IT Central Station is now PeerSpot: Here's why

CrowdStrike Falcon Complete OverviewUNIXBusinessApplication

CrowdStrike Falcon Complete is #1 ranked solution in MDR Services. PeerSpot users give CrowdStrike Falcon Complete an average rating of 8 out of 10. CrowdStrike Falcon Complete is most commonly compared to Secureworks Taegis ManagedXDR: CrowdStrike Falcon Complete vs Secureworks Taegis ManagedXDR. CrowdStrike Falcon Complete is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 26% of all views.
CrowdStrike Falcon Complete Buyer's Guide

Download the CrowdStrike Falcon Complete Buyer's Guide including reviews and more. Updated: June 2022

What is CrowdStrike Falcon Complete?

Falcon Complete: Endpoint protection delivered as a service. The highest level of endpoint security maturity delivered immediately, without the burden of building and managing it yourself.

Try Falcon for free at https://go.crowdstrike.com/try...;utm_medium=syn&utm_source=itcs. 

CrowdStrike Falcon Complete was previously known as Falcon Complete.

CrowdStrike Falcon Complete Customers

Palm Beach State College, Mercedes-AMG, Pokemon, Telstra, Goldman Sachs, Zebra

CrowdStrike Falcon Complete Video

CrowdStrike Falcon Complete Pricing Advice

What users are saying about CrowdStrike Falcon Complete pricing:
  • "At approximately €60 per machine, per year, I think that it's a good price point."
  • "CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive."
  • "They are really reasonable for the services they are providing. When you add more endpoints, you are going to pay more for the license."
  • "It is a fairly firm price. It is not the cheapest solution, but if you take the complete team into consideration, it is a great value."
  • CrowdStrike Falcon Complete Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Tugomil Cerovecki - PeerSpot reviewer
    CTO at SuperSport
    Real User
    Top 10
    Provides good network visibility, easy to work with, and deep inspection provides valuable insight
    Pros and Cons
    • "It has good visibility, works well, and it is fast."
    • "The performance slows down by between 10% and 40%, depending on what type of work the machine is doing."

    What is our primary use case?

    Our primary use case is an ordinary antivirus. We also use it to watch the activity on the machine.

    What is most valuable?

    It has good visibility, works well, and it is fast. It is easy to see what is happening and the reporting is good, although I still don't understand everything. We are still trying to understand all of the information that we receive. When a problem is being investigated, the product does a deep inspection and this is something that we really like. You can see things like which file is connected with which services. The deep inspection is something that we don't have in any other of our other tools. The central console is good and it is easy to work with. This product is easy to maintain on a daily basis.

    What needs improvement?

    There are some parts of this solution that are too slow. The performance slows down by between 10% and 40%, depending on what type of work the machine is doing. For example, we had to shut down our backup because it was too slow and it started to overlap with other tasks. We did not try to use our SQL database because there was too much of an impact. This is not on the network but on the machine and even a few percentage points difference is significant for us because of the volume of transactions.  Integration slows down the system a bit. I would like to have an alternate dashboard view, which is somewhat simpler. The one it presents now is like Splunk, and it is very good, but it would be helpful to have a simpler one that only shows the basics like what you have and what it has found. As it is now, it takes time to get used to it. After a while, it won't be a problem for me or other users in the company. When you're working with a regular antivirus, it is much easier to set up and start using.

    For how long have I used the solution?

    We have been working with CrowdStrike Falcon Complete for two months. We are still deploying and integrating it into our environment.
    Buyer's Guide
    CrowdStrike Falcon Complete
    June 2022
    Learn what your peers think about CrowdStrike Falcon Complete. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    608,713 professionals have used our research since 2012.

    How are customer service and support?

    Because we are still in the process of initial integration, it is our partner who is in contact with technical support. We're still waiting for them to answer with respect to one issue, and now after waiting for two weeks, I cannot say that I'm very happy with that. However, given that it is the holiday season, it's pretty understandable. I expect that it will be complete in January when we are fully operational. During New Year and Christmas, it is a bit of a lazy time for everybody.

    Which solution did I use previously and why did I switch?

    We have several solutions in place. We have a firewall, antivirus, and email antivirus systems, and there are still things that pass through. This product is our fourth layer of defense.

    How was the initial setup?

    The initial setup was straightforward for us because we had assistance. On our own, this would not have been as easy.

    What about the implementation team?

    We had CrowdStrike partners who assisted us with the implementation. They asked us things like what should be protected and what should not be. It was a lot of work for our partner to complete the deployment.

    What's my experience with pricing, setup cost, and licensing?

    At approximately €60 per machine, per year, I think that it's a good price point. When you compare this to Windows Defender for Endpoints, the price of that solution is about €50 Euro per month per user. There are people who spend a lot of time trying to find the right price to sell new products at, so I always think that people know the value of their product and what price they can sell it at.

    What other advice do I have?

    Every solution has pros and cons. I don't see anything that is more advanced than other solutions, and it's just an ordinary spy product. I have to wait for some time to see how well it works in the real world, but it finds some malware and it finds some things that pass through as normal.  At this point in time, I can't yet say for the general case whether I would recommend this product. We are still having a problem with the slowness and the impact on the performance of the system. For workstations or servers that do not have a high load on them, I would certainly recommend buying it. In our case, we had to remove it from our backup servers. So, if you're already using a backup, or hosting servers for VMware or Hyper-V, or using a SQL database, then you should consider testing it first. I'm still not sure what will happen in our case. At this point, I cannot rate it an eight or higher because we still don't have an answer on improving the performance. If ultimately they resolve our problem then I would rate this solution an eight or a nine out of ten. I would rate this solution a seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Global IT Infrastructure Manager at TMF Group
    Real User
    Top 20
    Easy to use, simple to set up and provides easy management
    Pros and Cons
    • "It is very simple to use and not overly technical."
    • "They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure."

    What is our primary use case?

    We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

    How has it helped my organization?

    In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

    What is most valuable?

    The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

    The initial setup is straightforward. 

    The stability and performance have been pretty good overall. 

    The solution has proven to be very easy to implement and easy to manage.

    It is very simple to use and not overly technical. 

    The product gives us very low false positives. 

    What needs improvement?

    Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

    They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

    The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

    For how long have I used the solution?

    We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

    What do I think about the stability of the solution?

    The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

    What do I think about the scalability of the solution?

    The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

    We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

    We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

    How are customer service and technical support?

    We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

    How was the initial setup?

    The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

    What's my experience with pricing, setup cost, and licensing?

    We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

    Which other solutions did I evaluate?

    When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

    What other advice do I have?

    We are customers and end-users.

    We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

    I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

    If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    CrowdStrike Falcon Complete
    June 2022
    Learn what your peers think about CrowdStrike Falcon Complete. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    608,713 professionals have used our research since 2012.
    Senior Security Consultant at a tech services company with 501-1,000 employees
    Reseller
    Top 10
    Easy, lightweight, 100% reliable, and able to stop zero-day and ransomware attacks
    Pros and Cons
    • "It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. Falcon Overwatch is a valuable module. It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this. It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple."
    • "Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer. It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne."

    What is our primary use case?

    It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.

    What is most valuable?

    It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. 

    It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.

    It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.

    What needs improvement?

    Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

    It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.

    For how long have I used the solution?

    I have been providing this solution for three years.

    What do I think about the stability of the solution?

    It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.

    What do I think about the scalability of the solution?

    It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.

    One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.

    How are customer service and technical support?

    The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer. 

    Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

    Which solution did I use previously and why did I switch?

    I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks. 

    How was the initial setup?

    Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast. 

    The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer. 

    What about the implementation team?

    We are a team of two. I and my colleague do the deployment. 

    It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.

    What was our ROI?

    Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.

    What's my experience with pricing, setup cost, and licensing?

    CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.

    What other advice do I have?

    We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector. 

    There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints. 

    I would rate CrowdStrike Falcon Complete an eight out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
    Senior Account Manager at a tech services company with 201-500 employees
    Real User
    Comes with good threat-hunting and behavior-based analysis capabilities, and provides quick protection against new threats
    Pros and Cons
    • "The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution."
    • "They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage."

    What is most valuable?

    The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution.

    They have very good knowledge of how to hunt for threats. It is all about the intelligence you put into a solution for detection. It is about making sure that if you see a number of things, you can interpret them correctly and take the right action against them. They're one of the best vendors because they come from that background. 

    What needs improvement?

    They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage. 

    For how long have I used the solution?

    I have been working with this solution for three years.

    What do I think about the stability of the solution?

    We don't see any specific limitations on that at the moment. 

    What do I think about the scalability of the solution?

    We have large implementations, and we don't really see any issues with the scalability of the solution. It seems to be able to scale up fairly quickly within the environment.

    How are customer service and support?

    Their support is top-notch. They're very dedicated. Their experts are online when you need them. 

    How was the initial setup?

    It is very straightforward. It takes very limited time to set it up. People get used to it very quickly.

    Being a cloud-based solution, you don't really have to do a lot of installation. They have their own cloud. It is maintaining itself. There are automatic updates. That's one of the reasons why you want to go to the cloud-based approach. It is very easy in terms of maintenance.

    What other advice do I have?

    I would advise anyone interested in such a solution to try it out. It is very easy to try it out. 

    It is an absolute requirement to get an EDR solution in place. You should go with the ones that really have the most advanced capabilities for threat hunting. It is best to go with the experts. They've had some competition from Microsoft, which is not a bad solution, but Microsoft is not a security expert. CrowdStrike knows very well how to identify threats and link them to specific behavior. That's what you really want to have in there, and that's their strength. One of the reasons why they're still leading is that they are the only ones who can say, "We manage your network, and we would give you money back if we could not detect the issues upfront." That's one of their strong points.

    If they don't do any specific scanning, they will adapt themselves to that. If it is a new system, they would need to learn that. If there is something new in there, it could be harder for them to detect it because they don't yet know the behavior, and they have to learn about it. That's the only negative element I see in it. 

    They're doing quite a bit of work in improving it. They are doing a good job in evolving the product. I don't see any specific needs at this given moment on that. You could ask a lot, but in the end, you still need to make sure that the core is functioning well. They should stick with what they do best. Evolve that but not start doing everything. That's because it will not work. I'd rather have them stick to their niche.

    I would rate it a nine out of 10.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Partner at Fortium Partners: Interim, virtual & fractional CISO and CPO at a tech services company with 51-200 employees
    Real User
    Top 10
    Good intelligence, outstanding security whitepapers, excellent support, and does what it is supposed to do
    Pros and Cons
    • "Their intelligence is really good. The security whitepapers that they write are outstanding. They handle it all for the clients. CrowdStrike Complete is managed by CrowdStrike. They only call a client if there is a problem that they can't address. They pretty much contain and eradicate. This is not something that every vendor provides."
    • "People should be able to obtain training at any point of the engagement so that if somebody who doesn't have the basic knowledge is getting thrown into it, they are able to get trained, and CrowdStrike is able to help them out. CrowdStrike is really doing what they're supposed to be doing, but it is like anything else where they have to keep up on their research and development, or they'll fall behind. This is a fast-paced environment, and I've seen that vendors that were really good three years ago are terrible now. CrowdStrike is trying to stay ahead of the bad guys. They have AI. I have not had a problem with them missing anything. If they missed something, they should just make sure that they don't miss it again and understand why they missed it. I don't know if they did."

    What is our primary use case?

    Our clients use it for protecting themselves from getting ransomware. Their use case is just to protect their endpoints because it is really bad out there.

    It is a hybrid deployment. You have to have agents on all the endpoints, and all the CrowdStrike AI is on the cloud.

    What is most valuable?

    Their intelligence is really good. The security whitepapers that they write are outstanding.

    They handle it all for the clients. CrowdStrike Complete is managed by CrowdStrike. They only call a client if there is a problem that they can't address. They pretty much contain and eradicate. This is not something that every vendor provides.

    What needs improvement?

    People should be able to obtain training at any point of the engagement so that if somebody who doesn't have the basic knowledge is getting thrown into it, they are able to get trained, and CrowdStrike is able to help them out.

    CrowdStrike is really doing what they're supposed to be doing, but it is like anything else where they have to keep up on their research and development, or they'll fall behind. This is a fast-paced environment, and I've seen that vendors that were really good three years ago are terrible now. CrowdStrike is trying to stay ahead of the bad guys. They have AI. I have not had a problem with them missing anything. If they missed something, they should just make sure that they don't miss it again and understand why they missed it. I don't know if they did.

    For how long have I used the solution?

    I have been using this solution for years.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is easy. All you need to do is to get the correct pricing. When you add more endpoints, you are going to pay more for the license. When you do mergers and acquisitions, it is always a concern. If you've got really good security products in one company but not in the other one, you have to bring them in.

    Most of our clients are medium-sized companies. We also have large clients, but they have got full security staff. CrowdStrike does well in medium-sized companies because they need them really badly. With CrowdStrike Complete, they don't have to have the staff to manage it.

    How are customer service and technical support?

    I have interacted with them, and they are excellent.

    Which solution did I use previously and why did I switch?

    Our clients had other solutions, and they switched because they got ransomware. A lot of solutions aren't always what they say they are. Some are good, but people don't have the staff to manage them. With CrowdStrike Complete, you don't have to have the staff to manage it.

    How was the initial setup?

    Its initial setup is very straightforward. The agents are really easy to roll out. 

    I always tell my clients that it is a partnership. You have to do health checks with them to make sure that you're doing what you should be doing and they're doing what they're supposed to be doing.  Sometimes, clients put products in place, and they leave them. Then they find out that they didn't set them right, and now they're a victim of a ransomware attack that they could have avoided. They had the right security product in place. 

    CrowdStrike should be promoting these health checks with their clients, and they do, but I don't know if all salespeople do it. That is so important because sometimes it is not the vendor that caused the issue. It is the client, but they didn't know any better.

    What's my experience with pricing, setup cost, and licensing?

    They are really reasonable for the services they are providing. When you add more endpoints, you are going to pay more for the license.

    What other advice do I have?

    I would recommend this solution. I would advise others to get the best pricing and doing it around the quarters. You should really understand the pricing structure and the fact that you still need somebody to be able to take their call if there is something they can't do. Do health checks, and make sure that it is implemented correctly and you have got all your endpoints covered. It is a partnership between the vendor and the customer, and CrowdStrike is really good at that.

    I would rate CrowdStrike Falcon Complete a ten out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    IT Security Operations Administrator at a energy/utilities company with 1,001-5,000 employees
    Real User
    Top 10
    Very scalable, easy to set up and excellent AI detection capabilities
    Pros and Cons
    • "The solution is user-friendly."
    • "The customization could be tweaked. We can do a bunch of custom dashboards. However, the one thing that I'm not a fan of is when you go to do an investigation, the way that the processes are laid out on the screen is very bland looking. While the information is there, it could be laid out better."

    What is our primary use case?

    We primarily use the solution for server endpoint protection as well as client and user client endpoint protection.

    How has it helped my organization?

    The solution allows us to have a single pane of glass for observing our antivirus and for any malicious activity. It allowed us to simplify investigations as well. It's basically helped keep our organization more secure.

    What is most valuable?

    The AI detection has been excellent in terms of detection and stopping malicious processes with little to no input on our end. 

    Over the last year, we've had two instances where we've actually had to take a machine offline and do some forensics, however, for the most part, it's been great in terms of stopping anything suspicious from running on people's machines.

    The solution is user-friendly.

    The product seems to integrate well with other products.

    The initial setup is pretty easy.

    What needs improvement?

    The solution isn't missing any features at this point. It's ticking all the boxes for our organization. There really isn't anything that I can see that would make me want to change providers.

    The customization could be tweaked. We can do a bunch of custom dashboards. However, the one thing that I'm not a fan of is when you go to do an investigation, the way that the processes are laid out on the screen is very bland looking. While the information is there, it could be laid out better. I've seen other products like Cisco Secure that gives you a better view of the issues. Cisco just presents the data differently, and it's easier to look at.

    For how long have I used the solution?

    I've been using the solution for about one year at this point.

    What do I think about the stability of the solution?

    We haven't suffered from bugs and have had no issues with updates. Everything is very light. It's very reliable and very stable.

    What do I think about the scalability of the solution?

    We added about a thousand hosts since we rolled this out, and we have more coming online and have had no impact on our environment due to the fact that it's a cloud staff solution. The product is very scalable. There's no issue in that sense.

    We have granted access to the dashboard to about five people, and it can be anyone from IT operations, server operations, and IT security.

    How are customer service and technical support?

    Technical support has been great. I'd rate them ten out of ten. You can open up tickets right from the dashboard itself, and they're very quick to answer questions. We're quite satisfied with their level of service.

    Which solution did I use previously and why did I switch?

    We used a different solution, and we switched due to the fact that CrowdStrike gave us the ability to replace our antivirus. At the time, we didn't have an EDR solution, therefore, CrowdStrike did both in terms of being able to detect an antivirus as well as proper endpoint detection and remediation.

    How was the initial setup?

    The initial setup is not complex at all. The implementation is extremely straightforward and very easy.

    Actually, one of the companies that we recently acquired was using another product and they wanted to know how easy it was to install our CrowdStrike. We had them uninstall their products on their servers and then install CrowdStrike, and it turns out uninstalling the other product took longer than the actual install of CrowdStrike.

    What's my experience with pricing, setup cost, and licensing?

    Our company is very mindful when it comes to purchasing - whether it's software or equipment. I believe the folks that made the decision to purchase this product did so based on price and performance. I wouldn't say there is an issue with pricing. We are redoing our license with them. If that was an issue, I'm pretty sure I would have been asked to look at other products. Therefore, although I don't know the exact pricing, my assumption is that the cost is rather reasonable.

    What other advice do I have?

    We're just customers. We don't have a business relationship with the company.

    I'd advise other organizations to definitely do a proof of concept in their organization, and then go from there.

    Overall, I'd give the solution a nine out of ten. It ticks all the boxes for everything that we need to do for investigations in our environment.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ABDUL-SHEIKH - PeerSpot reviewer
    Head of technology at Commtel
    Real User
    Top 20
    The solution integrates well and allows our customers to automate their site intelligence.
    Pros and Cons
    • "Falcon's threat intel is strong, and the solution allows our customers to automate their site intelligence. We can integrate Falcon X with the other platforms we use, like FireEye, Insight, Cybertech, and Kaspersky."
    • "I would love for the threat intelligence part to be more globalized to provide a tailored response to types of malware and ransomware that are trending in other regions. For example, they can add a feature to tell us that there are separate attacks in South Asia or East Asia occurring at these times, so we can supply those things to our environment and protect ourselves."

    What is our primary use case?

    Falcon is a threat intelligence platform. In cybersecurity, there's always a chance you'll get breached and gaps that need to be addressed, but you'll never know unless there is a threat seeking to exploit that particular weakness. Most use cases for Falcon will be directly ingested into our Siemens server. The total number of users on the solution is around 1,500.

    What is most valuable?

    Falcon's threat intel is strong, and the solution allows our customers to automate their site intelligence. We can integrate Falcon X with the other platforms we use, like FireEye, Insight, Cybertech, and Kaspersky. 

    The threat intelligence comes from Falcon X and goes directly into the SIEM and SOAR. That provides us valuable feedback for the use cases being used. If my analyst wants to check suspicious or malicious activities, they get the maximum information from Falcon X about URLs, IPs, domains, hashes, etc.

    What needs improvement?

    I would love for the threat intelligence part to be more globalized to provide a tailored response to types of malware and ransomware that are trending in other regions. 

    For example, they can add a feature to tell us that there are separate attacks in South Asia or East Asia occurring at these times, so we can supply those things to our environment and protect ourselves.

    For how long have I used the solution?

    We've been using Crowdstrike Falcon Complete for almost a year.

    What do I think about the scalability of the solution?

    Falcon is easy to scale.

    How are customer service and support?

    I rate CrowdStrike support eight out of 10. Overall, the customer service is excellent, and the backend teams are highly responsive. We have a good relationship with CrowdStrike.  The sales, technical, backend, and R&D teams work closely with the customers.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    Falcon X is a cloud-based subscription model, so you just need an account from CrowdStrike. You can log in and set it up in 5 to 10 minutes. It ultimately on how well you understand the technology. If you're familiar with the technology, it's straightforward, but you might find it complicated if this is your first time using it.

    There's a lot of information and options in front of you. If you don't know where you have to go for specific information, you'll think it's complicated. The amount of maintenance depends on whether there's a particular update or batch on the back end. 

    What's my experience with pricing, setup cost, and licensing?

    The licenses for both Carbon Black and Crowdstrike are expensive, but it depends on how the vendors scale the price and negotiate with the customer. So if you have a customer with 7,000 users, the vendor will offer them a low price per user to get them on board. If you have a few hundred users, the price will be a little bit more.

    There's a huge price difference at various scales. I was surprised that the license for a hundred users went as high as $120 per user, whereas the same product might cost $30 for 6,000 users.

    Which other solutions did I evaluate?

    I haven't worked on the backend part of Carbon Black, so it's hard for me to compare both products. We're using the EDR for Carbon Black with CrowdStrike's threat intelligence. 

    Carbon Black is an impressive tool for analysis because it provides in-depth information and a complete triage file for the analysts. In the CrowdStrike, you have some sort of limited information and for the in-depth information you need to take it, Carbon Black provides that particular thing on the first view.

    What other advice do I have?

    I rate CrowdStrike Falcon Complete nine out of 10. Before you deploy the product, you need to do research, understand the capabilities, and assess your requirements. You should know what you need before you purchase something. It's not like buying jeans, where you can get another pair if you're not satisfied. You should be certain that it fits your requirement.

    Budgets are always a challenge in the security field because every CEO or company owner thinks IT security is a burden. It doesn't generate profit, and the company needs to spend money on products and services. You might not go for the best product if you have budgetary constraints.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    Chief Information Security Officer at a construction company with 1,001-5,000 employees
    Real User
    Top 10
    An absolutely stable and scalable solution that works well and is fast in mitigating attacks
    Pros and Cons
    • "It is working well. I tried a ransomware attack myself, and they were very fast in mitigating. I am very convinced of this product, and I am very satisfied with how it is working. The team behind the program itself is very valuable. If you don't have your own security team, they can do a great job for you. If your IT team isn't in the company, this can be of great value to you. Its documentation is very good. They have many different dashboards, and they do have a lot of information. Sometimes, it can be a bit overwhelming how much information is there, but once you find your way through with them, everything is very logical."
    • "Some dashboards can be very complex, but once you get to know them, it is very logical."

    What is most valuable?

    It is working well. I tried a ransomware attack myself, and they were very fast in mitigating. I am very convinced of this product, and I am very satisfied with how it is working.

    The team behind the program itself is very valuable. If you don't have your own security team, they can do a great job for you. If your IT team isn't in the company, this can be of great value to you.

    Its documentation is very good. They have many different dashboards, and they do have a lot of information. Sometimes, it can be a bit overwhelming how much information is there, but once you find your way through with them, everything is very logical.

    What needs improvement?

    Some dashboards can be very complex, but once you get to know them, it is very logical.

    For how long have I used the solution?

    I have been using this solution since 2019.

    What do I think about the stability of the solution?

    It is absolutely stable.

    What do I think about the scalability of the solution?

    It is very scalable. It really doesn't matter whether you are a company using 100 endpoints or more than 2,000 endpoints. We have around 1,700 people in our company. There are around 200 people that need to be onboarded again.

    How are customer service and technical support?

    They were very fast in responding. If you have a technical question, it only takes a couple of hours before they answer your questions. They are very skilled.

    Which solution did I use previously and why did I switch?

    We had Symantec endpoints previously. They were very traditional points. There isn't a resemblance between these two solutions because CrowdStrike is more into machine learning in terms of the behavior of the system. Symantec is more of a traditional antivirus that starts scanning your computer and new files. They both are very different in the way they work.

    How was the initial setup?

    Its setup is fairly basic. It is not very complex. We had the support of the Falcon Complete team to set it up. It took a couple of days.

    What about the implementation team?

     The Falcon Complete team introduced the platform.

    What's my experience with pricing, setup cost, and licensing?

    It is a fairly firm price. It is not the cheapest solution, but if you take the complete team into consideration, it is a great value. 

    What other advice do I have?

    You need to know that CrowdStrike is different in the way it works as opposed to the traditional software. It is fairly self-explaining, but you just need to know that this endpoint is based on the behavior. This means that if you introduce a USB stick with malicious software on it and the software or the file isn't opened yet or is dormant, CrowdStrike won't detect it. The minute you are trying to use that file, and the file is trying to execute things, CrowdStrike detects it instantly and takes action to mitigate a problem.

    I would rate CrowdStrike Falcon Complete a nine out of ten. It is a great product. For our company, it is the right product. It is company deployed, and we will stick with CrowdStrike.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free CrowdStrike Falcon Complete Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2022
    Buyer's Guide
    Download our free CrowdStrike Falcon Complete Report and get advice and tips from experienced pros sharing their opinions.