CrowdStrike Falcon Cloud Security Reviews

I have been using CrowdStrike Falcon Cloud Security for more than a year, approximately one and a half to two years.

My main use case for CrowdStrike Falcon Cloud Security is in our environment where we run workloads across multiple AWS accounts. Our organization is already using native tools from AWS such as GuardDuty, Inspector, and Security Hub. However, management decided they wanted deeper protection and better monitoring across all accounts. They wanted a centralized solution that would provide an additional layer of security. Although we already have in-house tools, we wanted an overlaying layer for faster threat detection and visibility in one central place. CrowdStrike Falcon Cloud Security helped us bridge this gap and extend our security across all other accounts. It has provided us a good layer of protection across all workloads including EC2, EKS, ECS, and several parts of our Linux servers.

To compare CrowdStrike Falcon Cloud Security to the native AWS tools I mentioned, such as GuardDuty and Inspector, we needed deep visibility and real-time threat protection. Along with the native AWS tools, we wanted an extra overlaying layer of security to our cloud environment to strengthen our environment security. We chose CrowdStrike Falcon Cloud Security to provide faster threat detection. This is why our organization decided to go with this solution.

I have seen a return on investment by preventing potential incidents and reducing threats, anomalies, or misconfigurations.CrowdStrike Falcon Cloud Security has nearly saved us some amount, though I am not exactly sure of the numbers since the Finops team handles the financial side. What we have gained from CrowdStrike Falcon Cloud Security is that EC2 downtime has been prevented and time has been saved considerably, around eight to ten hours per week through automatic onboarding and centralized visibility. We no longer need to switch between ten plus AWS accounts or perform manual scanning. We can now bring all our accounts together in one tool or solution. Our security has been significantly increased and it is pretty stable in our environment. This is one thing that CrowdStrike Falcon Cloud Security literally gave us with a positive impact and makes it a good investment.

To provide more detail about my main use case and how I use CrowdStrike Falcon Cloud Security day-to-day, I can share a specific example where it helped me respond to a threat. Recently, we had production EC2 instances across multiple AWS accounts, and CrowdStrike Falcon sensor was deployed automatically using the SSM Manager. We saw an alert where CrowdStrike detected anomalous behavior originating from some rogue IP address. This appeared to be potentially a DDoS attack in our cloud environment, which is fairly common when hackers try to get inside your network and gather organizational data. CrowdStrike performed very well here, detecting the alert and helping us identify that someone was trying to gain access. This really helped us have a broader view, and we acted accordingly in response to it. In any fault and threat detection, CrowdStrike Falcon plays a crucial role in our environment and gives us a clear point where we can focus our efforts rather than hunting down what is happening.

The best features CrowdStrike Falcon Cloud Security offers include their runtime security, particularly CrowdStrike CWPP. Their runtime security monitors processes at the kernel level and blocks any malicious behavior in real time. This is really good from Falcon as it protects workloads such as EC2 containers and Linux and Windows workloads at the OS level and kernel level. It detects any kind of credential theft or any movement within these workloads. Additionally, we see it elevates container security in terms of EKS, ECS, and ECR. It scans every image in our ECR and provides real-time vulnerability detection and protection for our container workloads.

Their threat intelligence is really good, and that is one part we really appreciate about Falcon threat intelligence.

Regarding how CrowdStrike Falcon Cloud Security can be improved, I would say they can improve their support. There were a couple of cases where we needed to escalate issues in order to get proper support. That part could use some tweaking on their end. Additionally, the recent incident during the last summer literally impacted our systems. We had some of our workloads that affected the business, and it was a difficult experience. Apart from that, it is a good tool and the experience with CrowdStrike Falcon Cloud Security has been excellent. We did not find any kind of issues, but if they could improve their response to security-related incidents and provide on-time support or better understand our concerns and address them accordingly, it could be very helpful.

Regarding needed improvements, I think they should enhance automatic alerting with CI/CD scanning and reporting capabilities. Additionally, it would be better to implement Falcon sensor health monitoring so agents are always active. We could know how it is behaving and how it is treating our environment. That could be a little helpful.

The customer support is pretty good, but it can be improved a little bit. I would rate the customer support on a scale of one to ten as a six. They have many improvements that need to be made.

Before choosing CrowdStrike Falcon Cloud Security, we also looked at Wiz, which is another cloud security platform. We evaluated Wiz before moving to CrowdStrike Falcon Cloud Security.

Regarding my experience with pricing, setup cost, and licensing, the sales team deals directly with this kind of pricing. In terms of licensing, it is a little expensive. CrowdStrike Falcon Cloud Security is on the higher side of the price part.

The advice I would give to others looking into using CrowdStrike Falcon Cloud Security is that if they already have any in-house cloud tools and want to enhance their security in their cloud environment, CrowdStrike Falcon Cloud Security can bring a positive impact. It is a really value-for-money tool. Otherwise, we did not see any issues. It runs lightweight and it gives accurate alerts, so there are no more false alarms. It is a good product to enhance your cloud and strengthen your security. I would rate this product an eight out of ten.

We mostly use CrowdStrike Falcon Cloud Security for different clients across the globe, and we have installed all the agents on most machines to monitor each and every employee, along with laptops and servers in AWS. We are the core monitoring staff with a SOC where we monitor for viruses, malware, and to remove harmful files. Our primary use cases involve monitoring miscellaneous activities.

I have been using CrowdStrike Falcon Cloud Security's workload protection features because it's a very lightweight agent. Its detection speed is remarkable compared to other tools on the market, including Trend Micro. CrowdStrike Falcon Cloud Security is user-friendly and provides detection transparency, allowing us to present real-time documentation to our executives clearly explaining any detected issues.

Workload protection features influence our security strategy significantly, particularly by blocking any suspicious activities on public-facing servers and generating immediate notifications for us to act upon. It helps in quickly identifying whether potential issues need to be whitelisted or blocked, and assists in troubleshooting when applications trigger false alerts due to bugs.

The most valuable capabilities of CrowdStrike Falcon Cloud Security relate to preventing attacks caused by human error, such as when someone plugs in a USB device or downloads something without caution. It automatically blocks duplication and activities that could result in data loss, effectively preventing unintended copying of data to personal devices.

Deduplication prevention is definitely the most valuable feature.

CrowdStrike Falcon Cloud Security excels in threat detection with a vast investigation structure, allowing us to verify suspicious activities to identify root causes. It helps us trace back to the origin and fix issues, making it a user-friendly tool for this kind of detection.

CrowdStrike Falcon Cloud Security is built on AI and ML technology, enabling it to detect various threats and block suspicious activities immediately, which is particularly effective compared to traditional AVs and EDRs.

The analytics provided by CrowdStrike Falcon Cloud Security is key for maintaining a proactive security posture. Its AI and ML foundations offer extensive information on threats and suspicious activities, making it renowned for analysis in the industry.

The improvements needed for CrowdStrike Falcon Cloud Security include reducing its high cost, which is currently quite expensive, and enhancing the executive reports that are user-friendly for technical engineers but require improvement for higher management.

More detailed and granular reports would be beneficial for better executive comprehension.

I have been using CrowdStrike Falcon Cloud Security for more than eight to nine years, but for the past two years, I have not been using it much because I moved into a different domain.

When evaluating the stability of CrowdStrike Falcon Cloud Security, their partnerships with all major cloud service providers ensure their servers are optimally positioned, leading to no latency or stability issues that I have observed.

CrowdStrike Falcon Cloud Security is indeed highly scalable, ideally for enterprises with a minimum of 2,000 servers to ensure cost efficiency and easier setup.

CrowdStrike Falcon Cloud Security is primarily suited for larger enterprises and not for small or medium companies.

I have a very good in-house team of about 20 to 30 people working with CrowdStrike Falcon Cloud Security, and we maintain excellent communication with their technical support, resolving any issues immediately without complaints on technical aspects or delays.

Based on my experience with CrowdStrike Falcon Cloud Security's technical support, I would rate them a solid 10 out of 10.

Positive

With 19 years of experience in the industrial field, I have also used technologies such as BigFix, Ivanti, Qualys, and I am considering reviewing Tenable, Ivanti Endpoint Manager, Ivanti Security Control, Tanium, and others, including HCL BigFix and Qualys Patch Management.

I participated in the initial setup and deployment of CrowdStrike Falcon Cloud Security.

The implementation plan I typically follow involves multiple installation methods, one being agentless via AD to push agents, and the other using patching tools such as Ivanti and BigFix. This process can take around 15 to 20 days for 2,000 to 3,000 servers or endpoints due to its user-friendly cloud-based configuration.

During the initial setup, I faced some false alerts due to older versions of some applications we used, which may exhibit atypical behavior. Normalizing these false alerts generally takes around one to two weeks after the initial installation to resolve and ensure smooth operation.

Our company has a partnership with CrowdStrike, so we are one of their partners, and that is how we acquired CrowdStrike Falcon Cloud Security. I bought it directly from CrowdStrike.

Some of our customers purchase CrowdStrike Falcon Cloud Security directly from CrowdStrike while others purchase it via AWS Marketplace or other marketplaces.

More than 12 million vulnerabilities have been identified and resolved while working with CrowdStrike Falcon Cloud Security over the past 10 years, which I have been monitoring diligently. This figure reflects the work done not only by me but also collectively with about four customers in one single console, giving a complete picture of our efforts.

The cost of CrowdStrike Falcon Cloud Security is currently quite high, which is an area that needs improvement, particularly for the executive reports that are user-friendly for technical engineers but require enhancement for higher management.

With 19 years of experience in the industrial field, I have used technologies such as BigFix, Ivanti, Qualys, and I am considering reviewing Tenable, Ivanti Endpoint Manager, Ivanti Security Control, Tanium, and others, including HCL BigFix and Qualys Patch Management.

I use CrowdStrike Falcon Cloud Security internally in my company. CrowdStrike Falcon Cloud Security is recognized for its reliability, and I can guarantee they are very reliable. My overall rating for CrowdStrike Falcon Cloud Security is 8 out of 10.

I have been using CrowdStrike Falcon Cloud Security for almost three years.

My primary use case involves securing endpoints and servers — approximately 6,000 endpoints and over 500 servers running CrowdStrike Falcon under the EDR framework.

In my daily work, we primarily use CrowdStrike Falcon to respond to alerts and handle BAU activities related to malware. This includes investigating both false positives and true positives, as the platform provides comprehensive protection for all our workstations and servers against malicious or suspicious activity.

Additionally, we leverage CrowdStrike Falcon for incident response and antivirus compliance purposes, alongside its robust EDR capabilities.

CrowdStrike Falcon Cloud Security has been a game-changer for us at our organization, securing around 6,000 endpoints and 500+ servers over the past few years. We've seen quicker incident responses, clearer visibility into what's happening across our setup, and less hassle managing tools since everything runs on one platform.

It spots threats in real time using behavioral analytics and machine learning, catching both known bad stuff and sneaky unknowns before they cause trouble. False positives dropped, making daily SOC work smoother without chasing ghosts.

When alerts hit, we isolate issues, kill processes, and remediate fast across on-prem and cloud. Ties right into threat intel for proactive hunting, fitting our endpoint-heavy workflow perfectly.

The best features of CrowdStrike Falcon Cloud Security, in my opinion, include the deployment process and management; it offers a simplified approach that is user-friendly for new users to understand quickly.

The dashboard of CrowdStrike Falcon Cloud Security is particularly helpful because it simplifies creating and maintaining policies, and managing endpoints becomes an easy process by allowing us to isolate endpoints as needed.

In addition to the dashboard, the features related to malware protection, integrated monitoring, file protection, network scanning, firewall policies, and IPS are really good.

CrowdStrike Falcon Cloud Security has positively impacted my organization by reducing false positives and enhancing security day by day; after testing it on 100 to 200 systems, we convinced the client to deploy it across 6,000 workstations and over 500 servers.

I did see significant changes; previously, there were multiple AV products, and after deploying EDR, many initial issues were resolved as we strengthened our policies over time.

I have been using CrowdStrike Falcon Cloud Security for over 2.5 years.

CrowdStrike Falcon Cloud Security is stable in my experience.

The scalability of CrowdStrike Falcon Cloud Security is good, and it can easily scale up to over 20,000 or 30,000 endpoints.

Customer support for CrowdStrike Falcon Cloud Security is good; I find it satisfactory.

I would rate the customer support an eight out of ten.

Positive

Previously, I used multiple solutions including Microsoft Defender, Sentinel, Trend Micro, Trimix, Palo Alto, and Symantec, and while I am currently working with CrowdStrike Falcon Cloud Security and others, I have not made a full switch yet.

CrowdStrike Falcon Cloud Security setup is straightforward.

No integrator, reseller, or consultant was used for CrowdStrike Falcon Cloud Security deployment at our organization.

In-house SOC team handled it directly via lightweight agent scripts and console setup, keeping it straightforward and controlled.

I believe we have seen a return on investment through time saved and managed employee workload, allowing fewer employees to manage everything effectively.

In terms of pricing, the setup cost and licensing are comparatively a bit expensive, but the solution's effectiveness and mechanisms justify the cost.

Before selecting CrowdStrike Falcon Cloud Security, I evaluated Trend Micro because it provides good solutions, the latest being Vision One.

For those considering deploying CrowdStrike Falcon Cloud Security, I strongly suggest deploying it as soon as possible since it reduces both employee workload and time, while enhancing operational efficiency.

Overall, I find CrowdStrike Falcon Cloud Security to be excellent, making it accessible for both beginners and experienced users alike.

I rate this review a nine out of ten.

I usually work with CrowdStrike Falcon Cloud Security. I work with all the modules, IDP, and the Falcon EDR. My experience with them has been great. I requested information because a customer was about to switch from CrowdStrike IDP to Microsoft ITDR, so I needed to understand the differences and what makes ITDR special. I work as customer support for the majority of banks in Nigeria, supporting their CrowdStrike Falcon Cloud Security implementation. I needed to understand what was making some of them switch from CrowdStrike to ITDR, and the basic reason was cost. In terms of technicality, CrowdStrike Falcon Cloud Security was obviously better, but it was a bit expensive for them.

The typical use case for cloud security varies. Sometimes, rather than using Rapid7 exposure management, some customers use CrowdStrike Falcon Cloud Security to monitor their assets on the cloud, providing insights into vulnerabilities on machines, exposed assets, and misconfigurations.

Compared to before, in respect to breaches and downtime, they have seen significant differences.

Customers love the UI of CrowdStrike Falcon Cloud Security. They appreciate everything about the dashboard and dashlet. The majority of customers particularly love how seamless the integration is - just copy and paste in your AWS terminal and you're good to go.

The threat detection capability of CrowdStrike Falcon Cloud Security has always been the major seller, and it works effectively. Looking at the detection index for the last two years, CrowdStrike Falcon Cloud Security is consistently ranked number one. Then you have MD and Sentinel alternating positions. In terms of threat detection, CrowdStrike Falcon Cloud Security has always been top-notch in how they explain the workflows.

In terms of improvement, CrowdStrike Falcon Cloud Security could expand into the remediation path. While there is the IT security module, looking at competitors such as Vicarious and SCCM, there is room for advanced capabilities. If CrowdStrike Falcon Cloud Security could implement pushing out remediation from the sensor installed on machines, that would be beneficial. This feature is likely in their pipeline, but implementing it faster would help them maintain their competitive edge.

I am a partner with CrowdStrike Falcon Cloud Security.

The initial setup and deployment of the solution is straightforward.

I have seen a return on investment with CrowdStrike Falcon Cloud Security.

CrowdStrike Falcon Cloud Security is relatively new, approximately a year or two old. I have experience working with both CrowdStrike Falcon Cloud Security and Microsoft Defender for Identity.

I work with CrowdStrike Falcon Cloud Security, Falcon LogScale, Observability, and Sandbox. Different teams manage different parts of CrowdStrike's workload protection features.

I rate CrowdStrike Falcon Cloud Security 9 out of 10 overall.

I am working for an MSSP. We use CrowdStrike on a daily basis for different clients across the globe for security purposes and for monitoring and remediating threats.

We have installed agents on the machines of employees in different organizations. We monitor their activities and block several applications. For example, if an organization does not want its employees to use WhatsApp on company-provided laptops, we block such applications. We also monitor malicious activities. If an employee downloads a file from the internet that is not legitimate, such as a virus or malware, we connect to the machine, remove all the files, and run different scans to ensure nothing is harmed.

Additionally, we use it for inventory purposes. At the end of the year, for audit and compliance, I gather information about how many devices, servers, and workstations we have and what their types are.

It helps us by automatically blocking certain applications or activities. We can prevent employees from copying data or attaching any personal USB devices to company machines, thus avoiding malware transfer or data theft. We can block USBs and unwanted applications. It automatically blocks and remediates malicious activities, so we do not have to do regular checks.

For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower. There are no bugs because they release updates continuously. We highly appreciate that, but during hunting or running a query on different logs, the time frame has increased in the past six months. It takes longer to give us the results.

Another issue is the lack of proper documentation. During investigations, there is no proper documentation available. This is a problem because many people are saying there should be proper documentation explaining what CrowdStrike captures from the machine and the meaning of it.

I have been using it for more than three years.

It is stable, but sometimes it shows instability. Occasionally, when the workload increases, it slows down considerably and sometimes becomes unresponsive. I would rate it a seven out of ten for stability.

It is quite scalable. I would rate it an eight out of ten for scalability.

It is deployed across multiple departments and multiple locations. Some people are in one country, and some are in another country.

I have contacted customer service, and they are fast. I have had a good experience with them.

Positive

We have some clients not using CrowdStrike due to cost or other factors. In our opinion, CrowdStrike is the best solution, which is why we recommend it to our clients. Almost 90% of our clients who receive our services use CrowdStrike. Its users include various organizations such as banking, financial, and other organizations.

Over the past three years, more than ten clients have purchased it. Some are using all of its features, and some are using fewer features depending on the budgets and requirements.

It is straightforward, but sometimes, we have difficulties with installing the agents on some machines. It happens quickly, but sometimes it takes a few minutes. It depends on the infrastructure and the machine.

The deployment duration depends on the organization. If the organization is big, it takes a large amount of time. If it is a small one, it is real quick.

The implementation strategy is to use automated scripts that run on the cloud. This automatically reflects changes across thousands of machines.

It does not require any maintenance.

We implement it ourselves.

Compared to other EDRs, CrowdStrike is expensive. However, the main point is that even though it is expensive, it provides a huge capability to the organization. It is expensive, but it adds value.

I would recommend it because it is the best one I have ever used. It has greatly helped me improve my investigative skills in my job. I have gained a lot of skills by using this product. 

Overall, I would rate it a seven out of ten.

I use the solution in my company primarily for endpoint detection and response. Our company has multiple endpoints at different levels, and this is basically to detect anomalies. At the back end, we have a Splunk Data Lake, where all the data goes. We use the same for alerting and monitoring purposes, on the basis of which we take action. The tool is basically used in combination with Splunk and other tools that we have in our company.

I am not part of the current monitoring team, so I do not know how they feel about the tool. I am sharing information related to the tool based on the feedback and on my experience deploying it four to five years ago.

I would not say the tool's integration capabilities were straightforward because the complexity depends on the volume of the data. I am talking about petabytes of data, so sometimes, the integration part is not so straightforward. I would say we have had our own share of issues. All in all, we were able to manage it in the long run. I tried to integrate the issue with Splunk Enterprise Security and Splunk Data Lake, too. I am not a user of Splunk, but I have just implemented it to support my customers, who are the primary users of the data.

I have been using CrowdStrike Falcon Cloud Security for four to five years.

The scalability of the product has been great. My company started off with 1,50,000 endpoints, and now we are at 2,00,000, and I believe that it speaks volumes for itself. The tool's team has been super supportive when it comes to providing support, helping us out with upgrades, and letting us know how things could work. I believe the experience with the tool has been good.

Nothing is perfect in this world. There will always be positive and negative aspects associated with the product. I have heard more positive things about the product than negative statements. As an enterprise, when you are dealing with a vendor, there are chances where, you know, there will be few misses and lots of hits.

I have experience with FireEye. In 2019, my company migrated from FireEye to CrowdStrike Falcon Cloud Security.

The product's initial setup phase is not really difficult, especially if you have managed the setup phase before. In our company, we migrated from Mandiant to FireEye and from FireEye to CrowdStrike, so it has been a journey for us over the last ten years. You get to learn as you go and embark on a journey. We were able to deal with challenges in the area of deployment that we were trying to perform, and there were not many from the vendor side. Still, at the enterprise level, you have endpoints that are across different landscapes, like if you have a cloud platform or an on-prem model, and then you have things that the vendors manage. If you are trying to deploy things at different levels with different scales, you may face some challenges, but nothing in particular with the vendor, I would say.

I have experienced an ROI from the use of the product, and it is definitely one of the biggest takeaways or the reasons that my company migrated from FireEye to CrowdStrike. The features that CrowdStrike offered our company were far more in-depth than those of FireEye. I am not saying that FireEye does not offer great features, but with the kind of landscape that we operate on, we felt that we would be better off with CrowdStrike than with FireEye. We have FireEye, and we saw that there were certain shortcomings. Getting down to the specifics, I am not part of the monitoring team, so I will not be able to give you very crisp data about it.

CrowdStrike Falcon Cloud Security's features have proven to be the most effective for detecting and responding to threats. While I was involved in the deployment, I was not involved in the product's day-to-day activity, as I was not a part of the monitoring team. I was basically on the deployment team. I do not use it on a day-to-day basis.

Speaking about the integration of CrowdStrike Falcon Cloud Security within our existing infrastructure and with third-party solutions, I feel that everything has been okay, and it is something that we need to figure out as an enterprise. When you are trying to do things at a very large scale, consisting of more than 1,50,000 endpoints, that is the scale within the enterprise that we were dealing with in the past, and it has crossed 2,00,000 right now. When trying to integrate it with other applications, the likes of Splunk or other data lakes, if I have to say, but categorically and specifically Splunk in the current case, you have to see how that is going to work and ensure whether everything will be seamless or not, and it may not be something that is possible at the first instance, but you need to try things and see what works and what does not. You also got to get the vendors along, and that is basically what my company did. In our case, we got people from CrowdStrike speaking to people from Splunk, after which whatever integration issues we had were resolved.

I recommend the product to others who plan to use it.

Everything depends upon your use cases since not one size fits all templates. The use cases vary from organization to organization. In our case, CrowdStrike Falcon Cloud Security suited us the best, which is why we went with it and moved away from FireEye, which may or may not be the case for others. I know organizations that continue to use FireEye, and they are pretty happy with it because it suits their requirements. It just fits all the use cases that they have listed out.

Whether the product needs to increase your marketing strategy or not is something that depends on what the solution wants to achieve. As far as I know, CrowdSrike has a sizable base in the market, but it completely depends on what they want to do. I don't think I am the right person to suggest or tell CrowdStrike what they need to do because the product is managed by a set of stable and sane minds who would decide how they want to strategize things when it comes to sales.

I rate the tool a seven to eight out of ten.

We give MDR services to many clients and extend the basic capabilities with these modules.

The automation capabilities that the tool has in order to automate responses and actions.

It's quite easy to use, as I understand the feedback from the team.

It is effective for detecting and mitigating threats.

We are automating a lot. So, it offers good automated response capabilities.

There are some issues with certain applications. We have been having some problems with Microsoft Teams and other applications.

So, there were some integration issues with this product.

The main concerns are occasional maintenance issues, less than perfect stability, and complexity compared to SentinelOne.

We have been CrowdStrike partners for three years and have been using ASPM for one year.

The agent is usually stable, but there have been recent instances of high CPU usage. In general, it works fine.

Overall, I would rate the stability a nine out of ten, one being unstable and ten being very stable. So, there's always room for improvement. 

In our experience with clients no larger than 10,000 endpoints, it's scalable. 

I am not sure about the large infrastructure for around 20,000 to 50,000 endpoints because it is complex for a large infrastructure. 

The customer service and support are satisfactory. 

Positive

We are CrowdStrike partners and have a client that uses Kaspersky, but we are looking at what kind of analysis and comparisons are available in the market.

It's easy. In general, all of the CrowdStrike modules and deployments are easy.

We provide support to the client, and the IT people install it. There are no problems because some clients have better tools to deploy, but there are many ways to do the deployment. It's easy, and we have a 24/7 support team. Deployment doesn't consume many hours.

It's easy to maintain, but sometimes there are issues with particular applications. Those have to be worked around, but in general, there are no other issues.

One engineer is enough to deploy the solution.

It's not the cheapest, but the price is fair. Some clients find it expensive, but it's scalable and has many modules.

So, the price is not too high, it is okay. 

We have tried others but ultimately decided to provide MDR service only with CrowdStrike. We tested Microsoft and Palo Alto Cortex.

We do a lot of incident response, and we chose CrowdStrike for its superior features in that field. The alerts are clearer, and the capabilities are much better than the others. 

But, it's a complex product. SentinelOne, for example, is much easier to use but lacks the same capabilities. For an EDR, it's better to have experts handling it and utilizing all the features CrowdStrike offers.

So, CrowdStrike is a bit complex compared to SentinelOne. It's more complex because it has more features and configuration options, but not inherently complex. The solution is complex because it's very good and has a lot of customization options.

Overall, I would rate it a nine out of ten. 

I use the solution in my company to collect information about protecting the endpoint, configuration assessment, and vulnerability assessment.

The solution's most valuable feature is its threat emulation part, but there are many other important features for cybersecurity security, including endpoint protection. However, vulnerability management is for prevention, and so on.

In terms of the improvements, a detailed profile for the users for the administration of the assets will be provided so they can see the events directly on the platform if needed. In order to see events, with our policies, it should be possible from the specific assets; a user should be able to see the events related to the datasets. One of the main concerns about the tool is that the solution provides features without detailed profiles for those who should see what type of information.

The tool should do some more tests before going for updates automatically.

I have been using CrowdStrike Falcon Cloud Security for around a year. I am a user of the tool.

In terms of stability, a few days ago, there was a huge issue with CrowdStrike Falcon Cloud Security. There are some issues with the tool's stability. Many airports faced issues as airplanes were delayed in July 2024. It was a large event that left a bad impact worldwide.

I rate the tool's stability as a six out of ten.

It is a scalable solution. Scalability-wise, I rate the solution an eight out of ten.

The tool is used in telecommunications.

Around 20 people use the tool with the administration team.

I think there is a plan to increase the number of users, and it is necessary to provide this information for the different operational areas where there are a lot of people.

The support team is not able to resolve our issues in a timely manner. I rate the technical support a seven out of ten.

Neutral

The product's initial setup phase is easy. If ten is easy, I rate the product's initial setup phase an eight out of ten.

It takes a long time to deploy the product since we have a large pack of devices here. We have a lot of different types of devices, so we need to be careful when implementing the functionalities and the agents.

The solution is deployed on an on-premises model, but we are planning to go to the cloud.

The solution can be deployed in around six months.

My company has evaluated tools for vulnerability management.

In terms of the threat detection capabilities, it is a good product. It is a good tool, considering all the information it provides and the automation it delivers.

In terms of the automation part, the tool has some rules that can be applied automatically. I can identify or be aware about a specific event with the help of the tool.

In terms of the improvements I have seen in my company using the tool, I would say that it offers a clear visualization of all the threats that could be on our network. I can see all types of vulnerabilities that could be dangerous or critical for us.

For now, it seems the tool is a good solution for protecting endpoints and mainly for the areas that are using Windows-operated systems.

I recommend the tool to others. It seems that when we installed the agent, it became a solution that could provide a lot of information in a centralized way.

I rate the tool an eight out of ten.

We are a small company using CrowdStrike Falcon Cloud Security for next-generation endpoint security and antivirus protection. We do not have dedicated threat hunters on the platform and primarily use it for endpoint protection.

CrowdStrike Falcon Cloud Security helps us ensure that our endpoints are protected, which was essential for achieving the Cyber Essentials Plus certification. It also allows us to demonstrate to partners that we are diligent about protecting both our data and theirs.

The most effective feature is the machine learning aspect, which detects unauthorized scripts and potential data exfiltration. It provides alerts on suspicious command executions, helping us safeguard our systems.

The user interface needs improvement as it's sometimes difficult to locate specific dashboards or reports. Simplifying the naming of elements in the UI could make it easier and more intuitive for users.

We have been using the solution for about six months.

I recommend CrowdStrike Falcon for companies of all sizes, from small businesses like ours to some of the largest companies in the world.

We do not expect to get a direct ROI. It is an expense we are willing to pay to conform to Cyber Essentials Plus and demonstrate responsibility in protecting our data and that of our partners. It also helps in mitigating third-party risks.

The pricing for CrowdStrike Falcon Cloud Security is reasonable, especially for small companies with limited budgets. It is essential for achieving Cyber Essentials Plus and is cheaper than solutions like Splunk for Next Gen SEAM.

CrowdStrike Falcon Cloud Security is not recommended for highly sensitive data environments, such as government intelligence services, where cloud products might not be suitable.

I'd rate the solution nine out of ten.

I have been using CrowdStrike Falcon Cloud Security extensively for maintaining endpoint security. It is mainly used to protect systems against malicious binaries. In our cloud environment, we use it by deploying agents on our cloud instances operating in AWS and GCP to protect these instances from malicious binaries.

The solution has significantly enhanced our incident response times when dealing with malware or possible malicious file activities. It allows me to log into machines and pull copies of suspected files, eliminating the need to physically obtain the machines for analysis.

The most valuable features are the real-time response, which allows me to log into a machine to pull files and check signatures for malicious activities, and the ability to restrict USB block storage usage on endpoints by policy.

There is room for improvement in the solution's ability to handle Linux systems. It does well for Windows, but it relies on binary scanning for Linux and lacks comprehensive rules for detecting suspicious behavior. I have had to develop my own custom rules in CrowdStrike for Linux.

I have been using this product extensively for about the past four years.

Apart from the recent media attention for causing some instability worldwide, the solution is quite stable and I haven't had any major concerns.

The solution scales very well, with the only limitation being the licensing purchased.

I have used Carbon Black extensively in the past.

The initial setup is mostly straightforward. They provide a simple way to deploy the endpoint, simplifying the installation process for users.

The solution is quite expensive. The pricing fluctuates based on various factors such as company size, and there is room for negotiation, but it is generally expensive enough that most midsize companies find it difficult to afford.

I would advise first-time users to monitor the number of endpoints regularly to ensure they are checking in. Additionally, they should add custom detections for Linux to identify unexpected behaviors, as the default detection for Linux is not very comprehensive.

I'd rate the solution nine out of ten.