Try our new research platform with insights from 80,000+ expert users
CrowdStrike Falcon Sandbox Logo

CrowdStrike Falcon Sandbox Reviews

Vendor: CrowdStrike
4.1 out of 5
Leave a review

What is CrowdStrike Falcon Sandbox?

CrowdStrike Falcon Sandbox detects threats without impacting endpoint performance, providing users with a seamless experience. It delivers detailed reports for collaboration and offers malware analysis capabilities, identifying potential breaches and suspicious files.

Get the Anti-Malware Tools Buyer's Guide and find out what your peers are saying about CrowdStrike Falcon Sandbox, Microsoft Defender for Endpoint, VirusTotal and more!
CrowdStrike Falcon Sandbox is the #15 ranked solution in top Anti-Malware Tools. PeerSpot users give CrowdStrike Falcon Sandbox an average rating of 8.2 out of 10. CrowdStrike Falcon Sandbox is most commonly compared to Microsoft Defender for Endpoint: CrowdStrike Falcon Sandbox vs Microsoft Defender for Endpoint. CrowdStrike Falcon Sandbox is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.
Buyer's Guide
Anti-Malware Tools
January 2025
Get the category report
Helped 866,218 peers since 2012

Featured CrowdStrike Falcon Sandbox reviews

Read more reviews

CrowdStrike Falcon Sandbox mindshare

As of August 2025, the mindshare of CrowdStrike Falcon Sandbox in the Anti-Malware Tools category stands at 1.3%, up from 0.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Anti-Malware Tools Market Share Distribution
ProductMarket Share (%)
CrowdStrike Falcon Sandbox1.3%
Microsoft Defender for Endpoint15.2%
F-Secure Total6.5%
Other77.0%
Anti-Malware Tools
 
 
Key learnings from peers

Valuable Features

Key features of CrowdStrike Falcon Sandbox include impressive threat detection without impacting performance, detailed yet sometimes inaccurate reports, effective malware analysis, interactive analysis, and valuable network behavior recording. It provides malware detection, threat ratings, metadata study, and threat feeds. The lightweight cloud deployment offers policy-based notifications, valuable alerts, and quick incident response. Automatic sandboxing of unknown detections and minimal maintenance due to automatic upgrades enhance value. Organizations benefit from minimized false positives and effective vulnerability assessment.
  • "The cloud deployment of CrowdStrike Falcon Sandbox benefits my organization because we can access it from anywhere and at any time we can get the information."
  • "On a scale of 1-10, I rate CrowdStrike Falcon Sandbox a 10 out of 10."
  • "CrowdStrike is an excellent tool for managing all endpoint-related security tasks."

Room for Improvement

CrowdStrike Falcon Sandbox needs improved technical support and faster communication. Users seek more operating system support, better incident data presentation, and smoother SOAR integration. Its user interface can be complicated, demanding constant updates. It struggles with malware analysis for large files, mass deployment, and console usability. Users want quicker installation processes and behavior detection integration alongside existing features. Additionally, the sandbox report could benefit from enhanced visual formatting for stakeholder presentations.
  • "The CrowdStrike support is not good; the support team does not come remotely, and we repeatedly ask them to collect logs and analyze them before providing a solution via email."
  • "While CrowdStrike is a powerful tool, the user interface is cluttered with many features, making it challenging to navigate."
  • "While CrowdStrike is a powerful tool, the user interface is cluttered with many features, making it challenging to navigate."

ROI

CrowdStrike Falcon Sandbox significantly reduces incident response and detection time, cutting downtime by up to an hour. Users express satisfaction with the return on investment, though some remain uncertain about its financial impact. While not all users can confirm absolute ROI levels, they are pleased with the performance, likening it to a high-end luxury car. Overall, positive feedback on its efficacy indicates the value it brings in operational efficiency and technology advancement.

Pricing

CrowdStrike Falcon Sandbox's pricing tends to be above mid-range, rated around 7 out of 10 in costliness, with expenses depending on the number of endpoints and features required. While some users find the pricing expensive compared to other vendors, others perceive value for money. Pricing operates on a usage-based cost structure, and perceptions of affordability vary among users. Businesses should consider specific needs and budget when evaluating Falcon Sandbox.
  • "Price-wise, the tool is a bit above mid-range, maybe 7 out of 10, where 10 is the most expensive."
  • "CrowdStrike Falcon Sandbox is not cheap; however, whether it should be more affordable is a decision best left to the company."

Popular Use Cases

CrowdStrike Falcon Sandbox is primarily used for detecting hidden threats and investigating suspicious files and URLs. Organizations utilize it to sandbox artifacts like email links and attachments, aiding in malware detection, response, and alerting. It's integrated within the EDR platform for checking files for malicious content and deploying in environments to quarantine and scan files, ensuring endpoint security and supporting security operations through real-time monitoring and threat intelligence.

Service and Support

Customer service and support for CrowdStrike Falcon Sandbox are typically fast and efficient, with responses often within 24 hours. Many appreciate the informative interactions, especially with tiered support, rating it highly. However, some find the lack of remote assistance and repetitive requests for logs before issue resolution less satisfactory. The average satisfaction appears high, with several rating the service eight or nine out of ten, although there are occasional mentions of less favorable experiences.

Deployment

Many users find CrowdStrike Falcon Sandbox's initial setup easy, especially with cloud deployment eliminating maintenance. Integration usually completes in a day, though some experience a learning curve with policy creation, needing up to a month. Support assists with complexities. Some users have partners that facilitate a smooth installation process, requiring little effort from them.

Scalability

CrowdStrike Falcon Sandbox impresses users with its scalability, accommodating a wide range of customers from small businesses to large enterprises. Users rate its scalability highly, describing it as well-suited for various organizational sizes. However, the high price point may limit accessibility for smaller organizations, appealing primarily to enterprise-level customers. Its capacity to handle diverse requirements makes it a favorable option for many users seeking scalable cybersecurity solutions.

Stability

Users report CrowdStrike Falcon Sandbox as stable and reliable. While not flawless, it receives positive feedback for stability. Some rate it eight out of ten, reflecting good performance. There's an absence of significant issues from client experiences, suggesting a dependable performance level. CrowdStrike Falcon Sandbox maintains a consistent reputation for stability.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Anti-Malware Tools Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise3
By reviewers
By visitors reading reviews
Company SizeCount
Small Business30
Midsize Enterprise23
Large Enterprise74
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
12%
Comms Service Provider
10%
Manufacturing Company
9%
Educational Organization
8%
Government
8%
Healthcare Company
6%
Media Company
6%
University
4%
Energy/Utilities Company
3%
Outsourcing Company
2%
Wholesaler/Distributor
2%
Hospitality Company
2%
Performing Arts
2%
Real Estate/Law Firm
2%
Retailer
2%
Leisure / Travel Company
2%
Renewables & Environment Company
1%
Insurance Company
1%
Security Firm
1%
Logistics Company
1%
Sports Company
1%
Transportation Company
1%
Pharma/Biotech Company
1%
Construction Company
1%
Recruiting/Hr Firm
1%

Compare CrowdStrike Falcon Sandbox with alternative products

Go!

Learn more about CrowdStrike Falcon Sandbox

CrowdStrike Falcon Sandbox is designed for threat detection, offering a comprehensive approach to identifying hidden malicious programs and analyzing harmful URLs. Its integration allows for seamless evaluation of files and sandboxing of email links and attachments, supporting threat detection and response. Users value its capabilities in network connection recording, metadata analysis, and threat ratings, although some express a need for MacOS and Windows 11 support and improved SOAR integration.

What are the key features of CrowdStrike Falcon Sandbox?
  • Executive Detonation: Provides a simulated environment for realistic threat analysis.
  • Human-like Interaction: Emulates user actions for accurate threat identification.
  • Comprehensive Recording: Tracks network connections, processes, hashes, and fingerprints.
  • Threat Feeds: Supplies vital information for detecting emerging threats.
What benefits should users expect?
  • Malware Detection: Effectively identifies and quarantines malware.
  • Detailed Reports: Facilitates sharing among teams and stakeholders.
  • Threat Analysis: Assists in evaluating potential breach data.
  • Efficient Threat Handling: Offers timely identification of suspicious activities.

CrowdStrike Falcon Sandbox is implemented by organizations to strengthen security across email systems and endpoint devices. It is particularly valuable in industries needing thorough threat investigations and rapid responses to potentially harmful content, empowering users with essential threat intelligence.

Related questions

  • 110
What are the threats associated with using ‘bogus’ cybersecurity tools?
  • 99
What to choose: an endpoint antivirus, an EDR solution or both?
  • 250
Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?
  • 132
Looking for alternatives to Symantec Cloud Protection Engine
  • 22
Who provides a better antivirus solution: Bitdefender or Sophos?
  • 18
Which antivirus is best for isolated work PCs?
  • 29
How do you identify malware?
  • 105
Why are Anti-Malware Tools important for companies?
  • 73
When evaluating Anti-Malware Tools, what aspect do you think is the most important to look for?
  • 12
When evaluating Antimalware Tools, what aspect do you think is the most important to look for?

Product Categories

Product Categories
Anti-Malware Tools

Popular Comparisons

Popular Comparisons
Microsoft Defender for Endpoint vs CrowdStrike Falcon Sandbox Logo
Microsoft Defender for Endpoint vs CrowdStrike Falcon Sandbox
VirusTotal vs CrowdStrike Falcon Sandbox Logo
VirusTotal vs CrowdStrike Falcon Sandbox
F-Secure Total vs CrowdStrike Falcon Sandbox Logo
F-Secure Total vs CrowdStrike Falcon Sandbox
Deep Instinct Prevention Platform vs CrowdStrike Falcon Sandbox Logo
Deep Instinct Prevention Platform vs CrowdStrike Falcon Sandbox
Cuckoo Sandbox vs CrowdStrike Falcon Sandbox Logo
Cuckoo Sandbox vs CrowdStrike Falcon Sandbox
ANY.RUN vs CrowdStrike Falcon Sandbox Logo
ANY.RUN vs CrowdStrike Falcon Sandbox
Quick Heal Total Security vs CrowdStrike Falcon Sandbox Logo
Quick Heal Total Security vs CrowdStrike Falcon Sandbox
Hatching Triage vs CrowdStrike Falcon Sandbox Logo
Hatching Triage vs CrowdStrike Falcon Sandbox
TotalAV Antivirus Pro vs CrowdStrike Falcon Sandbox Logo
TotalAV Antivirus Pro vs CrowdStrike Falcon Sandbox
See all alternatives
 
CrowdStrike Falcon Sandbox Reviews Summary
Author infoRatingReview Summary
IT Manager at Gigabit Technologies Pvt Ltd5.0I work with CrowdStrike Falcon Sandbox, focusing on deployments and POCs. Its key benefits include automatic sandboxing and behavioral monitoring. However, installation for mass deployment is challenging and requires third-party tools. I'm unsure about its return on investment.
Security Senior Engineer at a consultancy with 51-200 employees4.0I use CrowdStrike's Falcon Sandbox for endpoint security, focusing on policy creation and software analysis. It excels in managing security tasks and minimizing false positives, but its user interface is cluttered, and it struggles with malware analysis for large files.
Senior Consultant at Ernst & Young4.5I use CrowdStrike Falcon Sandbox for security and alerting to detect malware. The notifications and alerts are invaluable, providing essential analysis of infected devices or files. We've seen significant return on investment, and there's no current need for improvement.
IT- Manager at Orient Craft Ltd.4.0I've used CrowdStrike Falcon Sandbox on AWS for nearly two years; it's lightweight, scalable, and stable, though the console and support could improve. Setup was easy with partner help, and about 50 users access it without maintenance needs.
SOC Technical Lead at a educational organization with 1,001-5,000 employees4.0I use CrowdStrike Falcon Sandbox to analyze suspicious URLs and malware due to its integration with our EDR platform. While its detailed reports and interaction features are valuable, improvements are needed for accuracy, OS support, and report aesthetics.
Manager, Information Technology Security at Nesma4.0We use CrowdStrike Falcon Sandbox to identify and mitigate potential malware threats in our environment. Its malware analysis is effective, saving us significant downtime, though technical support and data presentation could be improved for better decision-making.
CTSO at Cyb3r4.0I use CrowdStrike Falcon Sandbox to quarantine and scan files for malicious threats, providing valuable malware detection and threat feeds. It could benefit from better integration with SOAR products and enhanced behavior detection alongside threat detection.
Owner at Ekforce LLC4.0No summary available