I would recommend that if you need a quick response against real-time attackers, you should consider purchasing CrowdStrike. Windows Defender doesn't match up, so configuring it on EC2 instances is better for small and large-scale companies as well. Overall rating: nine out of ten.
Support is an area that needs attention. Overall, EDR is fine. ITDR is not mature, and other tools are also not mature. If we talk about SIEM and cloud security, those are also not mature. I would rate it five out of ten.
CrowdStrike is a great solution. It's a hands-on tool. I have not seen other EDRs like it. Compared to Carbon Black, which is much more difficult with a different UI, CrowdStrike allows direct, detailed investigation with a PID generated for each process. It offers unique abilities not seen in other EDRs. Overall product rating: nine out of ten.
Senior Security Engineer at Dentistry For Children, Inc.
User
2024-10-11T14:26:56Z
Oct 11, 2024
I have always felt that Sentinel 1 was the better product all around, and it is less expensive than CS. CS has some quirks, one of them being the management and configuration consoles are so numerous and complex that it is easy to make a mistake or overlook something.
Overall, CS is not a bad product but they made a huge mistake that cost billions of dollars. Granted, it was a mistake, but given the global presence of CS, they should have had better protections in place to prevent this and immediate contingency plans to remediate it asap.
As far as tips, I'm not sure, other than 'learn the consoles well'.
Trainee Engineer at COMPASS IT Solutions & Services Pvt.Ltd.
Real User
Top 10
2024-08-09T08:25:00Z
Aug 9, 2024
Overall, I would rate the product an eight out of ten because of one recent issue that happened. I'm concerned about the recent issue that happened. What if another update causes the same problem again? Is it really as good as it seems? Even our customers have given very good feedback, they get more insights into what's happening, what they should do, and what remediation steps to take. So, in that way, it's very good. I would recommend it, especially if you're going for endpoint security. I'd definitely recommend CrowdStrike first because it's more mature than SentinelOne and other EDR solutions in the APAC region.
Manager, Security Operations Centre at Phillips Consulting Limited
Real User
Top 5
2024-07-26T15:04:08Z
Jul 26, 2024
CrowdStrike Falcon Surface is a cloud-based solution. In light of the recent global IT outage that affected CrowdStrike, they should do proper change management. Overall, I rate the solution a nine out of ten.
Falcon endpoint protections provides real-time threat prevention and response to identity-based attacks. 1. Protection: Protects traditional AD 2. Detection: Uses AI-powered anomaly detection to identify and neutralize threats 3. Provides 24/7 managed detection and response for identity threat 4. Risk-based access: Enforces MFA based on real-time risk assessment 5. Unified security: Integrates endpoint and identity protection for comprehensive security 6. Managed services: Falcon Complete ITP is a fully managed solution that includes expert management, monitoring, and remediation
Most customer requirements focus on email security, so we’ve implemented Mimecast. CrowdStrike Falcon integrates with Mimecast, allowing us to provide advanced security beyond Office 365’s capabilities. With DMARC in place, Falcon helps us identify domains that pose a risk to the organization. I advise you to look for customer feedback, and then they should also look for Gartner and other industry leaders so you get the ranking. Overall, I rate the solution a seven out of ten.
I rate the overall product an eight out of ten. I would recommend it to others. However, it's crucial to understand areas where the product might not provide coverage and how to mitigate those gaps. For example, it covers endpoints, networks, and Office 365 environments, but are there other areas in the attack surface that it doesn't address well? It's essential to be aware of any potential gaps upfront. The solution helps in preventing incidents. However, it's challenging to quantify the exact impact because we don't know what would have happened without it. It's similar to having insurance for your house.
CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.
CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure...
I would recommend that if you need a quick response against real-time attackers, you should consider purchasing CrowdStrike. Windows Defender doesn't match up, so configuring it on EC2 instances is better for small and large-scale companies as well. Overall rating: nine out of ten.
Support is an area that needs attention. Overall, EDR is fine. ITDR is not mature, and other tools are also not mature. If we talk about SIEM and cloud security, those are also not mature. I would rate it five out of ten.
CrowdStrike is a great solution. It's a hands-on tool. I have not seen other EDRs like it. Compared to Carbon Black, which is much more difficult with a different UI, CrowdStrike allows direct, detailed investigation with a PID generated for each process. It offers unique abilities not seen in other EDRs. Overall product rating: nine out of ten.
Overall, CS is not a bad product but they made a huge mistake that cost billions of dollars. Granted, it was a mistake, but given the global presence of CS, they should have had better protections in place to prevent this and immediate contingency plans to remediate it asap.
As far as tips, I'm not sure, other than 'learn the consoles well'.
For an incident investigator, it's quite easy to use, and it provides great visibility over the processes. I'd rate the solution ten out of ten.
Overall, I would rate the product an eight out of ten because of one recent issue that happened. I'm concerned about the recent issue that happened. What if another update causes the same problem again? Is it really as good as it seems? Even our customers have given very good feedback, they get more insights into what's happening, what they should do, and what remediation steps to take. So, in that way, it's very good. I would recommend it, especially if you're going for endpoint security. I'd definitely recommend CrowdStrike first because it's more mature than SentinelOne and other EDR solutions in the APAC region.
CrowdStrike Falcon Surface is a cloud-based solution. In light of the recent global IT outage that affected CrowdStrike, they should do proper change management. Overall, I rate the solution a nine out of ten.
Falcon endpoint protections provides real-time threat prevention and response to identity-based attacks.
1. Protection: Protects traditional AD
2. Detection: Uses AI-powered anomaly detection to identify and neutralize threats
3. Provides 24/7 managed detection and response for identity threat
4. Risk-based access: Enforces MFA based on real-time risk assessment
5. Unified security: Integrates endpoint and identity protection for comprehensive security 6. Managed services: Falcon Complete ITP is a fully managed solution that includes expert management, monitoring, and remediation
Most customer requirements focus on email security, so we’ve implemented Mimecast. CrowdStrike Falcon integrates with Mimecast, allowing us to provide advanced security beyond Office 365’s capabilities. With DMARC in place, Falcon helps us identify domains that pose a risk to the organization. I advise you to look for customer feedback, and then they should also look for Gartner and other industry leaders so you get the ranking. Overall, I rate the solution a seven out of ten.
I rate the overall product an eight out of ten. I would recommend it to others. However, it's crucial to understand areas where the product might not provide coverage and how to mitigate those gaps. For example, it covers endpoints, networks, and Office 365 environments, but are there other areas in the attack surface that it doesn't address well? It's essential to be aware of any potential gaps upfront. The solution helps in preventing incidents. However, it's challenging to quantify the exact impact because we don't know what would have happened without it. It's similar to having insurance for your house.