CrowdStrike Falcon Complete MDR Reviews

The solution did a good job of preventing ransomware. It is used for behavioral analysis. For instance, if something appears to be suspicious then the solution blocks it.

If someone is using the old Microsoft Office and the system is not updated then CrowdStrike takes action on behalf of the operating system. So it is not only going above the application level but also the operating system level.

The analysis of the investigation of the incident could be easier. Offline scanning can be included in the next release. 

Moreover, Crowdstrike should think about making the price cheaper.

I have been using it for one year.

It is a stable solution.

The solution is scalable. Presently, in the company, there are three hundred users, and in the group, there are one thousand users.

The technical support team is in the middle range and not very good. We have a dedicated team from CrowdStrike working for us; it is called the watch service. 

We also subscribe to EDR Plus watch service. So we have a team from CrowdStrike always monitoring things before it happens.

Previously, I used Carbon Black EDR for three years, and I was a very happy user, but their technical support was not very relevant, so I switched.

The initial setup was straightforward. The deployment took around two weeks. We have only one engineer helping with the deployment.

There has been a Return on Investment. We have been working with two incidents, and the support team was really helpful from their side.

We need to pay a yearly subscription fee, which is expensive compared to others.

Anyone using CrowdStrike should ensure that they have the watch service. Though I do not remember the name of the service, it says Crowdstrike engineers are also monitoring.

I rate the solution a nine out of ten.

We use Crowdstrike for monitoring. The Department of Homeland Security's SOC is managing it, so I like it better than Carbon Black because we don't have to provide any support for it.

Crowdstrike provides us with some peace of mind knowing we're secure.

Crowdstrike has better support than Carbon Black.

Crowdstrike could be cheaper. It's pricier than Carbon Black.

I have used CrowdStrike for nearly a year.

I rate Crowdstrike Falcon Complete eight out of 10 for affordability. 

We started using Crowdstrike and Carbon Black at the same time. We've beend doing a simultaneous test to see which one we like better. 

I rate CrowdStrike Falcon Complete nine out of 10. I deducted one point because of the price, which is the only thing I don't like about it. 

The primary purpose of this solution is to safeguard against malicious software, ransomware, and other unknown security threats.

The solution is excellent; it meets customers' expectations for threat protection and provides an array of credit protection capabilities, features, and functions. As a system integrator, I am helping organizations find the best solutions to protect their environment.

The most valuable feature is AML-based threat detection.

The solution is geared more towards larger organizations, so it can be difficult for organizations with smaller budgets to utilize the solution. The cost has room for improvement.

I have been using the solution for the last four years.

The solution is stable, and while there may be opportunities for further improvements, the solution is well-designed and works well at this time.

The solution is cloud-based, so it offers scalable capabilities without any additional requirements.

CrowdStrike Falcon Complete's technical support is very good; they respond accurately, on time, and in accordance with their Service Level Agreement.

This solution is highly acclaimed for its seamless implementation and ease of use. Deployment is effortless, with simple policy creation and enabling processes. All aspects of this product work together smoothly.

Our clients must always receive technical and partner support when deploying our solution. We provide recommendations and best practices to ensure a successful integration that won't negatively affect existing systems. We can also provide guidance on how our product will interact with preexisting solutions.

CrowdStrike offers solutions with the same functionality for both large enterprises and small to medium organizations with competitive pricing. CrowdStrike is able to provide its customers with a solution that fits within their budget.

I give the solution a ten out of ten.

At my job, I am often working with CrowdStrike, as it is a well-designed solution that works effectively and has been tested by numerous customers. However, I am not limited to just this product and will provide a solution to customers no matter their preferences. I offer suggestions and recommendations to customers and work to meet their needs and terms and conditions.

I believe at times that CrowdStrike is the best option on the market when it comes to MDR. CrowdStrike is a very good solution.

The market provides a lot of capabilities when it comes to product offerings, not just endpoint security. Now, a single solution can offer different types of protection. So, there is no limit to how much a tool can be extended and expanded. It is up to the companies to decide what features and capabilities they want to offer.

We primarily use the solution for antivirus purposes. 

The solution works well and is okay with me. For the most part, I am happy with it. 

The performance is good, and it is stable. We don't have any issues. I find it doesn't impact my work.

It has good security features. 

The solution offers an easy initial setup.

It's scalable. 

We'd like the pricing to be a bit lower in the future. 

I've been using the solution for about six months. 

The solution is stable and reliable. The performance is good. We haven't had any issues. There are no bugs or glitches. It doesn't crash or freeze. 

As a solution that is based in the cloud, it can scale well. It's not a problem at all. 

We have about 1,000 users on the solution right now. 

I'm unsure as to if we have plans to increase usage. 

I've never used technical support and cannot speak to how helpful or responsive they would be. 

We might have previously used Kaspersky.

The initial setup is simple and straightforward. It's not overly complex. I'm not sure how long the deployment took. I wasn't as hands-on with the process. 

You do need to purchase a license in order to use the product. It's not cheap, however, it is not overly expensive. 

I'm an end-user.

I'd rate the solution eight out of ten. 

We use this solution for endpoint and server protection.

The reporting for this solution could be improved. This would make it more proactive in showing what happens during enrolment.

This is a stable solution and we have not experienced any issues. 

This is a scalable solution and we have more than 100 PCs.

The technical support is good. All it depends on the rules you have in place for the engagement of support.

The initial setup is easy and straightforward. It is easy because we set it up for about 500 endpoints in two day or three days. 

We have experienced ROI using this solution. The value is clear when you are able to stop a ransomware attack or other threats. All the money that you put into this protection is the money you save by preventing a problem.

 We pay 40,000 euros to use this solution. 

The engagement rule of this solution is fundamental to its use.The rule you put in place can determine how effective this solution is for your business. 

I would rate this solution a nine out of ten. 

I would say it is for endpoint security, malware, antivirus, and advanced threat monitoring.

I would say it secures the edge for customers more than they were before. It makes them more secure.

I think the AI and the analytics around stopping threats as they come in and learning as threats happen is probably the biggest selling feature. 

I think the pricing is a little high. As of recent, their MITRE scores were not as good as in years past. I would like to see them integrate Humio, which is their SOC or their SIM platform. I would like to see them integrate that into a single solution.

I have been working with CrowdStrike Falcon Complete for the past year and a half.

The stability is great.

They are very scalable even large organizations use CrowdStrike Falcon Complete.

I would say it's pretty good for the most part. I would give it an eight out of ten.

Positive

The initial setup is pretty easy. You are given an implementation specialist. Deployment usually takes a couple of weeks for a bigger organization. For a smaller organization, it could take a couple of days. For just the straight endpoint protection product, you are probably looking at eight dollars a month per user. If you're doing the Falcon Complete with monitoring and the SOC, you're probably looking at eighteen or nineteen dollars a month per user.

A lot of them used MacAfee, Silance, or a couple of other solutions. There's more AI and more built into it.

I would rate CrowdStrike Falcon Complete a nine out of ten.

When work-from-home scenarios started in March 2020, during the pandemic, in the month of April, we were actually going through some POCs and had one ransomware attack on one of the client sites. We had to deploy the solution immediately, which actually helped us find out or not how it worked. Proactively, we could identify some threats in the environment and act on them. We were virtually identifying items and getting notifications, as well as seeing the availability of the intra. That was very helpful for the entire team.

The solution is very nice. It's got multiple products for multiple features and enabled multiple settings, which helped my team and the organization is also in a way better way. Since it was lockdown the last two years, when the entire organization went to working from a remote location, the earlier solutions, what we had, were of no use. We were most concerned about security over the cloud. Carbon Black has helped us handle that.

Before we used to support multiple clients. We had to have some connectivity to the client's environment via Citrix or something. To access any of our solutions was a challenge when most of them were on-prem. Those were challenges for all of us. Now, most of the world has gone to the cloud. That actually helped us. Obviously, CrowdStrike was a different experience altogether.

I personally work on advanced threat hunting and identifying possible malicious activity or the possible threat in our environment which is getting easier earlier. Symantec Engine Protection, for example, gives you known reactive reports where you get stuff from either SIM or some soft team to help us on finding out probably the path for the attack. However, CrowdStrike is better at hunting threats and catching them early.

There's less workload on the Endpoint. After moving to CrowdStrike we never have this issue of systems getting overutilized by any of the security tools. That was one of the biggest advantages for it.

CrowdStrike has multiple parameters of components in the same console, which includes your vulnerability scanning. It has access to, or rather, we can integrate with, our existing SIM technology or SIM tool. The information that gets passed on the SIM control, the soft tool data site or any other tool is very limited. I had to actually provide the control access to my soft team so that they could drill down if needed.

The information was get passed on from Falcon control to CrowdStrike and it was very limited. It was acting as more of an alert only. For any further deep-dive analysis, we had to log in on the console itself. 

CrowdStrike has multiple parameters. For example, my vulnerability scanning team is a separate team who works on different tools altogether. If I need to give them access to my console I just need to provide them read-only access or kind of an admin access for VA scanning.

I had to make some customized access that can be provided to different teams on the same console. As a VA team member, if I login to the console with my credential I should be able to see the things which I am working upon. I don't need to see all other tile stack tabs. I should be able to provide some kind of customized access or other kind of access control for the console.

Microsoft Defender has one good option which is called the ASR rule. It basically allows the machines to be onboarded to different consoles, which analyzes the process of it and summarizes it in a single console. Obviously, the number of incidents of the event are very huge. It takes about a month or so to evaluate. However, after the evaluation completes, you can actually fine-tune what should not be present in your automation. Which you can set up and get rid of it. It would be nice if this product had something similar. 

I've used the solution for two years.

The stability is very good. It does not have any kind of payload on the endpoint, and we don't need to compromise with system performance. The legacy tools used to have this agent needed to be deployed and consumed a lot of system resources. In terms of performance, this tool was an improvement on the legacy.  The capabilities of CrowdStrike as a tool are fantastic.

We are working with about 18,000 endpoints and about 2,000 servers.

The scalability was really good. It covers most of the recent operating systems I would say in India, although most of our customers are using Microsoft operating systems only. In terms of my international clients who have different operating systems, including Mac, Linux, or Unix, this works. CrowdStrike has the maximum availability for all possible and the latest operating systems. With other tools. we didn't have that level of flexibility.

Technical support was fantastic, however, frankly speaking, we barely had a chance to get in touch with the technical support as CrowdStrike has a fantastic health portal within that console. There were a couple of scenarios where we went to them as some kind of alert that CrowdStrike was publishing it to the customer only. They had some specific name for those alerts. Those used to get sent to the customer's end only. Being automation as security, CrowdStrike has a policy to provide the information only to the registered customers only. Obviously, the licenses are issued to the customer. However, the licensing policy was limited in that we were kind of a vendor, or rather, a mediator between the customer and the OEM and we fell through the cracks. 

I would say in my earlier solution, we used to just provide the license number. If the license number were verified, we would get all types of support. 

Overall, the support team was really good. They are more capable of understanding the other challenges and would then provide the solution.

Mostly, we were providing all the technical support to the customer. The licenses were installed with the customer's name. We were slightly lacking as the details that OEM was providing were direct to the customer and we were being skipped. At the same time, we used to struggle to get the details and updates or more input from the OEM from CrowdStrike. 

Positive

We moved from Symantec Endpoint to CrowdStrike.

The initial setup was slightly complex although it's an easier solution. It took us about a month to understand the entire process of the console.

Within a month we were able to train our members to a certain level and within a six-month span, all members actually became familiar for the technology.

We had some challenges from the client environment as well. That was expected as we were ruling out Symantec as well at the time. Concurrently, we were moving out of Symantec and deploying through the CrowdStrike agent. We were also doing the policy fine-tuning, which took a slightly longer time as the customer had their own developed applications and tools for finding their hashes. We added features like device control, app control. Those parts took slightly longer, however, it was still quicker than the legacy solution.

We have two people available to handle maintenance. 

The deployment was handled by my technical team only. Internally, we had eight team members deploying it. They were using a big fix as a deployment tool to deploy this agent on all the clients. I was leading the admin part of CrowdStrike. We had to involve the patch management team who could push a particular script on all the endpoints to onboard them. Most of the endpoints were working remotely and luckily we fixed everything there in the cloud which was making our life easier for onboarding scripts on the client.

I'd rate the solution nine out of ten. 

Falcon is a threat intelligence platform. In cybersecurity, there's always a chance you'll get breached and gaps that need to be addressed, but you'll never know unless there is a threat seeking to exploit that particular weakness. Most use cases for Falcon will be directly ingested into our Siemens server. The total number of users on the solution is around 1,500.

Falcon's threat intel is strong, and the solution allows our customers to automate their site intelligence. We can integrate Falcon X with the other platforms we use, like FireEye, Insight, Cybertech, and Kaspersky. 

The threat intelligence comes from Falcon X and goes directly into the SIEM and SOAR. That provides us valuable feedback for the use cases being used. If my analyst wants to check suspicious or malicious activities, they get the maximum information from Falcon X about URLs, IPs, domains, hashes, etc.

I would love for the threat intelligence part to be more globalized to provide a tailored response to types of malware and ransomware that are trending in other regions. 

For example, they can add a feature to tell us that there are separate attacks in South Asia or East Asia occurring at these times, so we can supply those things to our environment and protect ourselves.

We've been using Crowdstrike Falcon Complete for almost a year.

Falcon is easy to scale.

I rate CrowdStrike support eight out of 10. Overall, the customer service is excellent, and the backend teams are highly responsive. We have a good relationship with CrowdStrike.  The sales, technical, backend, and R&D teams work closely with the customers.

Positive

Falcon X is a cloud-based subscription model, so you just need an account from CrowdStrike. You can log in and set it up in 5 to 10 minutes. It ultimately on how well you understand the technology. If you're familiar with the technology, it's straightforward, but you might find it complicated if this is your first time using it.

There's a lot of information and options in front of you. If you don't know where you have to go for specific information, you'll think it's complicated. The amount of maintenance depends on whether there's a particular update or batch on the back end. 

The licenses for both Carbon Black and Crowdstrike are expensive, but it depends on how the vendors scale the price and negotiate with the customer. So if you have a customer with 7,000 users, the vendor will offer them a low price per user to get them on board. If you have a few hundred users, the price will be a little bit more.

There's a huge price difference at various scales. I was surprised that the license for a hundred users went as high as $120 per user, whereas the same product might cost $30 for 6,000 users.

I haven't worked on the backend part of Carbon Black, so it's hard for me to compare both products. We're using the EDR for Carbon Black with CrowdStrike's threat intelligence. 

Carbon Black is an impressive tool for analysis because it provides in-depth information and a complete triage file for the analysts. In the CrowdStrike, you have some sort of limited information and for the in-depth information you need to take it, Carbon Black provides that particular thing on the first view.

I rate CrowdStrike Falcon Complete nine out of 10. Before you deploy the product, you need to do research, understand the capabilities, and assess your requirements. You should know what you need before you purchase something. It's not like buying jeans, where you can get another pair if you're not satisfied. You should be certain that it fits your requirement.

Budgets are always a challenge in the security field because every CEO or company owner thinks IT security is a burden. It doesn't generate profit, and the company needs to spend money on products and services. You might not go for the best product if you have budgetary constraints.