What is your primary use case for CrowdStrike Falcon?

Also, Threat Hunting is excellent 

We are currently using this solution as an ERD tool to control and remediate threat from the endpoint remotely, it serves as a next-gen antivirus solution. It can also be used in a forensic investigation, threat hunting, trend analysis, malware analysis, etc.

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response.

We use Falcon to protect around 500 endpoints.

The solution is for alerts. It will trigger if there is malicious traffic or some scripting attack. Any attack that is there, then it'll alert automatically.

We use CrowdStrike Falcon for malware mitigation and hunting.

The following is a list of use cases that were tested and evaluated against Crowd Strike along with different competitors. 1 - Execution of Fileless Ransomware - The test was conducted using PowerShell script execution, the script was executed using privileges rights and it was successful. Although all the preventive controls were enabled in the CS falcon dashboard, CS falcon had raised a red flag regarding fileless execution, however, the moment it let us know our system got encrypted. 2 - Uploading large volume of Data over the cloud - Using customized script in the USB, a test was conducted to copy (.docx, .xlsx, .pptx, .png, .jpg, .pdf, .txt, .rtf) files from the system. It performs a copy operation from the whole disk and creates a password-protected .zip file in APPDATA of the complete files, once the protected file is created it then checks the internet connectivity. As soon as the script finds connectivity with 8.8.8.8, 8.8.4.4. it starts sending the protected .ZIP file over its CnC cloud. 3 - Disabling of CS Falcon Agent - I have conducted a test to disable the Falcon agent from the Windows-based OS. The agent was successfully disabled by booting up another OS and renaming of agent files from the system. 4 - Perform Privilege Task in Crowd strike - CS roles have some additional privileges. While performing host containment, it has the ability to perform the following operations without informing the user: * Host Containment * Isolating the host from the network; * Copying data from the host machine into the CS cloud; Considering the above situation it may cause a breach of user privacy due to which user can file a complaint against InfoSec team.

We use this solution on all of our endpoints and servers.

I mainly use Falcon for endpoint protection.

We use CrowdStrike Falcon for endpoint protection.

I use CrowdStrike Falcon for endpoint security and compliance auditing.

I am using CrowdStrike Falcon to protect my endpoints from new zero-day threats.

CrowdStrike Falcon is used for endpoint protection for businesses. It's used for identifying threats.

We use CrowdStrike Falcon on all our devices, server, and workstations for security.

I am using CrowdStrike Falcon for system security.

We primarily use the solution for our Windows and Macs.

It is used for stopping data breaches. It is totally on the cloud. It cannot be deployed on-prem. They don't have any on-prem options.

CrowdStrike Falcon is leading the market in EDR. They are the first that to have this kind of solution against malware. They have an advantage in respect to the rest of the competitors. They offer a certain amount to protect in case of malware or cyber-attacks. They have a policy or insurance connected to the service. That's the reason why we choose CrowdStrike over other solutions.

CrowdStrike Falcon is working on our production servers.

We have several use cases including threat management, EDR, AV, and a SOC with 24x7 monitoring.

We use CrowdStrike Falcon as our EDR solution, including antivirus.

We implemented CrowdStrike because we needed to identify a new solution to address a 100% remote workforce, both because of COVID, but in general, our workforce is very distributed around the country.

We use it for our endpoint detection and response on our devices for both endpoints and servers. It has replaced our traditional antivirus. We are strictly using it now to do all our antivirus duties. We are primarily a Windows environment, 95 percent Windows. Then, we have a little bit of Linux and Macs in there as well.

We use this product for endpoint security and threat remediation.

We have various use cases. We are protecting servers and endpoints that are utilizing this product to focus on advanced, persistent threats, with the goal of reducing the overhead on the endpoint for early detection. Right now, we have not put enforcement, and we're moving to the next level of detection.

Our primary use case is for endpoint protection.

We use CrowdStrike Falcon to secure the endpoints and servers that we have on-premise.

We use this solution for threat protection and endpoint security. Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

The primary use case is digital security investigations using the dashboard.

We primarily use the solution for threat intelligence.

We primarily use the product as a security solution.

The primary use case of this solution is as endpoint detection and response.

The solution is primarily being used at our endpoint, which includes roaming users with laptops. It is being used in all of our servers at our data center. Our security team can monitor everything centrally using the Falcon dashboard. If there is an incident, our team can actually go to the root cause of the incident to try to solve it there.

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

We primarily use the solution as advanced threat protection. It is used to protect all endpoints, servers, etc.

We primarily use the solution for real-time ransomware protection.

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike.

CrowdStrike is an anti-virus solution, and we use it to protect our users from malware.

Our primary use case is as an endpoint protection service.

The primary use case is detection and forensics. The product is cloud-based, so we use the latest build which is available.

We use it for threat management.

It's security-related product. A security environment based on AIML. It is not like the older stuff, which used to have signature-based updates.

The primary use case is threat protection.

It logs automatically and generates alerts. It is all automatically integrated with the cloud.

Primary use is for endpoint investigations.