability offers strong predictive analytics capabilities. The intelligent alerting system helps minimize noise and optimize IT resources effectively.

From a technical standpoint, the solution performs excellently without significant flaws. The solution includes advanced log management and distributed tracing features.

The reviewer has been working with CrowdStrike Observability for several years.

The installation process is straightforward and easy to implement.

The stability of the solution is notable.

The scalability of the product received positive feedback.

Technical support received a rating of 4 out of 10.

Positive

The pricing consideration varies as the product can be quite expensive for some organizations.

The reviewer works as a system integrator and reseller, dealing with various security products including Fortinet, Palo Alto, FortiNDR, FortiXDR, ADC, and EDR. Their clients actively use FortiNDR and integrate it with other security solutions. The reviewer has experience selling CrowdStrike Observability for log management purposes.

In my organization, the financial aspect in the bank is a significant factor influencing our operations.

The log aggregation and correlation of data are notable features that enhance our operations.

Integration with Huawei should be more straightforward.

I have been using the solution for two years.

There have been no issues with the solution's stability.

I would rate customer support as an eight out of ten.

Positive

The setup was quite easy. On a scale from one to ten, where ten means easy, I would rate it seven, eight, maybe nine out of ten.

The price is worth it. If I were to rate it on a scale from one to ten, with ten meaning a very good solution, I would rate it nine out of ten.