CrowdStrike Falcon Reviews

Name: CrowdStrike Falcon
Brand: CrowdStrike
Rating: 4.3 (126 reviews)

Vendor: CrowdStrike

4.3 out of 5

126 reviews
96% willing to recommend

4,350 followers

Start review

What is CrowdStrike Falcon?

CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.

Get the CrowdStrike Falcon Buyer's Guide and find out what your peers are saying about CrowdStrike Falcon, Wazuh, Darktrace and more!

CrowdStrike Falcon is the #1 ranked solution in EDR tools, #1 ranked solution in XDR Security products, #1 ranked solution in top Attack Surface Management (ASM) solutions, #1 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #2 ranked solution in endpoint security software, #2 ranked solution in top Threat Intelligence Platforms, #2 ranked solution in top Continuous Threat Exposure Management (CTEM) solutions, #3 ranked solution in top Identity Threat Detection and Response (ITDR) solutions, and #6 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give CrowdStrike Falcon an average rating of 8.6 out of 10. CrowdStrike Falcon is most commonly compared to Wazuh: CrowdStrike Falcon vs Wazuh. CrowdStrike Falcon is popular among the large enterprise segment, accounting for 55% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.

Helped 849,686 peers since 2012

Featured CrowdStrike Falcon reviews

Chintan-Vyas

Associate Director at KPMG

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files. The product could be more accurate in terms of performance. We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

Read full review

Sumanth Kandanuru

Security Analyst at NTT Ltd

Obviously, when checking in the SIEM, not all logs are available. In CrowdStrike, unlike SIEM, actions are clearly defined. For example, a regular AV like Symantec might indicate a file was quarantined or failed to quarantine, but in CrowdStrike, I can verify the action. As an incident response analyst, I can use CrowdStrike to perform actions like directly wiping a file from a host if given access. I can investigate by accessing the customer's host based on the RTR environment and utilize host search to know details for the past seven days, including logins, processes, file installations, malicious processes, and network connections. Event search also allows for detailed investigations, showing accessed files and remote installations.

Read full review

Syed Ubaid Ali Jafri

Head of Cyber Defense & Offensive Security at Habib Bank Limited

Area of Improvement The products still require improvement in the Apple environment (Mac). Currently, this solution (as of July 2022) is not compatible with MAC OS (X), Catalina, or Big Sur. Similarly, the product is also not compatible with Unix-based systems including AIX, Darwin, and FreeBSD. CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine. Additional Features required in the Next release: The product requires an add-on feature which should be a turnkey feature if it requires to be turned on to XDR no changes should be required to be made on the user end as the agent is already installed.

Read full review

CrowdStrike Falcon mindshare

Product category:

As of May 2025, the mindshare of CrowdStrike Falcon in the Extended Detection and Response (XDR) category stands at 15.5%, down from 18.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

PeerResearch reports based on CrowdStrike Falcon reviews

Type	Title	Date
Category	Extended Detection and Response (XDR)	Apr 30, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2025	Download
Comparison	CrowdStrike Falcon vs SentinelOne Singularity Complete	Apr 30, 2025	Download
Comparison	CrowdStrike Falcon vs Wazuh	Apr 30, 2025	Download
Comparison	CrowdStrike Falcon vs Microsoft Defender XDR	Apr 30, 2025	Download

Title	Rating	Mindshare	Recommending
Wazuh	3.7	12.9%	79%	46 interviews Add to research
Darktrace	4.1	9.4%	94%	79 interviews Add to research

Valuable Features

CrowdStrike Falcon shines with its real-time threat detection, intelligence modules, and machine learning capabilities. Users value its lightweight nature, minimal system performance impact, and ease of integration with cloud environments. Enhanced with EDR features, the platform provides detailed incident analysis and rapid response. The consistent software updates, automatic threat remediation, and centralized management enhance security efforts significantly, offering comprehensive endpoint visibility and control. CrowdStrike's unmatched behavior-based detection provides robust protection against malicious activities.

"The best benefit of CrowdStrike Falcon is 99% MITRE coverage."
"The machine learning behavior for anomaly detection is a valuable feature. It helps identify any suspicious or unusual activities within the system."
"CrowdStrike is a great solution."

Room for Improvement

CrowdStrike Falcon requires enhancements in compatibility with operating systems and improvement in log management, reporting, and integration with other technologies. The dashboard needs better functionality and user-friendly design. Users seek faster interface responsiveness, customizable reports, and improved threat analysis with lower false positives. Improved integration capabilities for legacy systems, vulnerability management, multi-site environments, and simpler deployment processes are also desired. Pricing and technical support quality remain concerns for users.

"Deployment in cloud environments is challenging. Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options."
"Deployment in cloud environments is challenging. Another concern is CrowdStrike's GUI. It changes annually, making it hard to work and find options."
"In CrowdStrike, with the variety of security tools available, learning the different query languages can be challenging."

ROI

CrowdStrike Falcon generates ROI through cost savings and enhanced efficiency. Users report decreased manpower needs and reduced downtime due to effective threat management. The switch from previous, more costly solutions adds value. Improved productivity with minimal overhead enhances operational performance. CrowdStrike Falcon's proactive monitoring significantly bolsters security, preventing breaches which saves potential financial losses. Users appreciate its seamless integration and minimal resource demands, achieving quantifiable returns through streamlined management and reduced maintenance efforts.

Pricing

Enterprise buyers often find CrowdStrike Falcon to be a premium-priced product, with typical annual licensing fees ranging from $50,000 to $100,000, much higher than some competitors. The pricing is largely dependent on the number of services and features selected, following a license per endpoint or seat model. Many users highlight its competitive pricing given its advanced capabilities and ease of setup, although some find the a la carte pricing structure costly for additional features and customizations.

"It is expensive compared to SentinelOne, but as the market leader, it is worth it."
"The solution's pricing is great for us."
"The product is expensive."

Popular Use Cases

CrowdStrike Falcon is primarily used for endpoint protection, threat detection, and response. Organizations deploy it for security tasks such as malware analysis, threat hunting, and digital investigations. With its cloud-based architecture, it protects against viruses and malware across various devices, including workstations and servers. It leverages AI and machine learning for real-time threat prevention and is used in compliance-driven environments to increase security and ensure comprehensive coverage.

Service and Support

CrowdStrike Falcon's customer service and support are generally well-regarded, offering quick and knowledgeable assistance. Technical support is praised for being proactive with frequent follow-ups, although response times can occasionally be slow. Users appreciate the personalized attention from dedicated representatives or technical account managers. There are some challenges with less responsive standard support, long wait times, and occasional expertise gaps. Many value the quarterly reviews and proactive threat assessments provided by the company.

Deployment

Organizations found CrowdStrike Falcon's initial setup straightforward and efficient. Many highlighted its cloud-based deployment and seamless integration, emphasizing ease of use, even for larger environments. Deployments typically required minimal staff and little time, often accomplished within days or weeks. Some setups involved phased approaches, but overall, users praised its simplicity, noting it required almost no maintenance. Challenges were rare and generally related to unique complexities of specific environments.

Scalability

CrowdStrike Falcon scales efficiently due to its cloud-based nature. It supports a wide range of user numbers, from small to large enterprises, ensuring seamless expansion without performance issues. Cost can be a factor, but the platform's cloud deployment makes adding endpoints straightforward. Many organizations utilize it globally across thousands of endpoints, and it adapts easily to diverse environments. Its scalability suits various business sizes, demonstrating consistent high performance in scaling up operations.

Stability

CrowdStrike Falcon demonstrates high stability according to users. They report minimal issues, praising its reliable performance and cloud-based efficiency. Rare concerns arise mainly during upgrades, though they're swiftly resolved. Many find it more stable than competitors, with no major crashes or compatibility challenges. Users value its lightweight nature, ease of management, and proactive updates, enhancing its dependability and efficiency. Challenges reported are rare, making it favored for consistency and minimal maintenance needs.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our CrowdStrike Falcon Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Manufacturing Company

Government

Retailer

University

Healthcare Company

Educational Organization

Comms Service Provider

Insurance Company

Construction Company

Energy/Utilities Company

Real Estate/Law Firm

Media Company

Non Profit

Legal Firm

Hospitality Company

Wholesaler/Distributor

Transportation Company

Performing Arts

Outsourcing Company

Recreational Facilities/Services Company

Consumer Goods Company

Pharma/Biotech Company

Logistics Company

Compare CrowdStrike Falcon with alternative products

Learn more about CrowdStrike Falcon

CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features, although some users highlight high pricing, occasional detection delays, and challenges with integration. Frequent alerts and the mobile app's performance are areas for improvement.

What are the key features of CrowdStrike Falcon?

Real-time Threat Detection: Provides immediate threat identification and response.
Lightweight Agent: Minimal impact on system performance.
Cloud-native Architecture: Ensures flexibility and scalability.
Advanced AI Capabilities: Enhances threat detection and prevention.
Comprehensive Endpoint Visibility: Complete insight into endpoint activities.
Detailed Reporting: Facilitates compliance and forensic analysis.
Security Tool Integration: Seamless integration with other tools.
Efficient Customer Support: Robust support services.

What are the benefits or ROI of CrowdStrike Falcon?

Improved Threat Detection: Identifies sophisticated threats, reducing risk.
Enhanced System Performance: Lightweight agent ensures minimal disruption.
Faster Response Times: Swift reaction to incidents minimizes damage.
Better Compliance: Detailed logs meet regulatory requirements.
Streamlined Deployment: Easy to implement with minimal downtime.

In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.

CrowdStrike Falcon was previously known as CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface.