CrowdStrike Falcon Complete Reviews

We use CrowdStrike Falcon Complete internally and externally according to the MITRE ATT&CK framework. MITRE ATT&CK describes most of the TTPs and explains them, including the default use cases and deployed policies. Our internal use case for the solution is specifically for internal fraud cases to use in our internal forensics team.

CrowdStrike Falcon Complete has helped in improving my company in terms of achieving strategies and executing frameworks.

What I found most valuable in CrowdStrike Falcon Complete is that it has a lot of monitoring dashboards and use cases, and I saw that it's a very good product, but my company has only tested it, so it's not been used for real use cases. My company hasn't tested the complete license for CrowdStrike Falcon Complete, so the team hasn't checked the open fiber rooms for zero-day attacks, IOAs and IOCs, or any indicators of fraudulent activities.

I was also amazed at the solution and its licensing. My company did a competitive analysis of many EDR solutions, but it went with CrowdStrike Falcon Complete. It's one of the top-rated solutions on CyberRatings as well.

At the moment, nothing is missing in CrowdStrike Falcon Complete. I'm amazed by it. It's perfect and I'm not aware of any other vendors that provide its features, but it would also depend on the configuration and policy management of the solution, for example, I can bring you an EDR solution and configure it badly, so it won't do anything. It also depends on the people, not just the technology you're obtaining, so this is the most important thing to do for all solutions, even for firewalls. You can obtain a firewall and if you permit everyone to go through it, then it's useless.

What could be improved in CrowdStrike Falcon Complete is its management console. Currently, that console is on the cloud, so if the cloud is compromised, then the management console would also be compromised, and that's quite risky.

I've been using CrowdStrike Falcon Complete for six months.

CrowdStrike Falcon Complete is too stable, but I still have to test it in a forensic case before I could comment on the stability of the solution.

We usually follow TMMI, so in terms of the maturity and scalability of CrowdStrike Falcon Complete, it's fine, so far.

Our only experience in terms of contacting the technical support team for CrowdStrike Falcon Complete was during implementation.

Setting up CrowdStrike Falcon Complete was too easy because it's a cloud solution, so it was too easy to implement. There's nothing to do, for example, you just need to install the agent from the PCs on the endpoint.

In terms of the deployment time for CrowdStrike Falcon Complete, the infrastructure team implemented the endpoints which took one week, then there's the tuning of the policies, so overall, the deployment took one month.

There's a third party or a partner either for implementation or support for CrowdStrike Falcon Complete, but my company did it in-house.

We haven't seen ROI from CrowdStrike Falcon Complete because we've just done a POV for the top management and there are limited attacks in our organization. We've done some use cases or POCs on a zero-day attack, changing the binaries, etc., and CrowdStrike Falcon Complete was perfect and detected all of the behaviors, isolated them, and did all the functions we expected it to do.

The pricing for CrowdStrike Falcon Complete is competitive. It's a cheaper solution when you compare it with others, and on a scale of one to five, I'm rating its pricing a four. You also don't need to pay extra for its features. CrowdStrike Falcon Complete is perfect.

My company evaluated another solution that was also top-rated: FireEye (now called Trellix).

CrowdStrike Falcon Complete currently has five thousand users in my company and the roles vary from top management to C-level to endpoint users to high privilege users, so a lot of people and a lot of money.

My company recommends CrowdStrike Falcon Complete for the financial, military, and oil and gas sectors. It's by sector, not by people. All the roads now move toward security and securing the business, and it also depends on the criticality of the assets you own and how you're securing the assets. Whenever or whoever has a critical asset should go for a strong security solution such as CrowdStrike Falcon Complete.

In terms of how extensively the solution is being used in my company, there's no 100% security, so my company is always developing security solutions that can handle new attacks, future attacks, and more sophisticated attacks, so I'm unable to give a percentage of the extent of usage of CrowdStrike Falcon Complete, but if I can just measure this from a governance perspective, it's 80%, specifically from a compliance perspective.

At the moment, I'm unable to give my advice to others looking into implementing CrowdStrike Falcon Complete because I need to use the solution on a real test or real compromise first.

I'm rating CrowdStrike Falcon Complete eight out of ten because of its management console being on the cloud. My company doesn't prefer this setup, even if it has an NDA with the vendor because if the cloud itself was compromised, the management is also compromised, and all users will be isolated, so this isn't good from a risk perspective.

My company is a customer of CrowdStrike Falcon Complete.

Currently, we're trying to understand which solution would be able to help us to block external ports on computers. We're looking at Crowdstrike and working to understand how they can help us handle this.

While I'm not directly on the team that deals with the solution daily, I would say that the solution is very stable.

The solution is quite flexible.

We haven't had any issues with the product so far. 

It's my understanding that the reporting aspect of the solution could be improved. It should be more flexible and robust.

The solution should include some sort of DLP capabilities.

I've been using the solution for a while. It's been about three years or so.

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is great.

We have more than 25,000 users on the solution currently. 

We are currently evaluating the solution to see if we will continue to use it or not going forward. Until that is done, I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. A different team handles that aspect. I cannot speak to how helpful or responsive they are. I can't provide any useful insights at this time. 

The initial setup took place about three years ago. At the time it was installed I wasn't a part of the company. Therefore, I can't speak to how easy or difficult the solution is to set up and deploy. I wasn't a part of the process. 

We pay a licensing fee in order to use the solution, however, I can't speak to the overall cost. It's not an aspect of the solution I directly deal with.

My company is a customer and an end-user of the solution. It doesn't have any direct affiliation with Crowdstrike.

We're using the latest version of the solution at this time. I can't speak to what the actual version number is. 

I'd rate the solution, on a scale from one to ten, at an eight. We're mostly quite satisfied with the solution.

I'd recommend the solution to other users and organizations.

We primarily use the solution for antivirus purposes. 

The solution works well and is okay with me. For the most part, I am happy with it. 

The performance is good, and it is stable. We don't have any issues. I find it doesn't impact my work.

It has good security features. 

The solution offers an easy initial setup.

It's scalable. 

We'd like the pricing to be a bit lower in the future. 

I've been using the solution for about six months. 

The solution is stable and reliable. The performance is good. We haven't had any issues. There are no bugs or glitches. It doesn't crash or freeze. 

As a solution that is based in the cloud, it can scale well. It's not a problem at all. 

We have about 1,000 users on the solution right now. 

I'm unsure as to if we have plans to increase usage. 

I've never used technical support and cannot speak to how helpful or responsive they would be. 

We might have previously used Kaspersky.

The initial setup is simple and straightforward. It's not overly complex. I'm not sure how long the deployment took. I wasn't as hands-on with the process. 

You do need to purchase a license in order to use the product. It's not cheap, however, it is not overly expensive. 

I'm an end-user.

I'd rate the solution eight out of ten. 

We use virtually every module within the solution, including identity protection. It boasts its own robust EDR capabilities, essentially positioning it as the top EDR solution in the market.

The prevention capabilities hold the utmost value.

The only aspect where we've offered feedback for potential enhancement is essentially the user experience.

I have been working with it for two years now.

It exhibits exceptional stability, with no instances of downtime experienced since its implementation.

In terms of scalability, we haven't encountered any issues. We have intentions to expand our usage in the future. Continuously striving for improvement, we aim to broaden the scope of what we utilize within the platform.

The customer service is quite satisfactory, with a reliable response time adhering to the service level agreement. I would rate it nine out of ten.

Positive

It's deployed across all aspects of our infrastructure, providing comprehensive coverage for our entire environment. It requires no maintenance.

The return on investment has been significant, aiding us in various simulated assessments and playing a crucial role in both detecting and preventing incidents early on. Moreover, it has proven beneficial for overall asset management.

While the cost is relatively high, it is justified by the value it brings.

We evaluated nearly fifteen solutions, including some of the top ones in the market. However, we opted for CrowdStrike because it aligns perfectly with our requirements and fits within our budget. Upon testing it out, we found that it effectively fulfills its intended purpose.

Overall, I would rate it nine out of ten.

The most valuable feature of Falcon Complete is that it is a full security operations center (SOC) as well as a SIEM solution, and it is fully managed. Their security teams are working 24/7 and analyzing everything happening on all endpoints. They also take care of the instant response, which includes disconnecting endpoints, taking over the endpoints and fixing them, and ransomware protection. All of these things are most valuable because it is very difficult to get all the resources in-house to do all of that yourself. So, if you can leverage the experience of a global corporation with the best reputation in the market, and it is fully managed, that's the best. 

They're incredibly transparent. They give full access to all the information and dashboards that they work off themselves. So, you can look in and investigate any incident you wish. It is incredibly powerful from a compliance point of view because you have evidence that all of this is happening, and you're doing it correctly, and you take it seriously. 

It is already wonderful. The dashboards they have are great, but they can always improve it in terms of general interfaces and searching and presenting the information. Occasionally, navigating it to try to find what you want can be challenging because there is so much information there. It is so rich, and it has everything you could ever want. The challenge with anything like that, and any website, is how to build the user journey so that it is user-friendly, but at the same time, it is incredibly dense with information. It is difficult to achieve that balance between these things. They've done a wonderful job, but everything can be improved. So, it could be even better. If I was to focus on one thing, that's what I'd tell them to focus on. The same is with Azure. There is just so much functionality there. How can you make it easy when it is just so vast? It is a tough one.

It would be good if they fleshed it out a bit more, possibly with additional areas such as security awareness training. They could build that in. They're leveraging the same endpoint base that they have the security software on, but then they could offer a centralized portal or hub whereby someone like me could leverage it to track and put out security awareness training for people on all the common topics. I could have a centralized hub for everyone's results from that training and for the evidence that training occurred. It would be relatively straightforward, but it would add a lot for people in the compliance area. It would be a great expansion. It won't improve the actual technical protection, but it would improve the user protection. Educating the users to be more aware increases security. So, if they branched out into that, it would be a great bonus. If I was speaking to them, that's what I'd tell them to do.

I have been using this solution for a couple of years.

It is super stable. I would rate it a ten out of ten in terms of stability.

It is scalable. It is for endpoint protection. It is a cloud-based platform. So, it can scale to whatever amount of endpoints you want. You can scale it any way you want.

The endpoint deployment is relatively straightforward. The only constraint is licensing. The more you scale, the more you pay. That's it.

We have less than 200 users of this solution.

It is a fully managed service, So, we have 24/7 support. It is not technical support. It is a dedicated team, and they're there to answer any queries or questions. So, no technical support was required because nothing went wrong, but when we have questions, they're incredibly responsive. They get back super quick. I have no complaints at all. I would rate them a five out of five.

Positive

We had another solution previously, and we just replaced it with CrowdStrike. Based on all available information, we just decided it was the best, and we don't regret that. It has been very good.

Its initial setup is simple. It is very well designed.

All our endpoints are managed by mobile device management. We have centralized device management, deployment, and installation with Intune. We can install anything we want on any of the computers with Intune.

It is not cheap, and it is not overpriced. It positions itself in the upper half of pricing in the market. You can find a product that claims to do the same and is super cheap, but it'll be not at all good. You can find something that says it does everything in the world, and it is the best thing since sliced bread, but it would be incredibly expensive. Falcon Complete is neither of those. It is always best to go somewhere in the middle, but it is not in the middle. It is in the upper half. So, it is by no means cheap, but it is worth it. Its pricing is well fixed. Given what you get in return, you wouldn't feel bad paying for it.

They have a great licensing model. You can add extra bells and whistles if you want. There is that ability to reduce the price by turning off certain features if you wish. I wouldn't necessarily recommend it, but they do cater to everyone in that sense. 

We compared it to all other vendors, and then we decided on it because it is the best in class and in the Gartner Magic Quadrant. It is the best in the market. 

I would highly recommend it. So far, my experience has been nothing but positive. 

I would rate it a 10 out of 10. It is in the top five. It ticks all the boxes that I have for it. You got to manage your expectations, and given my expectations, it exceeds my expectations. Now, if you were to ask me what is my expectation for the software next year, I'd want it to be better, but at this exact moment in time, it is doing a fantastic job, and I hope they keep it up and improve. If they don't, then my grade will drop. 

We primarily use the solution for endpoint security. It is a very important aspect of security for us as the threat landscape is growing. There constantly needs to be better monitors of the activity on the endpoints and windows server. That's the main driver behind using this solution.

The AI and the group knowledge base that they get from having multiple clients in the cloud is very useful to us. It helps keep us safe from attacks as it allows them to apply a broader knowledge base to our protection for our company.

The solution doesn't actually scan desktops. They prevent execution and they do a very, very, very good job at that. However, if there is malware, et cetera, on an endpoint, there's not a scan feature to simply remove it. You have to go in and clean the registry and do the other stuff yourself. It would be ideal if there was some sort of scanning functionality built-in.

The logging features aren't robust and the information isn't kept long enough. The active logs are only retained for seven days. It would be better if it was available for, let's say, 30 days. If we were going to do any forensics, we would have the time to execute them.

We have been using the solution for about two years at this point. We plan to use it at least until the end of this year. It hasn't been very long.

We have looked at Carbon Black previously, as well as Cybereason. We were looking for alternatives to Crowdstrike, however, we decided we would keep this solution until the end of the year.

The reason we didn't switch yet is mostly due to time constraints. We had to renew or implement a new solution and it wasn't going to happen in the timeframe we were looking at. Therefore, we had to put it off. 

The Carbon Black is not as advanced as CrowdStrike. Also, Cybereason lags too far behind on Mac OS upgrades. We wouldn't have been able to roll out Cybereason, even though it looks like a very good product, as it didn't support Big Sur and wouldn't for another five or six months, which meant we would have machines that wouldn't be covered

We are a customer and an end-user of the product. We don't have a business relationship of any kind with Crowdstrike.

The solution is deployed from the cloud. We put it on our endpoints, however, the core application is in CrowdStrike's cloud. It's a cloud app.

Overall, I would rate the solution at a seven out of ten.

Our primary use case is an ordinary antivirus. We also use it to watch the activity on the machine.

It has good visibility, works well, and it is fast.

It is easy to see what is happening and the reporting is good, although I still don't understand everything. We are still trying to understand all of the information that we receive. When a problem is being investigated, the product does a deep inspection and this is something that we really like. You can see things like which file is connected with which services. The deep inspection is something that we don't have in any other of our other tools.

The central console is good and it is easy to work with.

This product is easy to maintain on a daily basis.

There are some parts of this solution that are too slow. The performance slows down by between 10% and 40%, depending on what type of work the machine is doing. For example, we had to shut down our backup because it was too slow and it started to overlap with other tasks. We did not try to use our SQL database because there was too much of an impact. This is not on the network but on the machine and even a few percentage points difference is significant for us because of the volume of transactions.

 Integration slows down the system a bit.

I would like to have an alternate dashboard view, which is somewhat simpler. The one it presents now is like Splunk, and it is very good, but it would be helpful to have a simpler one that only shows the basics like what you have and what it has found. As it is now, it takes time to get used to it. After a while, it won't be a problem for me or other users in the company. When you're working with a regular antivirus, it is much easier to set up and start using.

We have been working with CrowdStrike Falcon Complete for two months. We are still deploying and integrating it into our environment.

Because we are still in the process of initial integration, it is our partner who is in contact with technical support. We're still waiting for them to answer with respect to one issue, and now after waiting for two weeks, I cannot say that I'm very happy with that. However, given that it is the holiday season, it's pretty understandable.

I expect that it will be complete in January when we are fully operational. During New Year and Christmas, it is a bit of a lazy time for everybody.

We have several solutions in place. We have a firewall, antivirus, and email antivirus systems, and there are still things that pass through. This product is our fourth layer of defense.

The initial setup was straightforward for us because we had assistance. On our own, this would not have been as easy.

We had CrowdStrike partners who assisted us with the implementation. They asked us things like what should be protected and what should not be. It was a lot of work for our partner to complete the deployment.

At approximately €60 per machine, per year, I think that it's a good price point. When you compare this to Windows Defender for Endpoints, the price of that solution is about €50 Euro per month per user.

There are people who spend a lot of time trying to find the right price to sell new products at, so I always think that people know the value of their product and what price they can sell it at.

Every solution has pros and cons. I don't see anything that is more advanced than other solutions, and it's just an ordinary spy product. I have to wait for some time to see how well it works in the real world, but it finds some malware and it finds some things that pass through as normal. 

At this point in time, I can't yet say for the general case whether I would recommend this product. We are still having a problem with the slowness and the impact on the performance of the system. For workstations or servers that do not have a high load on them, I would certainly recommend buying it. In our case, we had to remove it from our backup servers. So, if you're already using a backup, or hosting servers for VMware or Hyper-V, or using a SQL database, then you should consider testing it first. I'm still not sure what will happen in our case.

At this point, I cannot rate it an eight or higher because we still don't have an answer on improving the performance. If ultimately they resolve our problem then I would rate this solution an eight or a nine out of ten.

I would rate this solution a seven out of ten.

My organization is a cybersecurity company using CrowdStrike Falcon for incident response and forensic analysis. Twenty-five employees are using it now

CrowdStrike has improved our operations in many ways. Three of our clients recently got hit by ransomware. Using Falcon Complete, we contained and fixed the issue and helped them get things back to normal.

I like Falcon's AI functionality and vulnerability management. That has been so helpful. Falcon Complete can manage vulnerabilities, quarantine threats, and do all kinds of forensic incident analysis. It's a lightweight solution that only uses 1% of the CPU, which is a game changer. Other EDRs have had high CPU usage.

Falcon could use more SIEM capabilities, like a central place to monitor all our clients.

We have been using CrowdStrike Falcon for nearly two years now.

I rate Falcon 10 out of 10 for stability. 

I rate CrowdStrike Falcon 10 out of 10 for scalability. 

We were using McAfee Endpoint Security, but we later partnered with CrowdStrike, so we started using Falcon. The McAfee solution was limited. CrowdStrike EDR has a good dashboard that lets us see what's happening and the processes on my machines. It has better quarantining and remediation.

Setting up Falcon was straightforward. We deploy it on the cloud and on-prem, depending on the client. You can deploy it in under five minutes with an adequate internet connection.

The number of people needed to deploy the solution varies. It only requires one person if we are using Active Directory. However, we typically do it manually with four people to do it, so it's faster for us to reach the organization's endpoints.

We evaluated Trend Micro and a few other EDRs. We found from the ratings that CrowdStrike was more effective than other EDRs. In addition, we have some solutions from other vendors like AlienVault OSSIM and Darktrace because those are the main players in our market.