CrowdStrike Falcon Reviews

Name: CrowdStrike Falcon
Brand: CrowdStrike
Rating: 4 (50 reviews)

Vendor: CrowdStrike

4.3 out of 5

50 reviews

4,198 followers

Post review

What is CrowdStrike Falcon?UNIXBusinessApplication
Price:

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.

Get the CrowdStrike Falcon Buyer's Guide and find out what your peers are saying about CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace and more!

Helped 734,156 peers since 2012

Featured reviews

Jordan Swanson

Information Security Assurance Engineer at School District of Lee County

Sep 7, 2022

The ability to receive text alerts natively in the console would be kind of cool. Some people put their email on quiet hours, so having it natively in the system would be nice. I know that they offer an identity piece and a firewall piece and we haven't subscribed to or purchased either of those, but having some of that data in the base program would be good, and then if you want more control, you pay for it. There's times where I want to look at an internet history of a device that's remote, or I want to see logins, successful or unsuccessful. I don't want to manage identity and I don't want CrowdStrike to alert on it, but it would be nice if the ability to see the data was included with the base product. Then that could kind of get your foot in the door with having the ability to look at that information, but not being able to do anything actionable with it.

Read full review

Syed Ubaid Ali Jafri

Head of Cyber Defense & Offensive Security at Habib Bank Limited

Jul 4, 2022

Area of Improvement The products still require improvement in the Apple environment (Mac). Currently, this solution (as of July 2022) is not compatible with MAC OS (X), Catalina, or Big Sur. Similarly, the product is also not compatible with Unix-based systems including AIX, Darwin, and FreeBSD. CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine. Additional Features required in the Next release: The product requires an add-on feature which should be a turnkey feature if it requires to be turned on to XDR no changes should be required to be made on the user end as the agent is already installed.

Read full review

Park Armstrong

Chief Technical and Solution Architect at Vertigo Inc.

May 16, 2022

What is our primary use case I use CrowdStrike Falcon for endpoint security and compliance auditing. How has it helped my organization? We use CrowdStrike Falcon for discovery when anything goes wrong because it gives us a full history of what's happening. It acts as a preventative model for…

Read full review

Pricing

The pricing for CrowdStrike Falcon varies among users, with some finding it expensive compared to other products, while others consider it reasonable or competitive. The licensing options are flexible, allowing users to choose the features they need.

ROI

The reviews indicate that the return on investment from using CrowdStrike Falcon varies among users. Some users have seen a good return on investment, while others find it difficult to measure the ROI due to the nature of the solution. However, cost savings and reduced labor requirements are mentioned as clear returns on investment. The solution is praised for its breach warranty and ability to prevent zero-days and malware.

Primary Use Case

The primary use case of CrowdStrike Falcon is for endpoint detection and response (EDR) and security purposes. It is utilized for various functions such as file integrity monitoring, asset management, patch management, identity protection, intrusion prevention systems (IPS), and intrusion detection systems (IDS).

The solution is used to protect against viruses, malware, and ransomware, and to detect and alert about any malicious activity. It is also integrated with other security tools and platforms for better data analysis and decision-making.

Additionally, CrowdStrike Falcon is used for next-generation antivirus (NGAV) protection, malware mitigation, hunting, and application behavior detection. It is deployed on endpoints, servers, and devices across different industries, including financial transactions, government, and small to medium-sized enterprises.

The solution is highly regarded for its real-time and online protection against the latest malware and wireless attacks. It is also known for its fast detection of security issues and insurance offerings in case of breaches.

Valuable Features

The most valuable features of CrowdStrike Falcon are:

- Complete IPS and IDS for threat detection and network intrusion prevention.

- Ability to crosscheck environments and investigate alerts easily.

- Integration capabilities with identity providers.

- Integration with Arctic Wolf for analysis and alerts.

- Low footprint and resource usage compared to other EDR and antivirus solutions.

- Real-time response and visibility into processes operating on the agent.

- Silent and lightweight agent with minimal memory consumption.

- User-friendly portal and no system restarts required.

- Excellent detection capabilities and low impact on machine performance.

- Good mechanism and reporting features.

- Prevention, malware protection, and vulnerability assessment.

- Threat hunting capabilities and on-keyboard remote response.

- Spotlight and Discovery features in Falcon XDR.

- AI-driven detection and real-time detections.

- Full EDR with antivirus, hunting, reporting, and remote control.

- Lightweight agent with various valuable features such as Lateral Movement, Overwatch detections, Custom IOC blocking, and more.

- Automatic threat dealing and integration with log management.

- Ease of integration with Splunk and BigQuery.

- Surety of endpoint protection and cloud-specific platform.

- Accuracy in threat identification and blocking.

- Crowdsourcing intelligence and regular improvements.

- Upgrades without additional fees.

- Lightweight agent with zero performance issues.

- Accurate detection based on processes rather than signatures.

- Behavior analysis, connection search, and cyberattack detection.

- Excellent detection and response with easy setup and integration.

- Machine learning for checking patterns in endpoint devices.

Room for Improvement

Areas for improvement on CrowdStrike Falcon include:

1. Enhancing the host management system.

2. Improving forensic controls and adding more features in that area.

3. Making the product more affordable and flexible for different industries.

4. Moving towards an agentless solution to eliminate the need for software deployment.

5. Including traditional antivirus features such as scanning audits, device blocking, and application control.

6. Enhancing technical support for better assistance.

7. Adding more accurate integration and local machine checking options.

8. Tightening integration around XDR and providing a comprehensive solution.

9. Finding a mechanism or relay to assist customers without an internet connection.

10. Providing better visibility for everything and more detailed malware analysis.

11. Adjusting pricing to better align with the target market.

12. Improving dashboard creation and making it more responsive.

13. Informing customers about GUI changes and providing guidance.

14. Adding web filtering and better application features.

15. Including native text alerts and additional data in the base product.

16. Improving integration and EDR functionality to compete with other solutions.

17. Enhancing the interface for easier data extraction and query languages.

18. Expanding compatibility with Apple, Unix-based systems, and adding turnkey XDR features.

19. Making the website navigation easier and improving technical support.

20. Ensuring equal support across all versions and customizing query languages.

21. Providing better visibility in reporting and more forensic details about detected threats.

22. Including scheduled scans and signature-based regular scans for compliance needs.

23. Offering a single-click recovery option and sending logs to SIM tools.

Initial Setup

The initial setup for CrowdStrike Falcon is described as straightforward and plug-and-play. It's cloud-based, and not overly complex. Some users mentioned that it took a few hours to a couple of weeks to complete the deployment, depending on the size and complexity of the environment.

The setup process was generally smooth, and there were no major issues or downtime reported. The solution can be deployed with minimal staff and maintenance requirements.

A few users mentioned that the installation can be moderately challenging, requiring planning and replacing certain components.

Scalability

CrowdStrike Falcon is highly scalable and can accommodate a large number of users. It has been successfully deployed in thousands of enterprises, indicating its proven scalability. The fact that it is cloud-based further enhances its scalability, allowing for easy adjustment of endpoint licenses.

Customer Service and Support

Customers have had varying experiences with the customer service and support of CrowdStrike Falcon. Some customers have had positive interactions with the technical support team, finding them helpful and responsive. Others have not had any issues or have not needed to contact technical support. Some customers mention that the support could be improved, citing issues with communication and ownership.

Stability

The stability of CrowdStrike Falcon is excellent. Users have experienced no issues, bugs, glitches, crashes, or freezes. The solution is described as rock solid, reliable, and performance is good. There are a few mentions of occasional difficulties, however, CrowdStrike promptly deals with them. With continuous updates, the stability of the solution is expected to improve even further in the future.