KajeevanRajanayagam - PeerSpot reviewer
Cyber Security Manager at a healthcare company with 10,001+ employees
Real User
Top 5
Provides great protection and can crosscheck environments. Helpful in investigating any alerts
Pros and Cons
  • "It provides very good protection and the ability to crosscheck environments."
  • "Falcon could include more integrative features."

What is our primary use case?

We use the EDR feature.

What is most valuable?

This is unlike any other EDR solution that I am familiar with. It provides very good protection and the ability to crosscheck environments. It's really helpful in investigating any alerts and is easy to use. You can use some of the Splunk language to search. 

What needs improvement?

We've tried some integrations with solutions, closing off false positives and things like that. Falcon could include more features in that area. In addition, some features are modularized and we're unable to buy them as we're in the healthcare field and limited in the amount we can invest. 

For how long have I used the solution?

I've been using this product for close to 18 months. 

Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
757,198 professionals have used our research since 2012.

What do I think about the stability of the solution?

We haven't had any stability issues. 

What do I think about the scalability of the solution?

The solution is very scalable but we had issues with some groups, that manage their own devices and wanted to have access to self-manage them. We weren't able to do that, unfortunately.

How are customer service and support?

My team has interacted with tech support and I believe the issues were resolved in a timely manner.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used other solutions such as Setinel One.

How was the initial setup?

The initial setup was very straightforward and smooth.

What's my experience with pricing, setup cost, and licensing?

Falcon is more expensive than every other solution on the market. That said, they do have a better product than anyone else.

What other advice do I have?

Some of the default settings are set to 'easy' which isn't sufficient. We had some conversations around this and the recommendation was to change some of these settings to more aggressive ones on the policy side. I know some organizations have had issues automatically updating CrowdStrike to the latest version. I recommend going through the change process but saving it at minus one for a while to avoid all the negative downtimes where you might need to roll back to the previous update.

When we switched to CrowdStrike, we didn't expect it to find anything that was already on the computer because the primary reason we swapped was because of EDR. But it did find things that were dormant as well as other things.

I rate this solution nine out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Marcelino Bocanegra - PeerSpot reviewer
Cybersecurity solution architect Individual Contributor at IQSEC SA
Real User
The agent is light, so it doesn't require many resources on the machines
Pros and Cons
  • "CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
  • "There are some areas where some customers would prefer a different service."

What is our primary use case?

Falcon helps my client improve productivity. About 5,000 users at the client company are using the product. 

How has it helped my organization?

CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network.

What is most valuable?

It's important for the customer to have surety that all the workstations are protected. 

What needs improvement?

There are some areas where some customers would prefer a different service.

For how long have I used the solution?

About four months ago, I and my other partners started preparing a presentation to propose CrowdStrike to a client.

What do I think about the stability of the solution?

Falcon is a highly stable product.

How are customer service and support?

I rate CrowdStrike's support 10 out of 10. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We worked with other solutions, like Trend Micro. CrowdStrike's advantage is that the agent is light, so it doesn't require many resources on the machines. It's easy to install, and the results are useful to the organization.

How was the initial setup?

I'm not directly involved with the setup. I prepare a proposal, and another department deploys the solution. Falcon doesn't require maintenance because the product runs in a cloud environment.

What about the implementation team?

We use a reseller and an integrator.

What was our ROI?

I rate CrowdStrike Falcon 10 out of 10 for ROI.

What's my experience with pricing, setup cost, and licensing?

My customers pay for yearly licenses. I rate CrowdStrike Falcon 10 out of 10 for affordability.

What other advice do I have?

I rate CrowdStrike Falcon 10 out of 10.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
757,198 professionals have used our research since 2012.
IT Network Infrastructure Manager at HENSOLDT
Real User
Top 20
Is a flexible, fully managed service, and provides peace of mind
Pros and Cons
  • "The anomaly detection is the most valuable feature."
  • "The portal can be clunky to navigate at times and has room for improvement."

What is our primary use case?

We use CrowdStrike Falcon as a managed SOC for intrusion detection on our endpoints.

How has it helped my organization?

Being a cloud-native solution, CrowdStrike Falcon provides flexibility and always-on protection. This is extremely important to have the best protection available.

It is a fully managed service, so they provide all the necessary updates for us which is helpful.

While CrowdStrike Falcon provides us with better peace of mind in terms of protection, it also generates alerts for potential threats, requiring our investigation. However, the platform further alleviates our anxiety by automatically reviewing unaddressed alerts, offering an additional layer of security. This coverage fosters a heightened sense of security.

CrowdStrike Falcon has been instrumental in preventing breaches, allowing us to operate with significantly increased security compared to the past. This has provided us with much greater peace of mind. While no security solution is foolproof, Falcon has brought us remarkably close. 

What is most valuable?

The anomaly detection is the most valuable feature.

What needs improvement?

The portal can be clunky to navigate at times and has room for improvement.

For how long have I used the solution?

I have been using CrowdStrike Falcon for two years.

What do I think about the stability of the solution?

I would rate the stability of CrowdStrike Falcon a nine out of ten. The only issue I have had is with an old version of the endpoint that was installed and has proven to be problematic. 

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable.

How are customer service and support?

The technical support is good and they provide prompt responses to all of our questions.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We implemented CrowdStrike Falcon in response to a security incident. It was the first endpoint detection and response service we had ever used, and we've been utilizing it since 2021.

How was the initial setup?

Deploying the sensors to our endpoints is straightforward. We do have a manual process for deploying the sensors to our endpoints. There are also options to do it through a group policy. It doesn't seem overly complex.

We rolled the solution out to our entire estate which took just over one week. We had up to 300 endpoints and required a team of five people to complete the deployment.

What was our ROI?

CrowdStrike Falcon enables us to save on resources which in turn provides a 20 percent return on investment.

What's my experience with pricing, setup cost, and licensing?

CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team. We lack the resources to replicate the full security services they provide without hiring additional personnel. The cost of Falcon is likely comparable to, or even less than, the salary and benefits we'd need for an extra employee. Furthermore, their on-call experts have more expertise, further enhancing the value proposition.

Which other solutions did I evaluate?

After a year, we reevaluated our endpoint security solution. We considered several options, including Arctic Wolf, SentinelOne, and Darktrace, alongside our existing Fortinet solutions. We participated in demos and ultimately determined that CrowdStrike's offering, both current and future, remained the best fit. While we hadn't initially explored other options before choosing CrowdStrike, external factors subsequently forced our hand. However, after a year of use and further evaluation, we reaffirmed our decision, concluding that CrowdStrike was still the most suitable solution for our needs.

What other advice do I have?

I would rate CrowdStrike Falcon a nine out of ten.

We have around 300 endpoints and three people who have access to the solution.

Three people are required for maintenance.

CrowdStrike Falcon was recommended by our head office in Germany.

I recommend CrowdStrike Falcon. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Jordan Swanson - PeerSpot reviewer
Information Security Assurance Engineer at School District of Lee County
Real User
Top 5
Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices
Pros and Cons
  • "It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
  • "The ability to receive text alerts natively in the console would be kind of cool."

What is our primary use case?

We integrate the data from this solution with ExtraHop, which is an NDR. Being able to move between both platforms and have network-level data and transactions over the network feed into XDR CrowdStrike is really powerful. It helps us make better decisions, it makes better decisions without human intervention, and it hones the analytics a little bit. The EDR aspect of it works almost exactly the same as the regular Falcon product. I will say that it's probably a lot better at scale than what we're using it for. I work at a school district, so for the individual schools, it's nice to see and isolate issues and have reports built by individual school locations rather than just everything looking like a whole hodgepodge of computers.

What is most valuable?

It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff, like look for old versions of applications that maybe you forgot about or find stuff that people are running that maybe you don't want on your network, and it lets you get rid of those. Also, its ability to do on-keyboard remote response and run PowerShell script through the sensor is pretty sick. It's ability to quarantine devices is also pretty great.

What needs improvement?

The ability to receive text alerts natively in the console would be kind of cool. Some people put their email on quiet hours, so having it natively in the system would be nice.

I know that they offer an identity piece and a firewall piece and we haven't subscribed to or purchased either of those, but having some of that data in the base program would be good, and then if you want more control, you pay for it. There's times where I want to look at an internet history of a device that's remote, or I want to see logins, successful or unsuccessful. I don't want to manage identity and I don't want CrowdStrike to alert on it, but it would be nice if the ability to see the data was included with the base product. Then that could kind of get your foot in the door with having the ability to look at that information, but not being able to do anything actionable with it.

For how long have I used the solution?

I have been using this solution for two years. 

What do I think about the stability of the solution?

The solution has never failed. The only false positives that we get are ones that we test with. I do true and false positive testing every month to make sure stuff is working correctly and the solution picks up on it. 

What do I think about the scalability of the solution?

The solution is very scalable. Our proof of concept was a few devices and now at full scale we have 50,000 devices. It's a cloud console, so if you do the implementation right and the sensor is put on in an automated process, it doesn't matter how many computers you have. It just runs. They have sensors for every kind of device: Macs, Windows, Linux, and I think even Android.

How are customer service and support?

The support is great. They're quick to respond and you see the same names pretty consistently. They probably do it by region or account or something like that, so it's not just a random person every time.

How was the initial setup?

The setup is as complex as you want to make it. They have engineers that help you. We did a proof of concept first and that was pretty seamless. If you want to build out a bunch of dynamic groups and have different policies affect the different groups separately, you can. If you want to purchase a bunch of licenses for integration with different products, they partner with a bunch of different security vendors and you can make it as complex or simple as you want. If you just want NextGen AV, you can just have NextGen AV and it's super simple and the sensor just sits on a computer, but if you have a bunch of data and want it to be really complicated and want to be able to do whatever you want, you can do that too. It's pretty flexible, in that sense.

What about the implementation team?

Getting it off the ground took myself, one CrowdStrike engineer, and we could have done it with one systems engineer, but we had two because one was on the client side for the Windows hosts and one was for enterprise for the data center and servers. We did it with four people, and me and one other guy manage it ourselves.

What other advice do I have?

We pay for Overwatch, which is kind of like a sock where someone that works for CrowdStrike monitors certain aspects of your network, and then they can make notes and quarantine devices for you, and they'll alert you at 2:00 in the morning. It's really great, but it takes two people to manage the alerts after a bit of tuning to make sure that the stuff that is on your network that you want to be there, that's getting picked up by CrowdStrike, is excluded. I get maybe ten alerts a day, but that comes from having good hygiene in other areas. If you're not preventing those alerts or fixing the problems that CrowdStrike is picking up, you're going to have a lot of work to do, but if you use CrowdStrike as a hygiene tool, it's a lot easier to manage.

My advice would be to automate as much of the management as you can. Sensor deployment can be really annoying, but if you figure out how to automate it in your environment, that will make it way easier. That way, as the devices are provisioned, they have the sensor on them and they just pop up into your console. I know some people do it by hand and that's a nightmare.

I would rate this solution as a nine out of ten. It's really good. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ali Minissi - PeerSpot reviewer
Group IT Director - Technical Operations at a construction company with 10,001+ employees
Real User
Automatically takes immediate action whenever it detects suspicious activity
Pros and Cons
  • "The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
  • "CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."

What is our primary use case?

We use CrowdStrike Falcon for both our server and endpoint security, including our users' laptops and PCs.

How has it helped my organization?

CrowdStrike Falcon has made a significant difference for us, especially in mitigating ransomware and zero-day attacks. Its proactive and defensive response approach effectively isolates threats, setting it apart from other endpoint solutions.

Integrating CrowdStrike Falcon into our environment was seamless. Once we set the policy the software was activated immediately and distributed on all our endpoints.

The real-time response is highly effective. It automatically takes immediate action whenever it detects suspicious activity, alerting us to the problem and providing clear mitigation steps. In some cases, it even pushes through updates to resolve the issue proactively.

The usability and interface of CrowdStrike Falcon for daily operations are good. 

What is most valuable?

The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action.

What needs improvement?

CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR.

The pricing has room for improvement.

For how long have I used the solution?

I have been using CrowdStrike Falcon for three years.

What do I think about the stability of the solution?

In the three years of using CrowdStrike Falcon, we have not encountered any stability issues.

What do I think about the scalability of the solution?

CrowdStrike Falcon scales well. We are using it in a large environment with no problems.

How are customer service and support?

The technical support is responsive.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used both Symantec Endpoint Detection and Response and Kaspersky Endpoint Detection and Response but found that they lacked the 24/7/365 monitoring and response offered by CrowdStrike Falcon. Additionally, their detection capabilities, particularly for ransomware and zero-day attacks, were not as effective.

How was the initial setup?

The initial deployment was straightforward and non-disruptive. The deployment took one week to complete.

We required two people from our organization for the deployment on-site and the CrowdStrike team worked remotely.

What about the implementation team?

The CrowdStrike team helped with the implementation.

What's my experience with pricing, setup cost, and licensing?

CrowdStrike Falcon is one of the more expensive endpoint solutions on the market.

What other advice do I have?

I would rate CrowdStrike Falcon an eight out of ten.

We deployed CrowdStrike Falcon across all our locations, including subsidiaries and remote sites in various regions.

Maintaining CrowdStrike Falcon is simple because it only requires a client agent to be installed on the machine at the kernel level, below the operating system.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Chief Security Officer at a financial services firm with 201-500 employees
Real User
Protects employees wherever they are and offers visibility into what machines need patching, but the deployment process needs improvement
Pros and Cons
  • "The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate."
  • "If we have a dashboard capability to uninstall agents, I think that would be great."

What is our primary use case?

We have several use cases including threat management, EDR, AV, and a SOC with 24x7 monitoring.

How has it helped my organization?

The fact that CrowdStrike is a cloud-native solution is very important. We don't have to deal with any upgrades on the appliances or console. The only thing we have to deal with is the upgrade of the agents. The SaaS model works very well for smaller companies like us.

The flexibility and always-on protection that is provided by a cloud-based solution are important to us. The cloud is everywhere. So, with the agent on the laptop, wherever the user may go, including home, office, or traveling, it's protected 24x7, all the time. That's what we require and this is what we got.

We haven't had cases where we have quarantined any material stuff yet, because we are relatively small and we don't see a lot of malware in our environment. In this regard, it has been relatively quiet.

In terms of its ability to prevent breaches, if you look at the cyber kill chain, the sooner you detect malicious activity, the better you are in responding as opposed to waiting for a data breach. I think CrowdStrike is capable of identifying malicious activity throughout the whole cyber kill chain. Step one is establishing when they have a foothold in the environment, and then detect whether they are moving laterally. The sooner they are discovered, the better we are at stopping data breaches.

CrowdStrike has definitely reduced our risk of data breaches. It reduces the risk of ransomware and it gives us comfort that someone is watching our back.

We had some end-of-life workstations that were running Windows 7 and for some reason, related to PCI compliance, CrowdStrike rejected them. This helped us in terms of maintaining our PCI compliance.

What is most valuable?

The OverWatch is the most valuable feature to me. It's a 24x7 monitoring service, and when they see anything suspicious in my environment, they will investigate. Essentially, they're an extension of my team and I like that. We're a small company and we only have a base of approximately 260 employees. As such, we cannot afford to hire skilled security people. So this makes sense for a smaller company like us.

There is a helpful feature to look into the vulnerability of the endpoint, which allows us to see which PCs have been patched and which ones have not. That helps my team to focus on those PCs that require their attention.

What needs improvement?

The deployment process is an area that needs to be improved. For some reason, CrowdStrike does not provide any help in terms of how to deploy the agent in a more efficient manner. They just don't provide the support there, which leaves their customers to figure out how to push agents out, either through GPO or through BigFix or through SCCM, and there was no support on that side. Not being able to complete the deployment in an efficient manner is one of the huge weaknesses.

It would be good if they had a feature to remove agents. We're in a transaction processing environment and if CrowdStrike is affecting a transaction processing server, we need to uninstall that agent pretty fast. Right now, the uninstall has to be done manually, which is not great. If we have a dashboard capability to uninstall agents, I think that would be great.

The dashboard seems a little bit too clunky in the sense that it's spread out in so many ways that if you don't log in on a daily basis, you're going to forget where things are. They can do a better job in organizing the dashboard.

For how long have I used the solution?

I have been using CrowdStrike Falcon for approximately five months.

What do I think about the stability of the solution?

I haven't had any issues for five months since we've installed it, which is good to know. No users have complained about any CPU spikes or false positives, which we like.

What do I think about the scalability of the solution?

If you have a way to deploy agents in a rapid manner, I think the scalability is there. As we buy and acquire companies, we have to roll out agents to those places. Right now, it's still very manually intensive and it slows down the process a lot. So, I think the scalability can be improved with a rapid deployment feature.

Our strategy right now is just to install CrowdStrike for PCs and laptops. Once we get comfortable with the technology, we can start testing the servers. It's just that we haven't finished the deployment to PCs and workstations yet.

We have approximately 260 endpoints and we're probably about 20% complete in terms of deployment.

How are customer service and technical support?

We've raised support tickets such as the request for rapid deployment capabilities. However, we only received responses to the effect that they do not support anything like it. In that regard, the support has not been great.

That said, we don't use the support site a lot because we haven't had any issues with CrowdStrike. So, I can't say much about that.

Which solution did I use previously and why did I switch?

Prior to CrowdStrike, we used Carbon Black Threat Hunter.

There is a huge difference between the two products. CrowdStrike is quiet. I think that Carbon Black Threat Hunter just locks everything that has to do with the endpoint. You generate a lot of noise, but it means nothing. Whereas CrowdStrike is more about real threats and we haven't seen much from it.

On the other hand, with Carbon Black Threat Hunter, we were able to deploy pretty fast and we could uninstall agents pretty quickly from the dashboard.

I had originally heard about CrowdStrike Falcon from my peers. A lot of CSOs that I have roundtable discussions with speak highly about it.

How was the initial setup?

The sensor deployment is a manual process right now, where we have to log into every workstation, every server, and install it manually. It's very time-consuming.

It's an ongoing process across our organization.

What about the implementation team?

One of our security engineers is in charge of deployment. However, we don't have someone on it full time. He works on this when he has time available, so we probably only have one-third of a person working on it.

What's my experience with pricing, setup cost, and licensing?

We completed a PoC using the trial version, and it was pretty easy to do. It took us less than an hour to deploy. It was just a matter of downloading a trial agent and setting it up.

Having the trial version was important because the easier the PoC is, the better the chances are of us buying the tool.

At approximately 40% more, Falcon is probably too expensive compared to Cisco AMP and Cylance, although that is because of the OverWatch feature. If you took out the OverWatch feature then they should be about the same. There are no costs in addition to the standard licensing fee.

Which other solutions did I evaluate?

We evaluated other products including Cisco AMP and Cylance. Neither of these products has the Overwatch feature that CrowdStrike has. The reason why we chose CrowdStrike was that we need to have 24x7 monitoring of our endpoints. That's the main difference.

In terms of ease of use, CrowdStrike is not so great. Cisco AMP has a better, cleaner dashboard and they're more mature in the way that you navigate. It's as though they have spent time getting customers to click on features and then figured out which is the quickest way to get to what you want, whereas CrowdStrike is not there in that sense.

Cylance is even better in terms of ease of use. They dumb it down to only a small number of menus and dashboards. There are probably only five dashboards that I look at on Cylance, whereas with CrowdStrike, I have to look at many.

What other advice do I have?

My advice for anybody who is considering CrowdStrike is definitely to start with a PoC, and then definitely to subscribe to OverWatch. I think that OverWatch is the main benefit to it.

The biggest lesson that I have learned from CrowdStrike is about the different threats that are out there. They have a nice dashboard with information about threats, and you can read it and learn from it.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Director, IT & Systems Security at Tilson
Real User
Good visibility helps us make educated decisions, easy to scale, helpful threat-response support
Pros and Cons
  • "The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed."
  • "The console is a little cluttered and at times, finding what you're looking for is not intuitive."

What is our primary use case?

We implemented CrowdStrike because we needed to identify a new solution to address a 100% remote workforce, both because of COVID, but in general, our workforce is very distributed around the country.

How has it helped my organization?

The primary way that CrowdStrike has improved the way our organization functions is visibility. When we do have an issue, the ability to see what was happening before, during, and after the issue on the target laptop or server is far better than what we were used to.

Having the updates happening automatically, with a third-party defining those updates and pushing those in, also providing us visibility into the current status of all of our endpoints, is critical.

We use Falcon's endpoint and cloud workload protection, which is deployed on our Azure cloud servers. It is definitely one of the top options available to any organization. We had reviewed 10 different applications in the EDR space and Falcon was one of the top three that we had identified.

In terms of preventing breaches, so far, it's doing great. Definitely, in our testing that we do every month, it is identifying issues that arise with more certainty. Simply, the team has more confidence in what they're utilizing as a tool and it has freed them up to work on things that are a more efficient use of their time.

What is most valuable?

The Protect functionality on the laptops provides great visibility into what's occurring, and the cloud management of the platform is what we needed.

It is important to us that this cloud-native solution provides us with flexibility and always-on protection because we have a 100% distributed workforce, in place even before COVID. To manage 600 remotely-deployed laptops requires a cloud-managed solution.

What needs improvement?

The console is a little cluttered and at times, finding what you're looking for is not intuitive. Once you find it, it's great, but it's not always very intuitive as to how to find exactly what you're looking for sometimes.

For how long have I used the solution?

I have been using CrowdStrike Falcon for six months.

What do I think about the stability of the solution?

We have had no issues at all with stability, and no conflicts on any of our endpoints or servers.

What do I think about the scalability of the solution?

It seems to be limitless from a scalability standpoint. Definitely, there would be no impact on our end, and we haven't noticed or run into any issues as we scaled from our initial 10 systems to 600. There was no difference in speed or reporting, et cetera.

So, scalability does not seem to be an issue.

How are customer service and technical support?

Technical support is an area for improvement. If you have an actual issue, such as an identified threat, then they are very good. However, if you're struggling to figure out what might have occurred, we're still trying to figure out how to get our best support from CrowdStrike in those situations.

Which solution did I use previously and why did I switch?

Prior to Falcon, we were using Webroot.

The primary improvement that we have seen is visibility. We had no visibility into what happened before, during, and after a situation with Webroot, but with CrowdStrike, we have that visibility, which allows our team to make educated decisions. In terms of detection and prevention, I believe it's all experiential so far. Falcon has been very good at both detection and remediation for any issue that has come up.

How was the initial setup?

The sensor setup and deployment were extremely easy. We were able to deploy a hundred percent of our endpoints within 60 days. We found it to be very smooth.

It was a very simple deployment strategy to get the agent out to the end-users. It was so smooth that we didn't even have to notify the end-users that it was being done. It just happened automatically. 

There was no conflict between CrowdStrike and our existing EDR that we were going to get rid of. After the installation, we were able to have the old EDR totally removed within 30 days.

What about the implementation team?

We had two people for deployment and we have one for maintenance. Their roles are in information security.

What was our ROI?

We have seen ROI in that our team is freed up to work on things that are more important.

What's my experience with pricing, setup cost, and licensing?

We took advantage of Falcon's free trial before purchasing it, and it was very easy to get it. We were on the phone with a representative discussing our next steps and they offered the free trial, and we were set up and functional with it the next morning. Having a free trial period is something that is expected. If anybody wants our business in this space then it's necessary because we aren't going to purchase something without trying it first.

The pricing is not bad. It's on the higher end of the market, but you get what you pay for. It's a little on the confusing side because the name of the item they're selling doesn't match what you see when you log into the product.

If you buy "Protect" and you log into the product, you don't see "Protect". You see something else, like "Identify" or whatever. So, they need to do a better job of aligning product names from the sale to within the product.

There are add-on fees for different packages that you can buy, and we are looking at adding on some feature functionality as we go forward.

Which other solutions did I evaluate?

We evaluated 10 different solutions in the EDR space. The top three included CrowdStrike Falcon, Carbon Black, and Microsoft's ATP.

CrowdStrike was a little better, cost-wise, than the other two. Also, I felt that the console for managing the platform was easier for my team.

What other advice do I have?

My advice for anybody who is looking into implementing this product is that every organization is slightly different in its needs, and CrowdStrike may or may not be the right solution. Once you can do a trial and a bake-off of multiple options, you'll find if CrowdStrike is the right solution or not.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
JavierFernandez - PeerSpot reviewer
Head of IT at Alantra
Real User
Accurate, good technical support, and reliable
Pros and Cons
  • "The most valuable feature of CrowdStrike Falcon is its accuracy."
  • "CrowdStrike Falcon could improve the logs by making them free to the API."

What is most valuable?

The most valuable feature of CrowdStrike Falcon is its accuracy.

What needs improvement?

CrowdStrike Falcon could improve the logs by making them free to the API.

For how long have I used the solution?

I have used CrowdStrike Falcon for two years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

CrowdStrike Falcon is a scalable solution.

We have approximately 800 people using this solution in my organization.

How are customer service and support?

CrowdStrike Falcon technical support has been fine in my experience.

Which solution did I use previously and why did I switch?

I have used other solutions before CrowdStrike Falcon, such as Symantec.

Symantec does not have any advantage over CrowdStrike.

How was the initial setup?

The initial setup of CrowdStrike Falcon is easy.

What's my experience with pricing, setup cost, and licensing?

The price of CrowdStrike Falcon is reasonable.

What other advice do I have?

I rate CrowdStrike Falcon a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.