CrowdStrike Falcon Reviews

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.

In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues. 

The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well. 

I also like the overall reports. They are crisp and to the point.

There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.

A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.

The product is quite stable. 

It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.

Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.

Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.

CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.

The pricing will depend upon your volume of usage.

I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.

It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.

Primary use is for endpoint investigations.

It allows us to determine root cause, do the analysis, a lot quicker.

Visibility into the endpoint rate. Understanding what processes are running on the system, what registry keys have been enabled. Pretty much understanding the whole frantic side of the endpoint.

It would be nice if we could extrapolate indicators of compromise and write them within sandboxes.

It's fairly stable. We haven't been having too many issues with that.

It scales quite well because it's cloud-based and subscription-based. It can scale pretty quickly.

I would say technical support is fairly good. They understand the technology quite well so they are able to support us a lot better.

The most important criteria when selecting a vendor come down to the capability of the technology, the cost, the support, how it fits into our overall architecture strategy, and the stability of the company. For instance, if it's a small company and they go under, you might as well have not invested in it.

I would rate this solution an eight out of 10 because it has all the features that we need. It's within our budget, and it fits into our overall architecture strategy. There are a few features that could be added, as mentioned.

I would recommend this technology.

We primarily use CrowdStrike Falcon for malware detection, endpoints, and application behavior detection. The company has different teams, but our team handles the Windows and Mac hosts.

Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches.

Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement.

Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data.

In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.

I've been using CrowdStrike Falcon since January or February, so it's been eleven months, but my company used it even before I joined the organization.

Overall, CrowdStrike Falcon is a stable product. My company is satisfied with its stability.

Per my experience, CrowdStrike Falcon is scalable.

The CrowdStrike Falcon technical support is good because it's responsive, and the team reverts to you within a reasonable timeframe and in an excellent manner, which is essential for support. However, my team didn't have many cases because CrowdStrike Falcon doesn't require much support.

My company also took product training and implemented the learnings within the environment. CrowdStrike Falcon is effective and gives the required throughput and output, so in the last ten or eleven months, support cases have been very low, but whenever an issue is raised, the level of support has been excellent.

The company previously used Kaspersky, but CrowdStrike Falcon was far better. I heard that there was some attack, and Kaspersky couldn't handle that. CrowdStrike Falcon, on the other hand, offers excellent protection even from multiple malware attacks, and it has a good application behavior analysis feature.

My company did extensive penetration testing on CrowdStrike Falcon, which had good or far better results than Kaspersky. The company had a bad experience with Kaspersky.

The initial setup for CrowdStrike Falcon is moderate in terms of difficulty, so it's not very easy, but it's not complex as well.

How long the setup takes depends on how you want to deploy CrowdStrike Falcon, but at the moment, it doesn't take much time for my company. It's quicker, but any company implementing CrowdStrike Falcon for the first time may need some good training or some hands-on experience. Otherwise, compared to other products, I would say CrowdStrike Falcon is better, implementation-wise.

As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing.

My company uses multiple products related to cybersecurity, for example, Netskope. For endpoint security, my company uses Microsoft Defender ATP and Endgame. My company is also working with CrowdStrike Falcon. For vulnerability management, my company uses Qualys, in particular for the AWS environment.

I don't remember the exact version of CrowdStrike Falcon I'm using, but I know that the tool is on Windows, Mac, and some AWS environments within the company.

Within the company, the total number of endpoints is around seven hundred. Two admins handle the endpoints for CrowdStrike Falcon.

My advice for anyone looking to implement CrowdStrike Falcon is to go for it, especially if you want to add value to your cybersecurity, specifically endpoint protection and application behavior analysis. CrowdStrike Falcon has reliable results, so I prefer it over other tools.

My rating for CrowdStrike Falcon is nine out of ten.

My company is a customer, and not a partner of CrowdStrike Falcon.

I am using CrowdStrike Falcon for network protection. We have government customers.

I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon.

The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need.

In the next release, it would be beneficial to have a DLP or CASB solution.

I have been using CrowdStrike Falcon for approximately one year.

The stability of CrowdStrike Falcon is very good. We have never had an issue.

CrowdStrike Falcon is scalable. We were able to deploy it in a 5,000 hosts environment it is easy to scale.

We plan to increase usage in the future. We are always looking for new clients.

The technical support is very good, it is perfect.

The setup is simple, it took approximately one week.

We deploy the solution with two people.

We are on an annual subscription for the solution. There are not any additional costs.

My advice for others is to purchase the solution it is simple to use and effective.

I rate CrowdStrike Falcon a ten out of ten.

We use Falcon to check the login attempts of the users. We can see who has logged in and when. We can see which workstation is assigned to each user. CrowdStrike helps us enforce policies, such as USB policies and users recycling passwords. 

CrowdStrike is deployed on every workstation, so policy changes can be enforced on all of them. It lowers the manual work on each of the workstations. It has helped us manage device usage in our environment. 

I like CrowdStrike's policies. The integration is easy to do. I can remember once when Falcon prevented a security breach occurred because someone clicked on a phishing link, and their credential was compromised. We used threat tracking to isolate the device from networks. 

I have used Falcon for two years.

I rate Falcon nine out of 10 for stability. 

I rate Falcon eight out of 10 for scalability. 

I rate CrowdStrike Falcon nine out of 10. 

We primarily use this solution for AV, next-gen AV, EDR or XDR.

I find most of the features to be very generic.

The solution is very good but tighter integration around XDR could be included. There are a lot of open integrations, but they are external factors that cause dependencies on the integrator, not really on CrowdStrike, so it's a bit of a challenge as there is no comprehensive solution. Additionally, the solution is dependent on Windows technical support.

We have been using CrowdStrike Falcon for approximately three years.

The solution is stable.

The solution is scalable, but price and support are a bit of a challenge.

We previously used different solutions, and the primary differentiating factor was marketing.

The initial setup was straightforward.

The price is high in comparison to similar brands.

I rate the solution a seven out of ten. I advise new users first to understand their use case, its vulnerability and its importance.

We use CrowdStrike Falcon as an XDR to replace our old antivirus solution.

We implemented CrowdStrike Falcon for better visibility into our environment and easy online access to the policies.

CrowdStrike Falcon's cybersecurity background allows for better integration with other tools.

The threat intelligence is the most valuable feature.

The support for different OS versions needs improvement because sometimes due to business conditions, updating our OS is impossible. For example, I have a production environment connected to the PNC that runs Windows XP on computers that CrowdStrike Falcon does not support.

I have been using CrowdStrike Falcon for six years.

CrowdStrike Falcon is stable.

CrowdStrike Falcon has been able to scale to our needs with no issues.

The initial deployment was straightforward. The deployment took one day to complete. Ten people were involved in the deployment.

The implementation was completed in-house.

CrowdStrike Falcon's price is good. I am looking for other partners and compared to Microsoft Defender and other vendors the price is lower.

I would rate CrowdStrike Falcon a then out of ten.

Before purchasing CrowdStrike Falcon I suggest checking the policies, particularly those regarding internet connections, and conducting a proof of concept.