CrowdStrike Falcon Complete MDR Reviews

We switched from Trend Micro products to CrowdStrike Falcon Complete MDR. Previously, our internal team was managing Trend Micro, but there were some gaps in managing it. We have now selected CrowdStrike Falcon Complete MDR, which is a managed detection and response product that is completely managed by the Falcon US team, and everything is perfectly managed by them.

We are using the threat intelligence feature. The US team showed us how to use it during a call. From the beginning, there were large volumes of detections we were getting, and we were able to look granularly at each system to see what vulnerabilities and threats we are receiving and what kind of IPs are hitting us. We were able to look precisely at each end user and started working on blocking and blacklisting threats. Now we are getting very rare notifications on these threats or any hits.

We are getting real-time response from CrowdStrike Falcon Complete MDR.

Sometimes we are facing performance issues with the end-user systems, and sometimes it is blocking a few of our applications, which we later resolve with the team. Recently, we were having our call center application running on the systems, which suddenly stopped working because CrowdStrike Falcon Complete MDR was not allowing it to run. After removing CrowdStrike Falcon Complete MDR, it started working, and then later we added the application URLs and the communication URLs to CrowdStrike Falcon Complete MDR allow list, so it started working.

Some processor utilization needs to be dropped because now Windows systems are consuming more CPU and RAM than earlier. Windows 10 was fine, but Windows 11 is consuming more CPU and RAM. If CrowdStrike Falcon Complete MDR is contributing to consuming the resources, then other applications are taking a lot of time to run. In Windows 11, we are facing this issue sometimes, and we need more powerful systems than earlier.

I would also appreciate improvements on the pricing side. Some of our locations where people are isolated, we are not buying CrowdStrike Falcon Complete MDR due to the pricing. If there is a nominal reduction in the price, then we will go for everyone in the organization.

It is now three years since we started using CrowdStrike Falcon Complete MDR.

For technical support, I will give a perfect 10 out of 10.

Positive

We switched from Trend Micro products.

I am fully satisfied, and there are no complaints. My experience with CrowdStrike Falcon Complete MDR would be a nine out of ten. For the pricing of CrowdStrike Falcon Complete MDR, I suppose it is a little higher than other products. I give nine for the valuable insights gained from CrowdStrike Falcon Complete MDR reporting and analysis features. I give 10 out of 10 for the effectiveness of its automated threat responses in our security operations. My overall review rating for this product is 9 out of 10.

There are several use cases for CrowdStrike Falcon Complete MDR. The main ones include 24/7 threat monitoring, business continuity assurance, and incident response and containment. The solution provides rapid isolation of endpoints and prevents lateral movement.

The solution offers seamless SOC extension, zero-day protection, advanced threat intelligence, and rapid incident containment. There are four main categories regarding the features: detection capabilities, response capabilities, operational value, and business value.

The threat intelligence features provide numerous benefits, including a customizable dashboard, automated enrichment, and real-time threat feeds. The real-time threat feeds provide reduced alert fatigue and faster incident response capabilities.

There are several issues we are facing with CrowdStrike Falcon Complete MDR, including data overload, noise, and false positive alerts. We experience alert fatigue, contextual gaps, integration complexity, and timeliness of intelligence challenges in our environment.

Areas that should be improved include noise reduction, prioritization, real-time delivery, and advanced threat coverage. The filtering algorithm should be improved to address these concerns.

The customer has around two to three years of experience with this tool.

The deployment was seamless. While there were some hurdles, we mitigated them accordingly. We received assistance from a consultant from the local vendor side.

The stability is approximately 80% satisfactory.

There were several hurdles regarding scalability levels. We needed to implement policies and make various adjustments. After a certain period, we achieved our objectives accordingly. Once all objectives were met, the solution proved to be fully scalable.

The L1 engineer should be more technical to improve the support.

Neutral

We previously used the Kaspersky solution. After spending considerable time with Kaspersky and experiencing numerous issues and hurdles, we decided to switch to CrowdStrike.

The initial setup provided smooth onboarding, rapid deployment, 24/7 expert monitoring, and faster detection and response capabilities.

We received assistance from a consultant from the local vendor side.

We have a strategic plan and intend to work with the solution on a long-term basis.

The cost is not reasonable and should be more cost-efficient. From an enterprise level perspective, it should be reduced by approximately 20 to 25%.

There were several hurdles regarding scalability levels. We needed to implement policies and make various adjustments. After a period of time, we achieved our objectives accordingly.

My position is Assistant Director, and I can be reached at fahad.jamil@punjab-zami.gov.pk. I am available anytime, though scheduling an appointment in advance is preferred. After multiple attempts, we finally managed to connect, and it has been a great meeting with both you and the CrowdStrike team. The reviewer rated CrowdStrike Falcon Complete MDR a 7 out of 10.

I use the solution in my company on the endpoint, and then we're using it on our point of sales in all of our franchisees' locations, and then we have about seven brands. We are deploying a new point. We are using it as our main endpoint protection. We are trying to monitor all activities happening at our franchisees' locations proactively, allowing us to realize we have to be very proactive. Most of the time, our franchisees are not as proactive. The changes in PCI DSS 4.0 are forcing everyone to be a little bit more proactive, so we have to educate and be a little more involved to ensure we have solutions in place because we are the ones who select the point of sale system. We often tell the franchisee what point of sale to use in the back end, and because of that, they feel like that is our company's responsibility, but it is really a shared responsibility. Even though we make that selection and buy the tool, they also own the responsibility of making sure they protect the brand. We decided to take that out of their hands and decide their endpoint solution. We made it a part of the package, and it got deployed, but that allows us to be proactive in protecting our brands. If they do anything that actually puts our brands in jeopardy, we are able to proactively respond and stay on top of that to avoid breaches and things of that nature.

The most valuable features of the solution stem from the fact that we can track all of it in one place across all those different locations. Because it's cloud-based and reports up to the cloud, we also have access to the back end, and an incident response team monitors all incidents. We also have an escalation process in place. From my perspective, there are other pieces of CrowdStrike that the security architect team uses as well, but I don't get involved with those as much. I usually just wait for the end results or the notification if I need to get involved if there is an incident.

The tool's customer service team’s inability to respond to our company’s queries is an area where improvements are needed.

I have been using CrowdStrike Falcon Complete MDR for a year.

The number of endpoints we deal with is changing, but ultimately, there will probably be at least 12,000 endpoints. It is a two-year project, so we are only tagging it by the end of the year for our new point of sale. Currently, the endpoints are only on one point of sale we use. We have an initiative to push out our new point of sale, and the solution is included. As we standardize one point of sale, we will cover that piece of it, but again, it is probably going to be about 12,000 endpoints.

I would say the tool's customer service has been able to respond and give us the answers that we needed. I rate the technical support an eight out of ten.

Positive

Before CrowdStrike, we had Cylance.

We switched from Cylance to CrowdStrike because, and I just want to make sure, it probably had more to do with the cloud side of things because we also use CrowdStrike for our cloud or AWS environment. We needed a platform that allowed us to unify the management piece of it, so we switched over to CrowdStrike, which manages the endpoint side. We also use that on our AWS business side to manage that whole infrastructure.

The product's initial setup phase was very straightforward.

I was involved in the setup phase with the original part when a testing piece happened at the store level. I was involved in making sure that the infrastructure could operate and function with that endpoint protection piece. The part that I was involved with came with a lot of requests for firewall changes.

The implementation strategy was able to when a point of sale is being pushed or updated or upgraded to the franchisees, that it is part of a package or image, the agents were automatically installed. It rolled into the store deployment piece of it, and that was probably the biggest strategy, making sure that it was a part of the actual roll out for the point of sale system.

The solution was deployed with an internal team of 15 people, counting the third-party support teams we outsource with, which provided the first-level support for the tool. Even after we deploy the tool, it is all about making sure those guys are able to respond and things of that nature. A lot of times, infrastructure had to be standardized, but along with that, standardization allowed us to be able to the point of sale, include the endpoint solution, and move forward.

Speaking about ROI, we have seen what a breach can cost us. With a couple of years behind us, we have seen where breaches cost us. Not having a solution that allows us to be proactive is one of the main reasons the solution is being deployed. We are seeing how to take more than 6,000 locations across the US and stay on top of incidents and security changes happening daily. We know that the return is huge just from being proactive. When there are incidents, the fact that we can control and manage it across all of our brands is probably one of the biggest wins for us because before, we had different points of sale, but not all of them had endpoint protection, so we were very vulnerable.

I know for a fact we evaluated other options. I have no clue about what they are or were because I wasn't one of the evaluators. Andy and Willy evaluated the different options, and they came back with CrowdStrike. We had started deploying CrowdStrike even before Andy joined the team, and he took it over with Willy and added more features to it.

The good part about it for us is that one of the big questions is that I think CrowdStrike is definitely one of the leaders, and we love the product. One of our big challenges was trying to figure out the cost around it and how to take that cost and push it back to our franchisee. I think we are starting to figure that piece out. One of the good things about the CrowdStrike Falcon Complete MDR on the endpoints side of it is that we were looking for something that supported Windows, iOS, Android, and Linux. I think they check all the boxes. I think I'm finalizing what we will be able to do on the Android side of things and the iOS side of things. I think we are at a point where we're getting to a point with CrowdStrike where we know what the cost is, and we know that it's a viable solution. It is about getting the numbers together to see if it makes sense from a financial standpoint.

I know that the team was working on getting better numbers, and they did. I think that allowed us to be able to move forward on working on the numbers to present to our executive team. I got to speak with them this morning, and I know that they got the numbers, so I think we have a good place, to be honest with you, as far as numbers now.

The maintenance part is good. The main thing is that we are in the retail sector, and somebody at the end of the day on the retail side will manage things when a point of sale goes up or down, making sure that everything is in place. There is somebody on the security side who manages everything and has to address when an endpoint is being removed or is offline, so there are two people on it. There is also a 24-hour support team, whether that be our offshore team, which is mostly going to be an offshore team that will respond to issues. But again, you have a security team that is going to monitor the endpoints and know when they are offline, kick off tickets, and push to the support team to make them look into it. Somebody on the retail team should be able to tell us that a particular solution has been upgraded, so there is always a little checking and balancing when it comes to things on top of what is happening on the point-of-sale side of things on the payment side of things.

The tool offered us the flexibility that we needed. The biggest thing is that it allows us to work because we are moving to a franchisee or hospitality solution or platform solution, especially for security-conscious people. In my industry, it has not always been as security-conscious. Security was only pulled on an as-needed basis. We are changing the atmosphere. We are changing that and being more proactive. That is why some of our processes take us a minute. We are not just in all locations, making things a little more challenging. You have to push and make sure the cost doesn't disrupt what a franchisee has going on. You have to look at it from a holistic standpoint. The solution has allowed us to do that and gradually push the security needs that we need to have in place.

I rate the tool a nine out of ten.

Neutral

I am an analyst in cybersecurity with a focus on detection and response. I entered this portal because I needed comprehensive, comparative bundles for endpoints. 

My experience includes working with CrowdStrike, SentinelOne, Microsoft Defender, and Kaspersky using the licenses we have. I am an endpoint analyst in deployment services, and we practice reclamation. We use this in our clients, primarily for detection and response. The next-gen Censi works best with other clients, but detections perform best with our clients.

The features of Firewall Management control, combined with controls in NextGen, are the most useful for our clients. These features are crucial in detection. We have achieved 100% success in detection with our clients and have no need for reclamation. The documentation is well-prepared for deployment, and the support team responds quickly. Processing performance for detection and configuration is also beneficial.

There is room for improvement in the AI of CrowdStrike, known as Charlotte AI, which my team does not currently use. I have not had contact with it at this moment. 

Additionally, patch management in vulnerabilities needs improvement.

I have worked with CrowdStrike Falcon for two years, although I do not currently have a certificate. I am studying to obtain a Falcon certificate.

The solution is stable, like Falcon, and does not cause any problems for the agent to work with minimal memory. It does not have the right processes in workstations, which is different from other endpoints.

Regarding the scalability of CrowdStrike, I don't have any problems. It is easy to scale with the support of CrowdStrike.

With the support of the CrowdStrike team, I rate them a ten out of ten. I don't have any problems with support. Almost every time I send a message to support, the response is fast. The CrowdStrike team does not break the SLA time. We maintain separate communication within SLA time.

Positive

I have experience with the product we've been working with, Kaspersky, Defender, and SentinelOne.

The setup is easy. The documentation is well-prepared for deployment. Deploy is mostly migrated, making it easier to pass to the final client.

My team is composed of five members who work in deploying clients. We include five cybersecurity analysts. My squad has both CrowdStrike and three people.

They expect a return of 30% to 40%.

I have experience with the product we've been working with, Kaspersky, Defender, and SentinelOne.

I recommend this product as it is a very powerful endpoint. Compared to other endpoints, it is one of the best in detection and response. I rate it nine out of ten. The management with the console is easy, costs are low, and the detection response alerts are very fast. I mentioned AI and patch management in vulnerabilities earlier.

We use CrowdStrike Falcon Complete as our MSSP.

We previously relied on antivirus products like Sophos and Malwarebytes, which seemed to function adequately. However, Sophos lacked centralized management, requiring our IT team to manually review over a hundred security notifications daily. This became an unsustainable workload, prompting us to seek a solution that could automate the notification review process. That's when we began exploring different options.

CrowdStrike Falcon Complete has significantly bolstered our security posture. While the active monitoring itself is valuable, it was consuming resources from our IT team. Now, with CrowdStrike's Managed Detection and Response service, our IT team is freed up to focus on other critical tasks.

The response service is the most valuable as it frees up our IT staff to focus on other tasks.

Like any other solution, a lower price would make CrowdStrike Falcon Complete more appealing.

I have been using CrowdStrike Falcon Complete for one month.

CrowdStrike is stable.

CrowdStrike is scalable.

CrowdStrike's service is excellent.

Positive

We previously used Sophos in their cloud environment. While it performed adequately for its intended purpose, it lacked managed detection and response capabilities. This meant our IT team shouldered the burden of MDR, which is why we transitioned to CrowdStrike to offload that responsibility.

The initial deployment was straightforward. Our strategies ensure comprehensive agent deployment across all machines in the organization. Therefore, we leverage deployment tools to efficiently distribute software throughout our network.

One person from IT was required for the deployment.

The implementation was completed in-house.

The return on investment comes from two key benefits: a more secure environment and the offloading of security log monitoring from our team to CrowdStrike's experts.

We pay $50,000 for the 200 endpoints we have.

In our search for a managed security service provider, we shortlisted three vendors: SentinelOne, Carbon Black, and CrowdStrike. After consulting with some security specialists, we determined that CrowdStrike would be the best fit for our needs.

I would rate CrowdStrike Falcon Complete eight out of ten.

The costs met our expectations. After consulting with Hamilton, CDW, and an independent security consultant, CrowdStrike Falcon Complete emerged as the leading solution in the field. We therefore decided to implement it.

The maintenance is completed by CrowdStrike.

We are using CrowdStrike Falcon Complete. We are using the managed service program, where they do proactive monitoring.

My usage usually includes logging in and looking at the dashboard for any anomalies or anything I need to know and responding to any severity alerts in red, yellow, or green. 

They actively stopped someone scanning our network and found vulnerabilities that we did not know. They were put to the test quickly. Pretty much after we signed the contract, they were responding to something at 1:30 in the morning.

It went live in Q4 when we acquired a hospital. I cannot even tell how many patches were down. CrowdStrike did a vulnerability scan, and as they were doing the scan, they caught a bad actor. We finalized everything at 5 PM, and at 1:30 in the morning, they caught someone.

I am not a CrowdStrike fanboy, but as an IT leader, they make my life easy. I like proactive monitoring and remediation, so I do not have to guess or run around. They are doing everything for me. Secondly, what sold the CEO on it was the insurance policy. After they do a clean slate, they are willing to issue an insurance policy for cybersecurity. They are doing something that nobody else does. Outside the technical piece, they are talking the talk and walking the walk of issuing your policy once they certify that you are fine. They issue a cybersecurity policy once they certify your environment has a clean bill of health and data protection.

Their proactive monitoring has been the most effective in stopping cyber threats. There is only so much you can do when you are in the office. There are only so many tools that you can buy that can help you. You can say what you want, but all the tools for IT are more reactive. They are not proactive. Somebody has to be on the front line.

I love their dashboards. It was more or less a paradigm shift in 2020, but now I am used to it. It was a paradigm shift because it went away from the norm.

The biggest thing is to scan into your Office 365 environment, not from a cloud access security broker standpoint, but from the Secure Access Security Edge standpoint in protecting the Copilot ecosystem. Copilot has become more widely popular than I could have imagined. You need to back up and protect your Office 365 tools anyway, and Copilot is just a high sense of awareness.

We have been using CrowdStrike Falcon Complete since November 2021. 

Over the last couple of years, I have seen how they have grown. I am happy with their evolution.

I love the team. They have a fine balance of technical and service. It is a very good thing. I would rate them a nine out of ten because everybody has room to improve.

Positive

The reason for going for CrowdStrike Falcon Complete was simple. A managed service provider was compromised. We were compromised because an attack came through our managed service provider, and the fine print of their contract said that they are not responsible for any threats that happen.

It is a cloud solution. The endpoints are installed on each computer, but everything else is through CrowdStrike's Cloud Platform.

The installation was a paradigm shift because we moved away from the endpoint protection piece, and we were open and saw how the world has evolved where we got to have different connectors. It was just a paradigm shift of how far we have come or how much we have to do to make sure we are secure.

From start to finish, it took up to eight weeks because there were a couple of things that we missed or and they were looking for best practices. 

We did not have the skill set to implement it on our own. We worked directly with CDW and CrowdStrike.

Three other people and I were involved in its deployment, so we had four people. From CDW and CrowdStrike, that was a team. It was like the Justice League. There were 12 people.

In terms of maintenance, you need to do what you are supposed to do. When you do not follow their playbook, you open yourself to problems. They tell you how to install and configure an endpoint. For the admin piece of it, there are reporting tools and proactive services, but you have to be open. If they are going to take the security piece off you, you have got to give them the keys to the car. You have to understand that if they are going to do this, you need to get out of the way and let them do what they do best.

If you are looking from an IT standpoint, you get what you pay for. There is proactive monitoring in addition to the insurance policy. They do that better than others. Would you like it cheaper? Yes, but at what cost?

At that time, Palo Alto was not at their level. SentinelOne was always trying, but back then, the company that was backing SentinelOne was compromised itself. If you cannot protect yourself, why would I trust you to protect my environment?

Open your mind. Understand that what you thought you knew may not be good enough. It is not a knock on you. You are now just getting professionals who do it better than what you possibly could do internally. Keep an open mind, but understand that they are the experts and industry leaders for reasons.

What a lot of clients do not take advantage of is the monthly calls where you can see what is coming down the pipe or have the best practice of using the product, and then keep the staff up to speed. You can work with their client success manager to look at your particular setup and what you can do to finetune the product. You can work with them for any anomalies or something that does not make sense.

Everybody has room to improve, but this one is different. I have to give it a ten out of ten.

We leverage CrowdStrike Falcon Complete, our EDR solution, alongside Microsoft Defender.

We implemented CrowdStrike Falcon Complete to safeguard our end users from unwanted applications, as recommended. Its IoC technology prevents the installation of both vulnerable applications and adware.

CrowdStrike Falcon Complete is deployed in the AWS, Azure, and GCP clouds.

CrowdStrike Falcon Complete made our incident response and remediation effort smoother.

Deep analysis is a valuable tool because whenever an unauthorized process is executed, it provides us with a comprehensive understanding of how the attacker is behaving within our system.

CrowdStrike Falcon Complete's 24/7 monitoring simplifies security management for our organization. We receive notifications through the message center regarding any detected incidents. Additionally, their cybersecurity engineers are available for consultation via phone call should any questions arise.

Our organization has benefited significantly from CrowdStrike Falcon Complete. It allows us to easily add Indicators of Compromise and perform on-demand scans. When threats are detected during these scans, the files are automatically blocked, preventing them from executing on the machine. Additionally, the support team is responsive and helpful, offering assistance without requiring the creation of a ticket.

Our overall security response time has improved by up to 80 percent.

Two of the most valuable features of CrowdStrike Falcon Complete are the remote terminal and unlimited IoCs. Most security solutions limit IoCs to around 20, but Falcon Complete allows us to upload as many as we need. Additionally, the centralized security management system is a great feature. It lets us run on-demand scans on our devices and view the results conveniently in the cloud.

CrowdStrike Falcon Complete does not include patch management functionality.

I have been using CrowdStrike Falcon Complete for eight months.

I would rate the stability of CrowdStrike Falcon Complete nine out of ten.

CrowdStrike Falcon Complete is scalable, but to expand its capabilities, you'll need to acquire additional licenses.

The cloud-native architecture allows us to just focus on the work and not worry about the hardware.

CrowdStrike Falcon Complete offers faster technical support compared to Microsoft, which often has long response times and redirects customers to partners.

Positive

We switched from Sophos to CrowdStrike Falcon Complete for its broader capabilities.

The deployment process, involving six people and supported by CrowdStrike, took eight months to complete. We uninstalled our existing applications from the machines and installed the token as part of the deployment. 

We have seen a medium to high return on investment.

While CrowdStrike Falcon Complete is expensive, it offers great features and functionality.

We evaluated Kaspersky and Microsoft Defender.

I would rate CrowdStrike Falcon Complete nine out of ten.

CrowdStrike Falcon Complete is user-friendly and simple to set up, ensuring a smooth user experience without any added complexity. It automatically detects and blocks infected files or devices, protecting your end users.

I recommend CrowdStrike Falcon Complete.

We use Falcon to protect the overall environment, including the client and the servers.

We've seen a tremendous improvement since implementing CrowdStrike Falcon. In the past few years, we were exposed to 30 different attacks, but now our environment is completely monitored, and everything is detected. It catches threats and attacks before they occur. We get more visibility across the environments than we've ever had before. When malicious activities are happening, we see the notifications immediately. It's a huge improvement over the response time of our previous solution.

We like the SOC teams that support the service. CrowdStrike has a huge SOC team that responds immediately when they discover any incident or risk in the environment. They conduct the forensic behind the tool, coordinating with our in-house team. 

We get an immediate response to threats and reporting about whatever actions are taken across the entire organization and the environment. Each system is reporting to CrowdStrike what happened behind the scenes. They have an impressive tool for monitoring and discovering what happens in every part of our systems.

I think the overall user experience for the operations team could be improved. The dashboard could be more effective, like Microsoft Defender. Microsoft worked on refining the user experience. The security monitoring tools could be simpler and more user-friendly. Integration with the application layer might be another area for improvement. 

We have used CrowdStrike Falcon for nearly a year.

A good indicator of the product's stability is the stability of the environment itself. The product is highly stable. 

We haven't expanded it, so I don't know what would happen if we tried. 

I rate CrowdStrike support 10 out of 10. They have a perfect support team. When we're working with technical support, it's like you are talking into a community, not just one person talking to you about incidents. You have a community supporting you.

Positive

We previously used Trend Micro Apex One. There were too many threats in our environment that went undetected, so we saw little value from Trend Micro. 

The portal is on the cloud, but there are on-prem agents. The deployment required about four or five people. It was straightforward and took about a week to cover all environments. Around three or four people are needed for maintenance. 

Although it's an expensive solution, we see a return because security is the top priority.

I don't know the details of the licensing, but Falcon Complete one of the most expensive solutions we have right now.

We looked at a few products, including Microsoft Defender. It's a good player in the game, and we believe Defender will be the next stage.

I rate CrowdStrike Falcon Complete 10 out of 10. I would recommend Falcon Complete to others. To those planning to implement Falcon Complete, I recommend cleaning the environment before installing the new product. You need to ensure every tool that was installed on the machines is removed.

It basically works as an XDR. We have the kind of servers on which our XDR CrowdStrike is installed, and it generates alerts. 

For example, if someone tries to install a systematic agent from their end, it generates an alert. We can then investigate through the incident task and see all the information: the device name, the hostname, and which servers and devices are trying to uninstall the particular product.

It basically works as a security device and provides an extra layer of security to our devices and computers.

Earlier, we used SentinelOne. CrowdStrike has more features than SentinelOne. For example, SentinelOne doesn't have as many features like remediating and showing more information. In CrowdStrike, we can see more information about the incident.

It has a great dashboard and interface, which is very user-friendly. It also provides a detailed analysis of each incident.

It should be integrated with AI and ML. For example, if we face zero-day vulnerabilities on our VCs, integrating them with AI and ML would be great. It's like SOAR, which we use, which automatically remediates everything, eliminating human work. If CrowdStrike also implements this kind of AI and ML feature, it would be beneficial.

I switched my organization to it about three months ago, in April. So, since April I have been using CrowdStike.

I haven't seen any bugs. If I encounter null errors or errors while doing integration or other tasks, I report them. Until now, I haven't seen any bugs.

Since I haven't seen any issues so far, I would give it a ten out of ten.

We have deployed it on every device, so we use it in a large number.

I would rate the scalability a nine out of ten. 

In my previous organization, I used SentinelOne, which is also an XDR. When I switched to a new organization, they were using CrowdStrike.

That's how the switch happened. 

It's cloud-based. I think the cloud is good because deploying on-prem is difficult compared to the cloud. In the cloud, we have better security options, we can log in from anywhere, and we don't have to manage the servers ourselves.

Deployment time: It depends on the number of servers we are using. If we have many servers, it will take some time to install on each device. If the environment is small, it would be a quick installation.

If we need help, we can contact the CrowdStrike Falcon team.

It's quite good. Our organization is very big and has a good budget, but the licensing part is handled by upper-level management.

CrowdStrike has a reasonable price. It's a good price, but if CrowdStrike offered coupons or discounts on a monthly or quarterly basis, it would be more beneficial for smaller vendors trying to implement security. Cutting down some prices would be better so that everyone can use it.

I would recommend CrowdStrike. Even if I were using it and someone asked me which tool to use, I would recommend CrowdStrike.

Overall, I would rate the solution a ten out of ten.