CrowdStrike Falcon Complete MDR Reviews

We have been testing CrowdStrike Falcon Complete but we have not implemented it in our production at this time. However, we have found useful features in CrowdStrike.

CrowdStrike Falcon Complete has a very lightweight agent that provides signatureless detection protection from known and unknown malware or ransomware which is very useful.

The vulnerability assessment feature is a great benefit that provides detailed assessments of vulnerability. There are plenty of visualization of the threat; if any attack happens they explain in a visualization how the attack happens, how much the system has been affected, and what is the source. This information has allowed us to make the appropriate action.

CrowdStrike Falcon Complete is not providing application control. This is a very useful feature in any endpoint security because if you want to block any malicious activity of any particular application, you can not block it in this solution. However, you are able to block hashes, but not executable files or processes. Additionally, this solution does not provide a user risk score. These are two areas that CrowdStrike Falcon Complete can improve on in the future.

I have been using CrowdStrike Falcon Complete for a short period of time.

The solution is scalable.

Our customers are mostly large organizations. A recent customer has approximately 15,000 endpoints.

We only raised one case with the technical support and they solved the issue very quickly. Since we only had this one occasion we dealt with the support we are not aware of the consistency of their support.

I have previously used Trend Micro Apex One with Trend Micro Managed XDR.

The initial setup was straightforward. It is easy to install for an end-user system from a third-party application. For a single installation, it can be done with a few clicks of the mouse, it is not complicated, anyone can install it.

We have a team of approximately three that can manage CrowdStrike Falcon Complete from System Center Configuration Manager (SCCM). We do not need to go to every system and install it, all of it can be done through the SCCM.

I would recommend CrowdStrike Falcon Complete to others.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use the solution for protecting the endpoints.

The solution simplified our structure.

The Falcon Spotlight is a most valuable feature.

While the pricing does not bother us, it is a bit on the high side. It could be lower.

An MDM, Mobile Device Manager, should be added in the next release. 

We just started implementing CrowdStrike Falcon Complete a couple of weeks ago. 

We have only recently started to implement the solution, so I am not in a position to comment on its stability. 

We have not had occasion to contact technical support. 

We did not use a different solution in the past. 

The initial setup was easy.

We handled the initial setup on our own. We make use of CrowdStrike's help.

The pricing could be lower. The solution is a bit expensive. 

In addition to CrowdStrike Falcon Complete, we also looked at FireEye from Palo Alto and at other solutions from Symantec. We decided to go with CrowdStrike Falcon Complete.

I rate CrowdStrike Falcon Complete as an eight out of ten.

We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

The initial setup is straightforward. 

The stability and performance have been pretty good overall. 

The solution has proven to be very easy to implement and easy to manage.

It is very simple to use and not overly technical. 

The product gives us very low false positives. 

Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

We are customers and end-users.

We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.

It's an EDR group solution. We use it for behavioral-based analysis.

On our endpoints, we have signature-based and behavioral-based analyses, and we use CrowdStrike Falcon Complete for behavioral-based analyses. 

I think it has very good features that help dig deeper while doing an investigation. Its IOCs alerting mechanism is good. I think it is AI based and categorizes behaviors which are unusual.

CrowdStrike Falcon Complete has good instrumentation, and the user interface is good too.

Pricing is definitely a problem. It could be cheaper for licensing.

I've been using CrowdStrike Falcon Complete for 5 years.

It is stable.

It is scalable as well. It's a cloud-based solution, so I don't doubt the scalability. I think it's good.

We have 6,000 end users who are using it.

The technical support is good. You raise a complaint, and they respond immediately.

The installation was smooth and didn't take much time.

We did it by ourselves. We have two or three engineers who run it and perform the rolling, installation, and upgrades.

We have a yearly license, and it could be cheaper.

We evaluated Trend Micro and Sophos before choosing CrowdStrike Falcon Complete.

CrowdStrike Falcon Complete is great, and I would rate it at eight on a scale from one to ten.

If you go with this solution, I think that you should also obtain another service called Hybrid Analysis, the premium edition. I think with this, you'll get malware samples you can correlate, and it will be a good tool for the SOC team.

Currently, we're trying to understand which solution would be able to help us to block external ports on computers. We're looking at Crowdstrike and working to understand how they can help us handle this.

While I'm not directly on the team that deals with the solution daily, I would say that the solution is very stable.

The solution is quite flexible.

We haven't had any issues with the product so far. 

It's my understanding that the reporting aspect of the solution could be improved. It should be more flexible and robust.

The solution should include some sort of DLP capabilities.

I've been using the solution for a while. It's been about three years or so.

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is great.

We have more than 25,000 users on the solution currently. 

We are currently evaluating the solution to see if we will continue to use it or not going forward. Until that is done, I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. A different team handles that aspect. I cannot speak to how helpful or responsive they are. I can't provide any useful insights at this time. 

The initial setup took place about three years ago. At the time it was installed I wasn't a part of the company. Therefore, I can't speak to how easy or difficult the solution is to set up and deploy. I wasn't a part of the process. 

We pay a licensing fee in order to use the solution, however, I can't speak to the overall cost. It's not an aspect of the solution I directly deal with.

My company is a customer and an end-user of the solution. It doesn't have any direct affiliation with Crowdstrike.

We're using the latest version of the solution at this time. I can't speak to what the actual version number is. 

I'd rate the solution, on a scale from one to ten, at an eight. We're mostly quite satisfied with the solution.

I'd recommend the solution to other users and organizations.

It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.

It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. 

It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.

It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.

Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.

I have been providing this solution for three years.

It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.

It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.

One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.

The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer. 

Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks. 

Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast. 

The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer. 

We are a team of two. I and my colleague do the deployment. 

It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.

Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.

CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.

We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector. 

There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints. 

I would rate CrowdStrike Falcon Complete an eight out of ten.

We primarily use the solution for endpoint security. It is a very important aspect of security for us as the threat landscape is growing. There constantly needs to be better monitors of the activity on the endpoints and windows server. That's the main driver behind using this solution.

The AI and the group knowledge base that they get from having multiple clients in the cloud is very useful to us. It helps keep us safe from attacks as it allows them to apply a broader knowledge base to our protection for our company.

The solution doesn't actually scan desktops. They prevent execution and they do a very, very, very good job at that. However, if there is malware, et cetera, on an endpoint, there's not a scan feature to simply remove it. You have to go in and clean the registry and do the other stuff yourself. It would be ideal if there was some sort of scanning functionality built-in.

The logging features aren't robust and the information isn't kept long enough. The active logs are only retained for seven days. It would be better if it was available for, let's say, 30 days. If we were going to do any forensics, we would have the time to execute them.

We have been using the solution for about two years at this point. We plan to use it at least until the end of this year. It hasn't been very long.

We have looked at Carbon Black previously, as well as Cybereason. We were looking for alternatives to Crowdstrike, however, we decided we would keep this solution until the end of the year.

The reason we didn't switch yet is mostly due to time constraints. We had to renew or implement a new solution and it wasn't going to happen in the timeframe we were looking at. Therefore, we had to put it off. 

The Carbon Black is not as advanced as CrowdStrike. Also, Cybereason lags too far behind on Mac OS upgrades. We wouldn't have been able to roll out Cybereason, even though it looks like a very good product, as it didn't support Big Sur and wouldn't for another five or six months, which meant we would have machines that wouldn't be covered

We are a customer and an end-user of the product. We don't have a business relationship of any kind with Crowdstrike.

The solution is deployed from the cloud. We put it on our endpoints, however, the core application is in CrowdStrike's cloud. It's a cloud app.

Overall, I would rate the solution at a seven out of ten.

It is working well. I tried a ransomware attack myself, and they were very fast in mitigating. I am very convinced of this product, and I am very satisfied with how it is working.

The team behind the program itself is very valuable. If you don't have your own security team, they can do a great job for you. If your IT team isn't in the company, this can be of great value to you.

Its documentation is very good. They have many different dashboards, and they do have a lot of information. Sometimes, it can be a bit overwhelming how much information is there, but once you find your way through with them, everything is very logical.

Some dashboards can be very complex, but once you get to know them, it is very logical.

I have been using this solution since 2019.

It is absolutely stable.

It is very scalable. It really doesn't matter whether you are a company using 100 endpoints or more than 2,000 endpoints. We have around 1,700 people in our company. There are around 200 people that need to be onboarded again.

They were very fast in responding. If you have a technical question, it only takes a couple of hours before they answer your questions. They are very skilled.

We had Symantec endpoints previously. They were very traditional points. There isn't a resemblance between these two solutions because CrowdStrike is more into machine learning in terms of the behavior of the system. Symantec is more of a traditional antivirus that starts scanning your computer and new files. They both are very different in the way they work.

Its setup is fairly basic. It is not very complex. We had the support of the Falcon Complete team to set it up. It took a couple of days.

 The Falcon Complete team introduced the platform.

It is a fairly firm price. It is not the cheapest solution, but if you take the complete team into consideration, it is a great value. 

You need to know that CrowdStrike is different in the way it works as opposed to the traditional software. It is fairly self-explaining, but you just need to know that this endpoint is based on the behavior. This means that if you introduce a USB stick with malicious software on it and the software or the file isn't opened yet or is dormant, CrowdStrike won't detect it. The minute you are trying to use that file, and the file is trying to execute things, CrowdStrike detects it instantly and takes action to mitigate a problem.

I would rate CrowdStrike Falcon Complete a nine out of ten. It is a great product. For our company, it is the right product. It is company deployed, and we will stick with CrowdStrike.