CrowdStrike Falcon Reviews

I use CrowdStrike Falcon for EDR and security purposes. Also, I am using file integrity monitoring, asset management, and patch management modules. Additionally, I'm also utilizing an identity protection module.

CrowdStrike Falcon needs to improve their host management system.

I have been using CrowdStrike Falcon for a year and a half. I am using the latest version. I am a partner of CrowdStrike.

The solution offers great stability. I have faced no issues with the tool.

There are 5,000 users using the solution.

I only contacted technical support to ask a few questions, and they helped me out.

The solution's initial setup process was easy. The deployment process took only 10 hours for 5,000 clients.

The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality.

Protection has been good in the solution. I got only one false positive in a year and a half, which is great.

There is no suggestion to provide because it is easy to implement, and there are no exclusions or testing required. If you plan to try it, it should work well without any issues.

Overall, I rate the product a nine point seven out of ten.

We primarily use CrowdStrike Falcon for malware detection, endpoints, and application behavior detection. The company has different teams, but our team handles the Windows and Mac hosts.

Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches.

Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement.

Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data.

In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.

I've been using CrowdStrike Falcon since January or February, so it's been eleven months, but my company used it even before I joined the organization.

Overall, CrowdStrike Falcon is a stable product. My company is satisfied with its stability.

Per my experience, CrowdStrike Falcon is scalable.

The CrowdStrike Falcon technical support is good because it's responsive, and the team reverts to you within a reasonable timeframe and in an excellent manner, which is essential for support. However, my team didn't have many cases because CrowdStrike Falcon doesn't require much support.

My company also took product training and implemented the learnings within the environment. CrowdStrike Falcon is effective and gives the required throughput and output, so in the last ten or eleven months, support cases have been very low, but whenever an issue is raised, the level of support has been excellent.

The company previously used Kaspersky, but CrowdStrike Falcon was far better. I heard that there was some attack, and Kaspersky couldn't handle that. CrowdStrike Falcon, on the other hand, offers excellent protection even from multiple malware attacks, and it has a good application behavior analysis feature.

My company did extensive penetration testing on CrowdStrike Falcon, which had good or far better results than Kaspersky. The company had a bad experience with Kaspersky.

The initial setup for CrowdStrike Falcon is moderate in terms of difficulty, so it's not very easy, but it's not complex as well.

How long the setup takes depends on how you want to deploy CrowdStrike Falcon, but at the moment, it doesn't take much time for my company. It's quicker, but any company implementing CrowdStrike Falcon for the first time may need some good training or some hands-on experience. Otherwise, compared to other products, I would say CrowdStrike Falcon is better, implementation-wise.

As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing.

My company uses multiple products related to cybersecurity, for example, Netskope. For endpoint security, my company uses Microsoft Defender ATP and Endgame. My company is also working with CrowdStrike Falcon. For vulnerability management, my company uses Qualys, in particular for the AWS environment.

I don't remember the exact version of CrowdStrike Falcon I'm using, but I know that the tool is on Windows, Mac, and some AWS environments within the company.

Within the company, the total number of endpoints is around seven hundred. Two admins handle the endpoints for CrowdStrike Falcon.

My advice for anyone looking to implement CrowdStrike Falcon is to go for it, especially if you want to add value to your cybersecurity, specifically endpoint protection and application behavior analysis. CrowdStrike Falcon has reliable results, so I prefer it over other tools.

My rating for CrowdStrike Falcon is nine out of ten.

My company is a customer, and not a partner of CrowdStrike Falcon.

We use Falcon to protect around 500 endpoints.

The detection is very effective.

I have been using Falcon for two years.

I'm happy with CrowdStrike technical support. I rate CrowdStrike support 10 out of 10. 

Positive

CrowdStrike is very easy to set up. We upgrade it once annually. 

We pay an annual license. CrowdStrike costs a little more than its competitors. However, it's the best solution available, so we are fine with the price.

I rate CrowdStrike Falcon 10 out of 10.

We are a CrowdStrike partner, selling their products to our customers. We have small and medium-sized enterprise clients and clients in the government sector. Depending on customer requirements, we provide different CrowdStrike Falcon products, ranging from Spotlight to XDR.

The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature.

Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that.

I would like to see a web filtering feature, and better application features. This would make the product easier to sell to smaller businesses, and would make it so that devices follow the applied policies anywhere; even when users are at home or travelling in another country, for example.

We have been working with the solution for three years. 

Crowdstrike Falcon XDR is a stable product. 

The solution is scalable. 

The technical support is good; we raise a case using the portal and get a call back within a day. Help is available specifically for India, which is where we are based.

The initial setup is towards the middle; it isn't remarkably straightforward or complex. The GUI changes complicate setup, so our process begins with consulting the documentation, and then we can download and implement the agent onto a machine. This typically takes around 15 minutes per machine.

I'm not directly involved in sales, so I can't comment on the exact price, but I know the price decreases the higher the quantity we purchase.

I would rate this solution an eight out of ten. 

CrowdStrike Falcon is used for endpoint protection for businesses. It's used for identifying threats.

Most of the entry-level security provisions are based on identification, but CrowdStrike Falcon is a market changer because it does not need any kind of signature to identify or update threats.

All organizations face the big challenge of maintaining and updating their security processes. They need to do the update, but then it doesn't go beyond 90%, so CrowdStrike Falcon moved away from the update requirement, so there won't be a need to upgrade for certain types of technology, or for new technology. Not needing to update means the job of maintaining the updates will be taken off the plate of the IT department, which could mean big relief for the customers.

CrowdStrike Falcon is able to identify threats based on processes, rather than looking at signatures and this is what I like about this solution.

I like that it's easy to use, as expected from any cloud solution. CrowdStrike Falcon is an intelligent solution. It's as good as the top solution in the market.

We haven't seen anybody complaining about CrowdStrike Falcon, and we haven't had any customer using this solution who had been attacked by ransomware, so this is proof of how good this solution is.

Setting up and installing CrowdStrike Falcon is not easy, so an area for improvement is for that process to be simplified.

We've been using CrowdStrike Falcon for two years.

I find CrowdStrike Falcon a stable solution.

Installing this solution was not easy. One challenge from the installation is that you always have to replace something, e.g. your Crowdstrike password, macros, etc., before you're able to complete the setup.

We are not carrying CrowdStrike Falcon Complete because it's a managed service, so customers have not really gotten to that level. What we're working with is CrowdStrike Falcon.

Deployment of this solution took us three to five days. We have 2,000 users of CrowdStrike Falcon, and we have 110 different locations across India and some other parts of the world. We have people who manage this solution, but it doesn't require much managing, because the only challenge is removing the old solution, then replacing it with the new one.

I'm recommending CrowdStrike Falcon to other people who are looking into using it, because it's a good solution.

I'm rating CrowdStrike Falcon an eight out of ten.

Our primary use case is for endpoint protection.

When we have detections, I get insight into the top-down view of where it thinks it saw the problem and what triggered the detection. This allows us to have insight into what it thinks it is compared to what could have we have really been doing.

It seems to do a pretty good job of protecting the host. Gives good insights when it has a detection. It's pretty incredible.

I have been using CrowdStrike Falcon for six months.

So far, it's been 100% stable. Besides the very lightweight agent, it's all Cloud-based, so I haven't had any downtime.

Scalability is super easy. The deployment was easy. It's all price based. Money is the biggest challenge, not deploying it. It requires one system engineer. 

We have around 400 users. There are five of us who manage it, including the help desk, system engineers, and the director.

We haven't needed to contact support yet. 

We previously used Cylance. We switched because they weren't innovative. It was the same product that we bought three years ago. They were a great product and they had a job and they did it well. They just didn't ever innovate and they never improved. It's the same products we bought for the same three years. CrowdStrike was more innovative and it seemed to be a better long-term product. They seem to be improving constantly.

The initial setup was very easy. The deployment took about 60 days. We had a few methods of deployment. We did a push method. We had an agent tell all the machines that we were able to script it and push the apps to that.

We used the project management of CrowdStrike's themselves for the deployment. They were really good. 

We haven't had any outages based on malware or ransomware. I can't put numbers to it, but not having that kind of an outbreak definitely has an ROI attached to it.

We looked at a few other solutions but the main competitor was Carbon Black. 

I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement. 

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

I was able to look through some rapid analysis when bad things happen. More so than having to get, especially in the distributed world of post-COVID, being able to have a central place to be able to see what's going on, on the landscape of endpoints at any given time.

The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system. What does it usually do, and is it doing anything differently?

The UI is great, and the performance was great. The way it gathers and presents the information was very good and it integrates well with things with a central log aggregator, such as Splunk. You can do more big data analytics that includes security. It seems to be fully featured in all of those areas.

I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it. It's got a pretty good engine to do that on its own but it's one of the things that are important to us, so I'm just trying to increase the time-to-issue identification.

By comparison to buying into the Microsoft suite, it was definitely less costly. CrowdStrike can be costly.

I have had this solution for approximately three years.

It seems stable. The performance is good.

It's a scalable solution. They are running 1400 endpoints on it right now, and it seems to be fine.

There is only one person working at it right now and they are the security engineer/operator.

If you look at how they spend their day, a tool like that does a lot with a little and can make a one man band pretty effective or much more effective. It makes the response to an issue right when it happens way more possible with such small security. 

We haven't used technical support.

The initial setup was already completed before I started with this company.

When comparing to Microsoft, CrowdStrike Falcon is more expensive.

I'm going by the client and some of the things that are driving their decisions. 

It's typical when Microsoft throws things in and it seems really cheap, even though you're spending a million and a half dollars with them. You may as well increase the value of that million and a half.

My guess is that CrowdStrike is going to maintain parity or stay ahead of Microsoft.

As I came into this organization, they were moving away from CrowdStrike. 

They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. 

They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then.

I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled?

When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. 

I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool.

For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. 

I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet.

I would rate this solution an eight out of ten.

The primary use case is detection and forensics.

The product is cloud-based, so we use the latest build which is available.

We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment.

The most valuable feature is its forensics capability.

It probably needs more integration with firewall vendors. 

It needs integration with other technologies. It doesn't play well with anything else. It is more of a standalone solution. Therefore, integration with other technologies would be great.

It is extremely stable. It has been around for many years. We have been a customer for almost five years.

It has met every scale need that we have come across.

The technical support is excellent. Though, as the company has grown, the technical support has felt less personal.

Our previous detection software, Webroot, was letting too much stuff through.

The initial setup is very straightforward. It just required an agent being installed. After that, it was self-managing.

We did the deployment directly with the vendor.

The solution has helped to increase staff productivity by probably 25 percent.

We are at about $60,000 per year.

We also looked at Cylance and SentinelOne. We went with CrowdStrike based on our own experimentation with it. We threw our own vulnerabilities at it, and it performed the best.

It does everything that it claims, making our life significantly easier. Definitely consider CrowdStrike. It will probably save you from a lot of threats that other products wouldn't catch.

Our security program is relatively immature, but this product has definitely been one of the keystones of our program.