CrowdStrike Falcon Complete MDR Reviews

We use CrowdStrike Falcon Complete internally and externally according to the MITRE ATT&CK framework. MITRE ATT&CK describes most of the TTPs and explains them, including the default use cases and deployed policies. Our internal use case for the solution is specifically for internal fraud cases to use in our internal forensics team.

CrowdStrike Falcon Complete has helped in improving my company in terms of achieving strategies and executing frameworks.

What I found most valuable in CrowdStrike Falcon Complete is that it has a lot of monitoring dashboards and use cases, and I saw that it's a very good product, but my company has only tested it, so it's not been used for real use cases. My company hasn't tested the complete license for CrowdStrike Falcon Complete, so the team hasn't checked the open fiber rooms for zero-day attacks, IOAs and IOCs, or any indicators of fraudulent activities.

I was also amazed at the solution and its licensing. My company did a competitive analysis of many EDR solutions, but it went with CrowdStrike Falcon Complete. It's one of the top-rated solutions on CyberRatings as well.

At the moment, nothing is missing in CrowdStrike Falcon Complete. I'm amazed by it. It's perfect and I'm not aware of any other vendors that provide its features, but it would also depend on the configuration and policy management of the solution, for example, I can bring you an EDR solution and configure it badly, so it won't do anything. It also depends on the people, not just the technology you're obtaining, so this is the most important thing to do for all solutions, even for firewalls. You can obtain a firewall and if you permit everyone to go through it, then it's useless.

What could be improved in CrowdStrike Falcon Complete is its management console. Currently, that console is on the cloud, so if the cloud is compromised, then the management console would also be compromised, and that's quite risky.

I've been using CrowdStrike Falcon Complete for six months.

CrowdStrike Falcon Complete is too stable, but I still have to test it in a forensic case before I could comment on the stability of the solution.

We usually follow TMMI, so in terms of the maturity and scalability of CrowdStrike Falcon Complete, it's fine, so far.

Our only experience in terms of contacting the technical support team for CrowdStrike Falcon Complete was during implementation.

Setting up CrowdStrike Falcon Complete was too easy because it's a cloud solution, so it was too easy to implement. There's nothing to do, for example, you just need to install the agent from the PCs on the endpoint.

In terms of the deployment time for CrowdStrike Falcon Complete, the infrastructure team implemented the endpoints which took one week, then there's the tuning of the policies, so overall, the deployment took one month.

There's a third party or a partner either for implementation or support for CrowdStrike Falcon Complete, but my company did it in-house.

We haven't seen ROI from CrowdStrike Falcon Complete because we've just done a POV for the top management and there are limited attacks in our organization. We've done some use cases or POCs on a zero-day attack, changing the binaries, etc., and CrowdStrike Falcon Complete was perfect and detected all of the behaviors, isolated them, and did all the functions we expected it to do.

The pricing for CrowdStrike Falcon Complete is competitive. It's a cheaper solution when you compare it with others, and on a scale of one to five, I'm rating its pricing a four. You also don't need to pay extra for its features. CrowdStrike Falcon Complete is perfect.

My company evaluated another solution that was also top-rated: FireEye (now called Trellix).

CrowdStrike Falcon Complete currently has five thousand users in my company and the roles vary from top management to C-level to endpoint users to high privilege users, so a lot of people and a lot of money.

My company recommends CrowdStrike Falcon Complete for the financial, military, and oil and gas sectors. It's by sector, not by people. All the roads now move toward security and securing the business, and it also depends on the criticality of the assets you own and how you're securing the assets. Whenever or whoever has a critical asset should go for a strong security solution such as CrowdStrike Falcon Complete.

In terms of how extensively the solution is being used in my company, there's no 100% security, so my company is always developing security solutions that can handle new attacks, future attacks, and more sophisticated attacks, so I'm unable to give a percentage of the extent of usage of CrowdStrike Falcon Complete, but if I can just measure this from a governance perspective, it's 80%, specifically from a compliance perspective.

At the moment, I'm unable to give my advice to others looking into implementing CrowdStrike Falcon Complete because I need to use the solution on a real test or real compromise first.

I'm rating CrowdStrike Falcon Complete eight out of ten because of its management console being on the cloud. My company doesn't prefer this setup, even if it has an NDA with the vendor because if the cloud itself was compromised, the management is also compromised, and all users will be isolated, so this isn't good from a risk perspective.

My company is a customer of CrowdStrike Falcon Complete.

What's most valuable about CrowdStrike Falcon Complete as an endpoint security solution is that it provides different features against malware outbreaks. The solution is also cloud-based so it offers flexibility in terms of managing it. It's also easy to deploy the agent and you can deploy it through CrowdStrike, your CloudStrike console, or you can take that agent out and you can use different solutions to deploy it through your group policy, your SSCM, or any asset management tool.

What could be improved in CrowdStrike Falcon Complete is the threat hunting feature and the insights it provides, in particular, the variable analysis feature. Protection against zero-day threats and sandboxing could also be improved in CrowdStrike Falcon Complete. If you compare it with other solutions, it can go head-to-head, but the features I mentioned still need improvement.

CrowdStrike Falcon Complete is a stable solution.

CrowdStrike Falcon Complete is a scalable solution. From the infrastructure and operation side, it's one of the best tools in terms of scalability.

I have not worked directly with the technical support team of CrowdStrike Falcon Complete. My company has a different team that worked directly with the CrowdStrike presale team, and that CrowdStrike team was really good, always supportive, and helpful.

I have no idea on the licensing cost of CrowdStrike Falcon Complete.

I have experience with CrowdStrike Falcon Complete, and I've worked with it recently. I work as a solution architect, so I work with different products, and I can't tell you exactly which version of CrowdStrike Falcon Complete I used.

I manage different customers, so the solution is deployed on various clouds, but mostly on a hybrid cloud, with providers being AWS and GCP.

My advice to anyone looking into implementing CrowdStrike Falcon Complete is to go for it. You should move from the traditional antivirus to the next-gen antivirus. Next-gen antivirus such as CrowdStrike Falcon Complete has malware detection, exploit detection, and endpoint detection and response (EDR) features that you won't find in the traditional antivirus. Signature-based antivirus also fails to detect zero-day attacks as well as crypto locker, ransomware, etc. CrowdStrike Falcon Complete has IOA behavioral protection, and it has an analysis functionality and great reporting capabilities, so you should go for it.

My rating for CrowdStrike Falcon Complete is eight out of ten. Sometimes on remote users as it is release-signed, there's some issue with the agent and some false positives as well. In terms of detection, an antivirus or EDR solution, or any kind of threat protection product, you have to check a few things. One is how good it is when malware is in the pre-execution stage and the post-execution stage. I have done some analysis on CrowdStrike Falcon Complete on seventy-five different parameters and controls, and I concluded that the product is really good. It's not a ten out of ten because I cannot provide a perfect score for any product. Eight out of ten is a good score in my point of view because you'd still feel that other things are missing in the product.

We use CrowdStrike Falcon Complete as an endpoint detection and response solution. We have over 10,000 users of this product. It requires less than 10 staff to deploy and maintain CrowdStrike. We are looking at rolling out more features of the product.

CrowdStrike has improved our meantime to closure on incidents. By enabling us to have more contextual awareness for each of the detections, it provides a much richer and broader scale of intelligence to each of the incidents and detections.

The threat intelligence of CrowdStrike Falcon is the most valuable feature. I also  enjoy their contextual awareness, endpoint detection and response.

The solution could use an on-demand scan feature.

I have been using CrowdStrike Falcon for 18 months.

CrowdStrike Falcon Complete is stable. 

The solution is scalable. We did a proof of concept with CrowdStrike versus others. CrowdStrik lived up to these capabilities.

I have used their technical support, and they are good. I would rate them a four out of five.

Positive

We were using a couple of other solutions before CrowdStrike and decided to move away from them as they weren't as good.

The initial setup of CrowdStrike is fairly straightforward. I would rate the initial setup a four out of five.

We used a professional service, an integrator, to implement the solution. Our organization is complex, so the roll-out took a couple of months.

From what I understand from our network architect, CrowdStrike Falcon is good value for the money required. We receive good service and support. The training is excellent. They offer a number of free classes to train users and analysts. It is a very capable product.

I would rate CrowdStrike Falcon Complete an eight out of ten overall.

We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

The initial setup is straightforward. 

The stability and performance have been pretty good overall. 

The solution has proven to be very easy to implement and easy to manage.

It is very simple to use and not overly technical. 

The product gives us very low false positives. 

Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

We are customers and end-users.

We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.

We use the solution for endpoint detection and response features.

The solution's most valuable feature is AI engine. It helps us automatically block the execution of suspicious activity.

The machines require several resets during the solution's deployment process. They should improve this particular area. Also, the reporting feature could be user-friendly. The reports need to be explained in simpler words instead of technical terms.

We have been using the solution for six years.

I rate the solution's stability as a ten.

We have 1000 solution users. It is very scalable. I rate its scalability as a ten.

I rate the solution's initial setup process as nine. It takes a month to complete. We first deploy the pilot group in a passive mode and then move to active mode. Meanwhile, we also remove the old antivirus platform from the network. Once the pilot is active, we deploy it to the rest of the platform.

The solution's licenses are expensive for small-scale companies. They cost around $120. There are no additional costs. But sometimes, we need to outsource some skills to access good security understanding. Thus, we have to pay extra for it apart from the licenses. I rate its pricing as a nine.

I highly recommend the product and rate it as a nine. It is exceptional, but there are competitive products in the market with better pricing.

CrowdStrike Falcon Complete is used for endpoint protection, which includes anti-malware, and some MDR capabilities, such as threat hunting.

The most valuable feature of CrowdStrike Falcon Complete is the overall endpoint protection.

CrowdStrike Falcon Complete could improve the threat visibility and have remediated vulnerabilities that they find.

I have been using CrowdStrike Falcon Complete for approximately four years.

We have not had any problems with the solution.

I rate the stability CrowdStrike Falcon Complete a nine out of ten.

The scalability is good.

We have approximately 20,000 users that are using this solution.

I rate the scalability CrowdStrike Falcon Complete an eight out of ten.

I have not used the support.

We are looking to move to SentinelOne because of the lack of threat visibility.

My advice to others is to take the full package of the solution to determine what are the most useful features and then adjust the package later.

I rate CrowdStrike Falcon Complete an eight out of ten.

I primarily use Falcon Complete to protect against threats.

Falcon Complete's user interface isn't very user-friendly, especially for writing rules.

I've been working with Falcon Complete for one year.

Falcon Complete is stable.

Falcon Complete is scalable.

CrowdStrike's technical support is good, I haven't heard any complaints about it.

The initial setup is easy because Falcon Complete is on-cloud, and it takes around a week to deploy.

Falcon Complete isn't too pricy, and its licensing is available on a yearly basis.

I would recommend Falcon Complete for anyone looking for a cheaper alternative that's almost the same quality as Cortex. I would give Falcon Complete a rating of seven out of ten.

It's an endpoint detection and response tool. I am using its latest version.

It improves our security posture.

Its ease of use is valuable. Nothing is left to you.

Its price and integration into a pre-existing process could be better.

In terms of features, I'm quite happy with where they're at the moment in their roadmap as a company.

I have been using this solution for four years.

It's very stable. I'd rate it a ten out of ten in terms of stability.

It's scalable. I'd rate it a nine out of ten in terms of scalability. It would be a ten if it was cheaper.

In my organization, there are 100 users, but we have also deployed it elsewhere. They have over 10,000 users. It goes on every device irrespective of the role.

They're good on official channels and non-official channels.

We were using another solution. We switched because of our partners.

It's easy as long as you've got something to deploy on LAN. Otherwise, it's a bit of a pain. For me, it took less than 10 minutes.

I installed it on my own. One person is enough for its maintenance.

It's expensive. Its price varies because it's a modular solution. I'd rate it a six out of ten in terms of pricing.

Overall, I'd rate it an eight out of ten.