CrowdStrike Falcon Complete MDR Reviews

I primarily use Falcon Complete to protect against threats.

Falcon Complete's user interface isn't very user-friendly, especially for writing rules.

I've been working with Falcon Complete for one year.

Falcon Complete is stable.

Falcon Complete is scalable.

CrowdStrike's technical support is good, I haven't heard any complaints about it.

The initial setup is easy because Falcon Complete is on-cloud, and it takes around a week to deploy.

Falcon Complete isn't too pricy, and its licensing is available on a yearly basis.

I would recommend Falcon Complete for anyone looking for a cheaper alternative that's almost the same quality as Cortex. I would give Falcon Complete a rating of seven out of ten.

It's an endpoint detection and response tool. I am using its latest version.

It improves our security posture.

Its ease of use is valuable. Nothing is left to you.

Its price and integration into a pre-existing process could be better.

In terms of features, I'm quite happy with where they're at the moment in their roadmap as a company.

I have been using this solution for four years.

It's very stable. I'd rate it a ten out of ten in terms of stability.

It's scalable. I'd rate it a nine out of ten in terms of scalability. It would be a ten if it was cheaper.

In my organization, there are 100 users, but we have also deployed it elsewhere. They have over 10,000 users. It goes on every device irrespective of the role.

They're good on official channels and non-official channels.

We were using another solution. We switched because of our partners.

It's easy as long as you've got something to deploy on LAN. Otherwise, it's a bit of a pain. For me, it took less than 10 minutes.

I installed it on my own. One person is enough for its maintenance.

It's expensive. Its price varies because it's a modular solution. I'd rate it a six out of ten in terms of pricing.

Overall, I'd rate it an eight out of ten.

My organization is a cybersecurity company using CrowdStrike Falcon for incident response and forensic analysis. Twenty-five employees are using it now

CrowdStrike has improved our operations in many ways. Three of our clients recently got hit by ransomware. Using Falcon Complete, we contained and fixed the issue and helped them get things back to normal.

I like Falcon's AI functionality and vulnerability management. That has been so helpful. Falcon Complete can manage vulnerabilities, quarantine threats, and do all kinds of forensic incident analysis. It's a lightweight solution that only uses 1% of the CPU, which is a game changer. Other EDRs have had high CPU usage.

Falcon could use more SIEM capabilities, like a central place to monitor all our clients.

We have been using CrowdStrike Falcon for nearly two years now.

I rate Falcon 10 out of 10 for stability. 

I rate CrowdStrike Falcon 10 out of 10 for scalability. 

We were using McAfee Endpoint Security, but we later partnered with CrowdStrike, so we started using Falcon. The McAfee solution was limited. CrowdStrike EDR has a good dashboard that lets us see what's happening and the processes on my machines. It has better quarantining and remediation.

Setting up Falcon was straightforward. We deploy it on the cloud and on-prem, depending on the client. You can deploy it in under five minutes with an adequate internet connection.

The number of people needed to deploy the solution varies. It only requires one person if we are using Active Directory. However, we typically do it manually with four people to do it, so it's faster for us to reach the organization's endpoints.

We evaluated Trend Micro and a few other EDRs. We found from the ratings that CrowdStrike was more effective than other EDRs. In addition, we have some solutions from other vendors like AlienVault OSSIM and Darktrace because those are the main players in our market.

We don't use the solution internally, but our clients' use cases are primarily EDR and endpoint protection, with peripheral use cases including web app protection.

CrowsStrike Falcon Complete is a good solid endpoint protection solution; it has a good engine and is on par in terms of efficacy with SentinelOne, and with Microsoft Defender for endpoint protection. 

I prefer to put a pound into the prevention and an ounce into the cure, but CrowdStrike put more focus into the EDR. This works as a business model for them, as they get a lot of customers purchasing their MDR services, usually SMBs lacking the staff to leverage the EDR tool themselves adequately. We have many such customers. I would much rather see more refinement and investment into the prevention side of the equation, though CrowdStrike has a good engine. The solution is as effective as SentinelOne and Windows Defender for Endpoint; it's an excellent endpoint protection solution.

I would like to see more integration capabilities and expansion into vulnerability management. I'd like to see it go beyond that into unified endpoint management, a unified security solution that doesn't just tell me what's wrong; it helps me fix it operationally.

We have been a reseller of the solution since 1989.

The solution is very stable. 

It is a very scalable solution, there is no question about that. 

The technical support is good; it's not bad and not the best.

The setup is relatively complex. Post-setup, the maintenance is light, but deployment is more complicated compared to some competitors, including SentinelOne or Cylance. Falcon Complete requires more tuning.

Once the product is implemented, I would say most of our customers require around a quarter of an FTE for maintenance. 

This product is one of the more expensive ones on the market. 

I'd rate the product an eight out of ten because there's always room for improvement in my mind. There are enough other solutions in the market space that are on par with the features and capabilities of CrowdStrike that bump it down from a nine to an eight. It's a pretty level playing field.

Most of my customers are small to medium size businesses. They don't have the people, the knowledge or the time to spend on complex setups and tuning. Any solution has to be simple out of the gate, easy to understand, and it has to be quick to deploy. Therefore, many of my clients use the implementation and managed services, and I have firsthand experience of some issues that can cause. Companies may hold off on more complicated features or configurations they don't fully understand, sometimes even permanently. This isn't unique to Falcon Complete; there are many solutions with features that are never fully leveraged by some clients. The issue is when the solution is not as effectively deployed and configured as possible because it's not a small investment.

When it comes to this solution, my advice is to shop around. CrowdStrike is an excellent brand with an outstanding reputation, but it's also the most expensive or one of the most expensive solutions. If price is a concern, other solutions can do the same job for you or be just as effective. Falcon Complete has few features that make it a big market differentiator nowadays. It makes sense if you need the product's specific features or have the staff to fully leverage the EDR without paying for the MDR.

I use Falcon Complete for scanning devices.

Falcon Complete's best feature is detection. The interface is also user-friendly.

There have been some issues with Falcon Complete's performance. They could also improve their reporting. In the next release, I'd like Falcon Complete to include a logging component for user authentication.

I've been working with Falcon Complete for around four months.

Falcon Complete is stable and easy to maintain.

CrowdStrike's technical support is good, though sometimes their responses are delayed.

Positive

I previously used Symantec but switched as Falcon Complete offers more features like detection.

The initial setup was simple, and once it was installed, we could easily handle the upgrades around the console.

Falcon Complete could be a bit cheaper.

I would rate Falcon Complete as eight out of ten.

We use CrowdStrike Falcon Complete for the management of endpoints, which are located onshore and offshore. 

CrowdStrike Falcon Complete is mainly for endpoint protection, and we used it alongside Microsoft Defender, to secure our assets, which are either domains or newgroups.

CrowdStrike Falcon Complete's most valuable features are efficient dashboards and their ease of management.

The improvements needed for CrowdStrike Falcon Complete are in the way the agent updates. The overall management of endpoints needs to be better.

In the next release of CrowdStrike Falcon Complete, they should include more security towards endpoints, add device management, and PAM solutions along with their endpoint solutions.

I have been using CrowdStrike Falcon Complete for approximately two years.

CrowdStrike Falcon Complete is stable. If they make any changes in the backend, then they leave their clients with very little choice, they either have to force manage everything or they can be left out.

The scalability of CrowdStrike Falcon Complete is good. We are in the cloud making scalability not a problem.

The support for CrowdStrike Falcon Complete is not good. They take a very long time to respond, it takes 24 to 28 hours for them to get back to us.

I have used previously Microsoft Defender for Endpoints.

Microsoft Defender for Endpoints is a very basic endpoint security solution. I cannot even compare it with CrowdStrike Falcon Complete.

The initial implementation of CrowdStrike Falcon Complete, including the creation of policies and aspects, is fairly easy. However, the only challenge is to roll out the endpoints individually onto all systems. If you have a large network and you don't have an SCCM or any other solution through which you can roll out, it becomes cumbersome. The solution does not come with any auto ruling platform feature.

The price of this solution is expensive compared to others solutions.

I have been using CrowdStrike Falcon Complete a seven out of ten.

This is a security solution used for its antivirus, endpoint detection, and response capabilities.

There are many different modules with this solution where vulnerability and inventory management can be carried out. The solution has a good dashboard and offers a lot of insights into your systems.

I would like to have the option to deploy on-premise.

I have been using this solution for two and a half years.

This solution is very stable.

Since this is a SaaS, it is very scalable. Based on your requirements, you are able to scale on the fly whenever necessary. We currently have over five thousand users.

I had to contact support for some minor issues and they were able to help us out pretty well.

We previously had a signature-based AV prior to switching to CrowdStrike.

The initial setup is pretty straightforward but can vary based on the individual organization's requirements. You do need to push clients to the endpoints which can take time but the overall configuration does not take that much time.

We used a partner for installation.

We now have two administrators and one round-the-clock manager for maintenance of the platform.

There is an annual subscription.

CrowdStrike is one of the top two EDRs on the market. Since the solution is lightweight, it is able to offer a lot of features and provide you with strong protection against different attacks.

I would rate this solution a nine out of ten.

The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution.

They have very good knowledge of how to hunt for threats. It is all about the intelligence you put into a solution for detection. It is about making sure that if you see a number of things, you can interpret them correctly and take the right action against them. They're one of the best vendors because they come from that background. 

They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage. 

I have been working with this solution for three years.

We don't see any specific limitations on that at the moment. 

We have large implementations, and we don't really see any issues with the scalability of the solution. It seems to be able to scale up fairly quickly within the environment.

Their support is top-notch. They're very dedicated. Their experts are online when you need them. 

It is very straightforward. It takes very limited time to set it up. People get used to it very quickly.

Being a cloud-based solution, you don't really have to do a lot of installation. They have their own cloud. It is maintaining itself. There are automatic updates. That's one of the reasons why you want to go to the cloud-based approach. It is very easy in terms of maintenance.

I would advise anyone interested in such a solution to try it out. It is very easy to try it out. 

It is an absolute requirement to get an EDR solution in place. You should go with the ones that really have the most advanced capabilities for threat hunting. It is best to go with the experts. They've had some competition from Microsoft, which is not a bad solution, but Microsoft is not a security expert. CrowdStrike knows very well how to identify threats and link them to specific behavior. That's what you really want to have in there, and that's their strength. One of the reasons why they're still leading is that they are the only ones who can say, "We manage your network, and we would give you money back if we could not detect the issues upfront." That's one of their strong points.

If they don't do any specific scanning, they will adapt themselves to that. If it is a new system, they would need to learn that. If there is something new in there, it could be harder for them to detect it because they don't yet know the behavior, and they have to learn about it. That's the only negative element I see in it. 

They're doing quite a bit of work in improving it. They are doing a good job in evolving the product. I don't see any specific needs at this given moment on that. You could ask a lot, but in the end, you still need to make sure that the core is functioning well. They should stick with what they do best. Evolve that but not start doing everything. That's because it will not work. I'd rather have them stick to their niche.

I would rate it a nine out of 10.