CrowdStrike Falcon Complete MDR Reviews

The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution.

They have very good knowledge of how to hunt for threats. It is all about the intelligence you put into a solution for detection. It is about making sure that if you see a number of things, you can interpret them correctly and take the right action against them. They're one of the best vendors because they come from that background. 

They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage. 

I have been working with this solution for three years.

We don't see any specific limitations on that at the moment. 

We have large implementations, and we don't really see any issues with the scalability of the solution. It seems to be able to scale up fairly quickly within the environment.

Their support is top-notch. They're very dedicated. Their experts are online when you need them. 

It is very straightforward. It takes very limited time to set it up. People get used to it very quickly.

Being a cloud-based solution, you don't really have to do a lot of installation. They have their own cloud. It is maintaining itself. There are automatic updates. That's one of the reasons why you want to go to the cloud-based approach. It is very easy in terms of maintenance.

I would advise anyone interested in such a solution to try it out. It is very easy to try it out. 

It is an absolute requirement to get an EDR solution in place. You should go with the ones that really have the most advanced capabilities for threat hunting. It is best to go with the experts. They've had some competition from Microsoft, which is not a bad solution, but Microsoft is not a security expert. CrowdStrike knows very well how to identify threats and link them to specific behavior. That's what you really want to have in there, and that's their strength. One of the reasons why they're still leading is that they are the only ones who can say, "We manage your network, and we would give you money back if we could not detect the issues upfront." That's one of their strong points.

If they don't do any specific scanning, they will adapt themselves to that. If it is a new system, they would need to learn that. If there is something new in there, it could be harder for them to detect it because they don't yet know the behavior, and they have to learn about it. That's the only negative element I see in it. 

They're doing quite a bit of work in improving it. They are doing a good job in evolving the product. I don't see any specific needs at this given moment on that. You could ask a lot, but in the end, you still need to make sure that the core is functioning well. They should stick with what they do best. Evolve that but not start doing everything. That's because it will not work. I'd rather have them stick to their niche.

I would rate it a nine out of 10.

We have been testing CrowdStrike Falcon Complete but we have not implemented it in our production at this time. However, we have found useful features in CrowdStrike.

CrowdStrike Falcon Complete has a very lightweight agent that provides signatureless detection protection from known and unknown malware or ransomware which is very useful.

The vulnerability assessment feature is a great benefit that provides detailed assessments of vulnerability. There are plenty of visualization of the threat; if any attack happens they explain in a visualization how the attack happens, how much the system has been affected, and what is the source. This information has allowed us to make the appropriate action.

CrowdStrike Falcon Complete is not providing application control. This is a very useful feature in any endpoint security because if you want to block any malicious activity of any particular application, you can not block it in this solution. However, you are able to block hashes, but not executable files or processes. Additionally, this solution does not provide a user risk score. These are two areas that CrowdStrike Falcon Complete can improve on in the future.

I have been using CrowdStrike Falcon Complete for a short period of time.

The solution is scalable.

Our customers are mostly large organizations. A recent customer has approximately 15,000 endpoints.

We only raised one case with the technical support and they solved the issue very quickly. Since we only had this one occasion we dealt with the support we are not aware of the consistency of their support.

I have previously used Trend Micro Apex One with Trend Micro Managed XDR.

The initial setup was straightforward. It is easy to install for an end-user system from a third-party application. For a single installation, it can be done with a few clicks of the mouse, it is not complicated, anyone can install it.

We have a team of approximately three that can manage CrowdStrike Falcon Complete from System Center Configuration Manager (SCCM). We do not need to go to every system and install it, all of it can be done through the SCCM.

I would recommend CrowdStrike Falcon Complete to others.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use the solution for protecting the endpoints.

The solution simplified our structure.

The Falcon Spotlight is a most valuable feature.

While the pricing does not bother us, it is a bit on the high side. It could be lower.

An MDM, Mobile Device Manager, should be added in the next release. 

We just started implementing CrowdStrike Falcon Complete a couple of weeks ago. 

We have only recently started to implement the solution, so I am not in a position to comment on its stability. 

We have not had occasion to contact technical support. 

We did not use a different solution in the past. 

The initial setup was easy.

We handled the initial setup on our own. We make use of CrowdStrike's help.

The pricing could be lower. The solution is a bit expensive. 

In addition to CrowdStrike Falcon Complete, we also looked at FireEye from Palo Alto and at other solutions from Symantec. We decided to go with CrowdStrike Falcon Complete.

I rate CrowdStrike Falcon Complete as an eight out of ten.

CrowdStrike Falcon Complete is used to inform the IT or security analyst if there is something happening inside the endpoint. Additionally, the EDR can take an action by itself if there is something abnormal happening inside the endpoint.

If there is something wrong or not normal in the endpoint CrowdStrike Falcon Complete is very responsive. It will give an alert that is very useful and it takes action automatically. There at times needs to be some manual intervention but it is less often.

The solution needs to have human involvement, they could improve by having more automation where the solution can take the necessary action on time and more accurately.

I have been using this solution for approximately one year.

The solution is stable.

I have found the scalability very good.

We have approximately 1,000 users using this solution in my organization.

The technical support is excellent.

The installation is easy. We can install it through Windows Active Directory, send the files to the end-user to install it, or the IT department can install it remotely. The time it took for the full installation throughout our organization took 35 days.

We have four to five people that do the implementation and maintenance of the solution. 

The solution is priced fairly. For the features you receive, it is worth the money.

I would recommend this solution to others.

I rate CrowdStrike Falcon Complete ten out of ten.

We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

The initial setup is straightforward. 

The stability and performance have been pretty good overall. 

The solution has proven to be very easy to implement and easy to manage.

It is very simple to use and not overly technical. 

The product gives us very low false positives. 

Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

We are customers and end-users.

We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.

It's an EDR group solution. We use it for behavioral-based analysis.

On our endpoints, we have signature-based and behavioral-based analyses, and we use CrowdStrike Falcon Complete for behavioral-based analyses. 

I think it has very good features that help dig deeper while doing an investigation. Its IOCs alerting mechanism is good. I think it is AI based and categorizes behaviors which are unusual.

CrowdStrike Falcon Complete has good instrumentation, and the user interface is good too.

Pricing is definitely a problem. It could be cheaper for licensing.

I've been using CrowdStrike Falcon Complete for 5 years.

It is stable.

It is scalable as well. It's a cloud-based solution, so I don't doubt the scalability. I think it's good.

We have 6,000 end users who are using it.

The technical support is good. You raise a complaint, and they respond immediately.

The installation was smooth and didn't take much time.

We did it by ourselves. We have two or three engineers who run it and perform the rolling, installation, and upgrades.

We have a yearly license, and it could be cheaper.

We evaluated Trend Micro and Sophos before choosing CrowdStrike Falcon Complete.

CrowdStrike Falcon Complete is great, and I would rate it at eight on a scale from one to ten.

If you go with this solution, I think that you should also obtain another service called Hybrid Analysis, the premium edition. I think with this, you'll get malware samples you can correlate, and it will be a good tool for the SOC team.

Currently, we're trying to understand which solution would be able to help us to block external ports on computers. We're looking at Crowdstrike and working to understand how they can help us handle this.

While I'm not directly on the team that deals with the solution daily, I would say that the solution is very stable.

The solution is quite flexible.

We haven't had any issues with the product so far. 

It's my understanding that the reporting aspect of the solution could be improved. It should be more flexible and robust.

The solution should include some sort of DLP capabilities.

I've been using the solution for a while. It's been about three years or so.

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is great.

We have more than 25,000 users on the solution currently. 

We are currently evaluating the solution to see if we will continue to use it or not going forward. Until that is done, I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. A different team handles that aspect. I cannot speak to how helpful or responsive they are. I can't provide any useful insights at this time. 

The initial setup took place about three years ago. At the time it was installed I wasn't a part of the company. Therefore, I can't speak to how easy or difficult the solution is to set up and deploy. I wasn't a part of the process. 

We pay a licensing fee in order to use the solution, however, I can't speak to the overall cost. It's not an aspect of the solution I directly deal with.

My company is a customer and an end-user of the solution. It doesn't have any direct affiliation with Crowdstrike.

We're using the latest version of the solution at this time. I can't speak to what the actual version number is. 

I'd rate the solution, on a scale from one to ten, at an eight. We're mostly quite satisfied with the solution.

I'd recommend the solution to other users and organizations.

It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.

It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. 

It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.

It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.

Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.

I have been providing this solution for three years.

It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.

It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.

One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.

The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer. 

Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks. 

Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast. 

The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer. 

We are a team of two. I and my colleague do the deployment. 

It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.

Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.

CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.

We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector. 

There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints. 

I would rate CrowdStrike Falcon Complete an eight out of ten.