CrowdStrike Falcon is a comprehensive endpoint protection platform, primarily designed to meet the evolving cybersecurity needs of modern enterprises. It employs machine learning, behavioral analytics, and integrated threat intelligence to combat a wide range of cyber threats. CrowdStrike Falcon stands out for its cloud-native architecture, ensuring real-time protection and threat intelligence, essential for safeguarding dynamic environments. Its lightweight agent architecture minimizes system performance impact while offering extensive network visibility.
The most valuable features of CrowdStrike Falcon are:
- Complete IPS and IDS for threat detection and network intrusion prevention.
- Ability to crosscheck environments and investigate alerts easily.
- Integration capabilities with identity providers.
- Integration with Arctic Wolf for analysis and alerts.
- Low footprint and resource usage compared to other EDR and antivirus solutions.
- Real-time response and visibility into processes operating on the agent.
- Silent and lightweight agent with minimal memory consumption.
- User-friendly portal and no system restarts required.
- Excellent detection capabilities and low impact on machine performance.
- Good mechanism and reporting features.
- Prevention, malware protection, and vulnerability assessment.
- Threat hunting capabilities and on-keyboard remote response.
- Spotlight and Discovery features in Falcon XDR.
- AI-driven detection and real-time detections.
- Full EDR with antivirus, hunting, reporting, and remote control.
- Lightweight agent with various valuable features such as Lateral Movement, Overwatch detections, Custom IOC blocking, and more.
- Automatic threat dealing and integration with log management.
- Ease of integration with Splunk and BigQuery.
- Surety of endpoint protection and cloud-specific platform.
- Accuracy in threat identification and blocking.
- Crowdsourcing intelligence and regular improvements.
- Upgrades without additional fees.
- Lightweight agent with zero performance issues.
- Accurate detection based on processes rather than signatures.
- Behavior analysis, connection search, and cyberattack detection.
- Excellent detection and response with easy setup and integration.
- Machine learning for checking patterns in endpoint devices.
Areas for improvement on CrowdStrike Falcon include:
1. Enhancing the host management system.
2. Improving forensic controls and adding more features in that area.
3. Making the product more affordable and flexible for different industries.
4. Moving towards an agentless solution to eliminate the need for software deployment.
5. Including traditional antivirus features such as scanning audits, device blocking, and application control.
6. Enhancing technical support for better assistance.
7. Adding more accurate integration and local machine checking options.
8. Tightening integration around XDR and providing a comprehensive solution.
9. Finding a mechanism or relay to assist customers without an internet connection.
10. Providing better visibility for everything and more detailed malware analysis.
11. Adjusting pricing to better align with the target market.
12. Improving dashboard creation and making it more responsive.
13. Informing customers about GUI changes and providing guidance.
14. Adding web filtering and better application features.
15. Including native text alerts and additional data in the base product.
16. Improving integration and EDR functionality to compete with other solutions.
17. Enhancing the interface for easier data extraction and query languages.
18. Expanding compatibility with Apple, Unix-based systems, and adding turnkey XDR features.
19. Making the website navigation easier and improving technical support.
20. Ensuring equal support across all versions and customizing query languages.
21. Providing better visibility in reporting and more forensic details about detected threats.
22. Including scheduled scans and signature-based regular scans for compliance needs.
23. Offering a single-click recovery option and sending logs to SIM tools.
The reviews indicate that the return on investment from using CrowdStrike Falcon varies among users. Some users have seen a good return on investment, while others find it difficult to measure the ROI due to the nature of the solution. However, cost savings and reduced labor requirements are mentioned as clear returns on investment. The solution is praised for its breach warranty and ability to prevent zero-days and malware.
CrowdStrike Falcon offers a transparent pricing model with no setup costs, streamlining onboarding for users. Its pricing is typically based on a per-endpoint subscription, providing flexibility for businesses to tailor their investment according to their specific needs. Costs vary depending on the number of endpoints, offering solutions suitable for both small businesses and large enterprises.
The primary use case of CrowdStrike Falcon is for endpoint detection and response (EDR) and security purposes. It is utilized for various functions such as file integrity monitoring, asset management, patch management, identity protection, intrusion prevention systems (IPS), and intrusion detection systems (IDS).
The solution is used to protect against viruses, malware, and ransomware, and to detect and alert about any malicious activity. It is also integrated with other security tools and platforms for better data analysis and decision-making.
Additionally, CrowdStrike Falcon is used for next-generation antivirus (NGAV) protection, malware mitigation, hunting, and application behavior detection. It is deployed on endpoints, servers, and devices across different industries, including financial transactions, government, and small to medium-sized enterprises.
The solution is highly regarded for its real-time and online protection against the latest malware and wireless attacks. It is also known for its fast detection of security issues and insurance offerings in case of breaches.
Customers have had varying experiences with the customer service and support of CrowdStrike Falcon. Some customers have had positive interactions with the technical support team, finding them helpful and responsive. Others have not had any issues or have not needed to contact technical support. Some customers mention that the support could be improved, citing issues with communication and ownership.
The initial setup for CrowdStrike Falcon is described as straightforward and plug-and-play. It's cloud-based, and not overly complex. Some users mentioned that it took a few hours to a couple of weeks to complete the deployment, depending on the size and complexity of the environment.
The setup process was generally smooth, and there were no major issues or downtime reported. The solution can be deployed with minimal staff and maintenance requirements.
A few users mentioned that the installation can be moderately challenging, requiring planning and replacing certain components.
CrowdStrike Falcon is highly scalable and can accommodate a large number of users. It has been successfully deployed in thousands of enterprises, indicating its proven scalability. The fact that it is cloud-based further enhances its scalability, allowing for easy adjustment of endpoint licenses.
The stability of CrowdStrike Falcon is excellent. Users have experienced no issues, bugs, glitches, crashes, or freezes. The solution is described as rock solid, reliable, and performance is good. There are a few mentions of occasional difficulties, however, CrowdStrike promptly deals with them. With continuous updates, the stability of the solution is expected to improve even further in the future.
CrowdStrike Falcon offers robust, user-friendly cybersecurity measures that are crucial for protecting digital assets and minimizing the risk of data breaches and cyberattacks. Its proactive threat detection and mitigation help maintain business continuity and protect brand reputation. Additionally, its scalability and ease of use contribute to cost-effectiveness by reducing the need for extensive IT resources and training. The platform's seamless integration with existing IT infrastructures makes it a versatile choice for diverse IT environments.
During our conversations with CrowdStrike's users, they highly regard CrowdStrike Falcon for its efficiency in detecting and responding to threats, ease of use, and minimal system impact. It's praised for its comprehensive coverage, extending beyond traditional antivirus solutions, with strong customer support and continuous improvements.
General Feedback and Recommendations:
Key Features and Advantages:
CrowdStrike Falcon offers various pricing plans based on endpoints and required features. The plans cater to different organizational sizes and needs, from basic endpoint protection to comprehensive protection with advanced capabilities. Additional features like DLP, UBA, Endpoint Sandboxing, and MDR are available, with pricing upon request.
CrowdStrike Falcon emerges as a sophisticated solution for enterprise cybersecurity, offering advanced threat detection, scalability, and user-friendly design. It's well-suited for both IT professionals and business executives, protecting against current cyber threats and adaptable to future challenges in the cybersecurity landscape. For a more detailed understanding, especially concerning its use cases and weaknesses, a manual review of user feedback might be necessary.
CrowdStrike Falcon was previously known as CrowdStrike Falcon, CrowdStrike Falcon XDR.