We provide a service for our clients with CrowdStrike Falcon. Alerts come into the CrowdStrike Falcon dashboard, and we investigate them based on the process tree and commands running. We check everything for any infections in the host or internal connections. If a threat is confirmed, we place it into the containment section inside Falcon.
Sr Analyst at ATOS
The threat score helps us prioritize remediation and cross-reference with other products
Pros and Cons
- "CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools."
- "CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
What is our primary use case?
How has it helped my organization?
CrowdStrike improves our detection capabilities. We use multiple tools like Symantec and this one. CrowdStrike reports on the processes and services, allowing us to investigate forensically. We can conduct a deep analysis and identify the threat at the memory level. We can do more investigation of the process to see where it started and where it is going. We can see the commands running on the backend, CPU utilization, and memory consumption. All of that information is helpful.
What is most valuable?
CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools.
It's integrated with multiple threat intelligence sources, such as the AbuseIPDB. That integration helps because we can easily cross-check between CrowdStrike and other solutions like an MDR or Azure AD. Hybrid analysis is integrated with CrowdStrike in our environment. There's also sandbox analysis. It's more informative. We perform a routine activity in our test environment where we simulate the process and file.
What needs improvement?
CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization.
Buyer's Guide
CrowdStrike Falcon
September 2025

Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
867,497 professionals have used our research since 2012.
For how long have I used the solution?
I have used Falcon for more than two years.
What do I think about the stability of the solution?
CrowdStrike Falcon is a stable solution.
What do I think about the scalability of the solution?
CrowdStrike is scalable. We can query large amounts of data, and the solution responds well, whereas Splunk takes a longer time to perform a search operation.
How are customer service and support?
I rate CrowdStrike support 10 out of 10. They respond quickly and don't take much time to resolve all our issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used Symantec and Rapid7.
How was the initial setup?
Falcon was already deployed when I started working. It requires some maintenance. We need to make some adjustments for some use cases, or we might need to implement upgrades that require downtime.
What's my experience with pricing, setup cost, and licensing?
CrowdStrike Falcon is expensive because it's based on the number of services.
What other advice do I have?
I rate CrowdStrike Falcon 10 out of 10. It has delivered some good results.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

IT Network Infrastructure Manager at HENSOLDT
Is a flexible, fully managed service, and provides peace of mind
Pros and Cons
- "The anomaly detection is the most valuable feature."
- "The portal can be clunky to navigate at times and has room for improvement."
What is our primary use case?
We use CrowdStrike Falcon as a managed SOC for intrusion detection on our endpoints.
How has it helped my organization?
Being a cloud-native solution, CrowdStrike Falcon provides flexibility and always-on protection. This is extremely important to have the best protection available.
It is a fully managed service, so they provide all the necessary updates for us which is helpful.
While CrowdStrike Falcon provides us with better peace of mind in terms of protection, it also generates alerts for potential threats, requiring our investigation. However, the platform further alleviates our anxiety by automatically reviewing unaddressed alerts, offering an additional layer of security. This coverage fosters a heightened sense of security.
CrowdStrike Falcon has been instrumental in preventing breaches, allowing us to operate with significantly increased security compared to the past. This has provided us with much greater peace of mind. While no security solution is foolproof, Falcon has brought us remarkably close.
What is most valuable?
The anomaly detection is the most valuable feature.
What needs improvement?
The portal can be clunky to navigate at times and has room for improvement.
For how long have I used the solution?
I have been using CrowdStrike Falcon for two years.
What do I think about the stability of the solution?
I would rate the stability of CrowdStrike Falcon a nine out of ten. The only issue I have had is with an old version of the endpoint that was installed and has proven to be problematic.
What do I think about the scalability of the solution?
CrowdStrike Falcon is scalable.
How are customer service and support?
The technical support is good and they provide prompt responses to all of our questions.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We implemented CrowdStrike Falcon in response to a security incident. It was the first endpoint detection and response service we had ever used, and we've been utilizing it since 2021.
How was the initial setup?
Deploying the sensors to our endpoints is straightforward. We do have a manual process for deploying the sensors to our endpoints. There are also options to do it through a group policy. It doesn't seem overly complex.
We rolled the solution out to our entire estate which took just over one week. We had up to 300 endpoints and required a team of five people to complete the deployment.
What was our ROI?
CrowdStrike Falcon enables us to save on resources which in turn provides a 20 percent return on investment.
What's my experience with pricing, setup cost, and licensing?
CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team. We lack the resources to replicate the full security services they provide without hiring additional personnel. The cost of Falcon is likely comparable to, or even less than, the salary and benefits we'd need for an extra employee. Furthermore, their on-call experts have more expertise, further enhancing the value proposition.
Which other solutions did I evaluate?
After a year, we reevaluated our endpoint security solution. We considered several options, including Arctic Wolf, SentinelOne, and Darktrace, alongside our existing Fortinet solutions. We participated in demos and ultimately determined that CrowdStrike's offering, both current and future, remained the best fit. While we hadn't initially explored other options before choosing CrowdStrike, external factors subsequently forced our hand. However, after a year of use and further evaluation, we reaffirmed our decision, concluding that CrowdStrike was still the most suitable solution for our needs.
What other advice do I have?
I would rate CrowdStrike Falcon a nine out of ten.
We have around 300 endpoints and three people who have access to the solution.
Three people are required for maintenance.
CrowdStrike Falcon was recommended by our head office in Germany.
I recommend CrowdStrike Falcon.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
CrowdStrike Falcon
September 2025

Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
867,497 professionals have used our research since 2012.
Trainee Engineer at COMPASS IT Solutions & Services Pvt.Ltd.
Offers real-time monitoring features and next-gen AV that uses AI
Pros and Cons
- "It's really good because it can detect anything."
- "I'm concerned about the recent issue that involved a faulty update."
What is our primary use case?
It gives an overview and insights into my AD accounts. It shows if any identity, like an AD user, is compromised, has a weak password, or is logging in from an unusual system. Any anomalies.
What is most valuable?
I like the insights and detailed view of my AD structure. How protected it is, or is there any loophole or an area that needs more protection.
Another feature I like is that it gives insights into all my domain controllers and ADCs. The configuration is also really easy.
The real-time monitoring feature is good. For example, a user account is hacked. It alerts me that it's been hacked and prompts me to look into it or have the user change their password. I can then log in to my AD, change the password, or notify the user that their account has been compromised and ask them to change their password.
AI capabilities of CrowdStrike are also good.
When I use Identity Protection, I want the full stack, like going for XDR. If anything happens, like a laptop being compromised using a password, it gives me the entire attack flow. For example, the attack came from a particular user, like an IT admin. If their identity is hacked and they log into multiple systems, and those systems are affected, we can see those details and provide good support or recovery for customers and partners.
What needs improvement?
I'm concerned about the recent issue in July 2024. It involved a faulty content configuration update. What if another update causes the same problem again?
For how long have I used the solution?
I have been using it for two years.
What do I think about the stability of the solution?
Stability, I would rate it as a seven out of ten. There are a few instances where our customers have complained about the digital signatures it uses. Sometimes, even if you create a policy, it still tends to block it. A few applications get flagged as malicious even though the customer trusts them. Even if you create an exception rule, it might still block it after a few weeks. Also, there's the recent issue we faced with CrowdStrike and Windows. So, based on that, I'd give it a seven out of ten.
There is room for improvement. They need to conduct more thorough R&D before releasing updates. I think they didn't do that this time, but it was just a one-time issue. However, what if it happens again? That's a concern.
What do I think about the scalability of the solution?
Scalability-wise, I would give it a ten out of ten. It's simple because it's a SaaS solution. For example, this month, I have 50 users. Next month, I have 50 additional users. I just need to buy more licenses and add those systems to CrowdStrike. If I need to put them in certain groups with specific policies, that's easy too.
We work with all types of businesses, including small, medium, and enterprise businesses. Scalability is simple. I don't even need to install it on my laptop. One more good thing is that it offers an XDR view where I can add other components, like the email security solution Proofpoint. I can integrate it, so I'll get my emails and everything will be in a single pane of glass.
How are customer service and support?
We have a Technical Account Manager (TAM). We can directly call them and raise a ticket. Initially, it was a six or even a five because we had to send an email, and it would take three to four days for them to reply. Now, with the TAM, we can get issues resolved faster.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have experience with CrowdStrike, apart from their Cloud Security offering, which is on GCP. I've worked with CrowdStrike Identity Protection, Device Control, Device Control, EDR, XDR - basically everything except their cloud solution.
How was the initial setup?
The initial setup is straightforward. I don't need to install an agent in my AD, and I can get alerts from my read-only domain controller, which is also good.
I would rate my experience with the initial setup a ten out of ten, with ten being easy and one being difficult.
It's not required to deploy on-premises. It's a SaaS solution. I just need to download the agent and install it on each of my devices, whether they're VMs or my laptop.
One more good thing is that I don't need to be in my office network for it to keep protecting me. I can take the system home, and it will still be protected.
The deployment itself takes about a day to install everything if it's user-based. But for CrowdStrike to learn what to block and what not to block in your specific environment, it will take easily about two weeks. There will be some applications that it might consider a threat because it's a next-gen AV that uses AI.
So, some applications the customer uses might be flagged. I can whitelist them or create a policy to allow them. That's also a very good feature of CrowdStrike.
So, for the initial setup takes two weeks. For it to get to know your environment and work smoothly, just to install agents and set up the dashboard, policies, and all that, it takes about one day.
It offers seamless integration with the existing security infrastructure. We haven't faced any challenges because our customers use CrowdStrike only for endpoint and server security. They haven't gone to the XDR level yet. However, many other OEMs I've spoken to, like Zerto, have said that the CrowdStrike and Zerto integration is very seamless. So, if anything happens on my server end, I'll know when it happened and what the issue is from CrowdStrike. Or, for example a ransomware attack happens, I can restore from my Zerto application.
What was our ROI?
The benefit I've seen is their backend, which powers the EDR, XDR, and NGAV. It's really good because it can detect anything due to the wide range of customers they have.
For example, one customer has a vulnerability because of a zero-day attack. All the other customers will benefit because it propagates to the cloud and analyzes if other customers are on the same version of the drivers or any other Windows patch. If they are, it will tell us that there's an issue and provide remediation steps. Many of our customers find this very helpful. It's called the CrowdStrike community.
What's my experience with pricing, setup cost, and licensing?
I would rate it a seven out of ten, where one is cheap, and ten is expensive because it's a bit on the costlier side. Compared to Symantec or Trend Micro, CrowdStrike is more expensive.
What other advice do I have?
Overall, I would rate the product an eight out of ten because of one recent issue that happened.
I'm concerned about the recent issue that happened. What if another update causes the same problem again? Is it really as good as it seems? Even our customers have given very good feedback, they get more insights into what's happening, what they should do, and what remediation steps to take. So, in that way, it's very good.
I would recommend it, especially if you're going for endpoint security. I'd definitely recommend CrowdStrike first because it's more mature than SentinelOne and other EDR solutions in the APAC region.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Manager II at ICICI Prudential Life Insurance Company Ltd
Offers good AI features to users
Pros and Cons
- "The product's deployment phase is easy."
- "Some policies in the tool need to be fine-tuned. Customized IOCs need to be improved since they have certain shortcomings."
What is our primary use case?
I used the tool since my company wanted a product with next-generation antivirus and EDR, as it can help with the detection of malicious activities and behavior detection, and the MI and machine learning part in the tool also helps.
What needs improvement?
Only for the customized IOCs, there is a need to highlight certain aspects, and based on it, we get to block only the hash values but is not based on the file name, like .exe, or other extensions, so I can't block them, making it in an area where the solution needs to improve.
My company had raised a concern with CrowdStrike's support team when one of the antivirus applications that communicates with CrowdStrike started misbehaving. For both the aforementioned tools, the same support ticket had to be raised. If my company had to provide any suggestions regarding the whitelisting part, there was a delay of over a month when dealing with the product's support team. If the tool's support team suggests users follow certain steps, and if it is not followed or is not in progress, then after two or three days, the tool's support team needs to join a video call and provide a resolution to the users.
Some policies in the tool need to be fine-tuned. Customized IOCs need to be improved since they have certain shortcomings. With the customized IOCs, it can be made possible to block a file extension with a filename or file extension type of blocking. Providing users with the ability to customize policies would be a good improvement to the solution.
For how long have I used the solution?
I have been using CrowdStrike Falcon Threat Intelligence for a year. I am a user of the tool.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight and a half out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
My company's cybersecurity and IT security team use the tool. In my company, there are 15,000 users. For servers, there are 1,500 users.
Right now, there is no need to increase the usage of the tool.
How are customer service and support?
The solution's technical support is not good. I rate the technical support a four to five out of ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have experience with Palo Alto.
The detection and other functionalities in CrowdStrike and Palo Alto are the same, but cost-wise, CrowdStrike is reasonable. Technically, I would prefer Palo Alto over CrowdStrike.
How was the initial setup?
The product's deployment phase is easy. I rate the setup phase of the tool as a ten on a scale where one is difficult and ten means it is an easy process.
The solution can be deployed in the cloud and on an on-premises model.
The solution can be initially deployed in a minute.
Considering the number of users, servers, cloud, and on-premises environment, it hardly takes 15 to 20 days. When there are laptop and desktop users who are online, and there is a need to install the agent, then there can be some issues, and with such minor things, ten days are more than enough for the installation.
What's my experience with pricing, setup cost, and licensing?
CrowdStrike is a reasonably priced tool.
What other advice do I have?
In terms of the ability of the tool to deal with threats, I would say that the product does it by around 85 percent.
The real-time response of the tool is good, and I feel it is around 90 to 95 percent.
The tool's incident-handling capability is good.
Considering the influence of the product on our company over some time, I would say that the solution is cost-effective and offers good threat detection features. The tool's interface is also good.
The tool's AI features are good, but they are not useful for our company since the area of detection is not something in our bucket right now.
If you have a big budget, go with Palo Alto. If you have a low budget and want a tool that provides more accuracy during detection, then it is better to go with CrowdStrike.
I rate the tool a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Chief Technology Officer at GM Modular
The integration is flexible, helps identify required patches, and excels in external media control
Pros and Cons
- "The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
- "If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."
What is our primary use case?
CrowdStrike Falcon is our platform for IT security, encompassing endpoint security, cloud security, and EDR capabilities.
How has it helped my organization?
CrowdStrike protected us from a cyberattack. That's why I believe it's a very effective product. It's already prevented attacks on 2 occasions. It successfully quarantined suspicious files, essentially making our organization much safer.
We also leverage CrowdStrike Falcon Overwatch, a managed threat-hunting service offered by CrowdStrike. This service complements CrowdStrike's EDR functionality, which provides automated detection and response capabilities against external attacks. In our case, CrowdStrike successfully identified and automatically contained a cyberattack launched against our organization.
Our CrowdStrike Falcon integration with our SIEM is proving to be flexible.
What is most valuable?
The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition. It also excels in external media control, particularly USB access. The ability to disable USB access to flash drives significantly improves security.
Furthermore, Falcon helps identify patches needed for Windows, Mac, and other operating systems. This provides valuable reports and insights into our system vulnerabilities, allowing us to proactively address them.
What needs improvement?
If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products.
For how long have I used the solution?
I have been using CrowdStrike Falcon for 2 years.
What do I think about the stability of the solution?
I would rate the stability of CrowdStrike Falcon 8 out of 10.
What do I think about the scalability of the solution?
We've deployed CrowdStrike Falcon across all 3,000 of our endpoints, and it has demonstrated excellent scalability. Therefore, scalability is not a concern for CrowdStrike in terms of performance or its ability to handle growth.
I would rate the scalability a 9 out of 10.
How was the initial setup?
The deployment was straightforward, taking 2 months for 3,000 endpoints. We implemented it directly where needed. The process was simple and easy. We believe this approach offers advantages due to its lower complexity compared to other methods. Careful planning was essential, and with a clear plan for sensor installation, we were able to execute the deployment successfully.
What about the implementation team?
While a third party handled the implementation, the OEM provided us with direct training on Falcon alongside CrowdStrike.
What was our ROI?
CrowdStrike Falcon has demonstrably provided a positive return on investment. We've already encountered two specific instances where, without CrowdStrike, the company would have faced millions in damages. In one case, we would have likely lost our entire SAP system.
What's my experience with pricing, setup cost, and licensing?
The pricing of CrowdStrike Falcon is competitive.
Which other solutions did I evaluate?
After evaluating SentinelOne, we found CrowdStrike to be a superior solution. CrowdStrike offers advantages in dashboard compatibility and a feature called Overwatch, which gives it a competitive edge.
What other advice do I have?
I would rate CrowdStrike Falcon 8 out of 10.
CrowdStrike Falcon is deployed in multiple branches across India.
No maintenance is required from our end.
I recommend CrowdStrike Falcon. It is not a solution we need to think twice about using.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
NTT at Sonda S.A.
Easy to deploy and manage with many helpful features
Pros and Cons
- "I haven't had any issues with bugs or glitches. I haven't had a problem with stability so far."
- "The solution isn't known in my market. The brand isn't as recognizable. Their shortcomings are more on the marketing side."
What is our primary use case?
We use the product for cloud security. We use it for prevention, to watch for gaps in security. We work with customers seeking prevention for advanced apps.
How has it helped my organization?
Sometimes a customer has multiple solutions that come at a higher cost. They have to pay for all of these other security features. With CrowdStrike, customers get one agent for all system operations. It offers more security for remote work and clients gain access to the latest protections.
What is most valuable?
The solution offers good features. The prevention and device control are useful. It offers helpful firewall management and identity protection.
They've reduced the complexity and provide better security outcomes. Customers tend to prefer CrowdStrike.
It's easy to deploy and manage.
What needs improvement?
The solution isn't known in my market. The brand isn't as recognizable. Their shortcomings are more on the marketing side. Everyone knows Microsoft Defender. Customers need to hear more about CrowdStrike and all the advantages and features on offer.
For how long have I used the solution?
We've used the solution for three to four months.
What do I think about the stability of the solution?
I haven't had any issues with bugs or glitches. I haven't had a problem with stability so far.
What do I think about the scalability of the solution?
The capability to scale so far has been good.
How are customer service and support?
Technical support is good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I'm also familiar with Microsoft Defender. However, Defender works best with Microsoft and not necessarily other legacy applications. With CrowdStrike, you can secure all system operations and versions. It's easier to deploy and operate.
How was the initial setup?
The deployment is seamless and users get immediate protection. It's lightweight. There's one agent deployed to endpoints in minutes. The product offers consistent coverage. There's no complex integrations and it doesn't need fine-tuning. In comparison, Defender can be more complex.
CrowdStrike can be deployed on any operating system, not just Microsoft.
There isn't really maintenance, it's set and forget. The agent updates automatically and receives continuous security updates, enabling immediate enforcement across endpoints.
What was our ROI?
The solution is well worth the cost.
What's my experience with pricing, setup cost, and licensing?
The costs are predictable. There are no surprises.
In Chile, there are not a lot of CrowdStrike partners of the managed service; therefore, it's a little more expensive than Microsoft, as there are so many more managed partners for Microsoft. That said, if you look at the total cost of ownership, CrowStrike is better than Microsoft.
What other advice do I have?
We're a reseller. We're still new to CrowdStrike.
I'd rate the solution eight out of ten. The cost is good and they offer better tech support. Also, the protection is wonderful.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Group IT Director - Technical Operations at a construction company with 10,001+ employees
Automatically takes immediate action whenever it detects suspicious activity
Pros and Cons
- "The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
- "CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
What is our primary use case?
We use CrowdStrike Falcon for both our server and endpoint security, including our users' laptops and PCs.
How has it helped my organization?
CrowdStrike Falcon has made a significant difference for us, especially in mitigating ransomware and zero-day attacks. Its proactive and defensive response approach effectively isolates threats, setting it apart from other endpoint solutions.
Integrating CrowdStrike Falcon into our environment was seamless. Once we set the policy the software was activated immediately and distributed on all our endpoints.
The real-time response is highly effective. It automatically takes immediate action whenever it detects suspicious activity, alerting us to the problem and providing clear mitigation steps. In some cases, it even pushes through updates to resolve the issue proactively.
The usability and interface of CrowdStrike Falcon for daily operations are good.
What is most valuable?
The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action.
What needs improvement?
CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR.
The pricing has room for improvement.
For how long have I used the solution?
I have been using CrowdStrike Falcon for three years.
What do I think about the stability of the solution?
In the three years of using CrowdStrike Falcon, we have not encountered any stability issues.
What do I think about the scalability of the solution?
CrowdStrike Falcon scales well. We are using it in a large environment with no problems.
How are customer service and support?
The technical support is responsive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used both Symantec Endpoint Detection and Response and Kaspersky Endpoint Detection and Response but found that they lacked the 24/7/365 monitoring and response offered by CrowdStrike Falcon. Additionally, their detection capabilities, particularly for ransomware and zero-day attacks, were not as effective.
How was the initial setup?
The initial deployment was straightforward and non-disruptive. The deployment took one week to complete.
We required two people from our organization for the deployment on-site and the CrowdStrike team worked remotely.
What about the implementation team?
The CrowdStrike team helped with the implementation.
What's my experience with pricing, setup cost, and licensing?
CrowdStrike Falcon is one of the more expensive endpoint solutions on the market.
What other advice do I have?
I would rate CrowdStrike Falcon an eight out of ten.
We deployed CrowdStrike Falcon across all our locations, including subsidiaries and remote sites in various regions.
Maintaining CrowdStrike Falcon is simple because it only requires a client agent to be installed on the machine at the kernel level, below the operating system.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Data Hosting and Security Special at Two aquate
Offers good centralization and access to remote sites with an easy setup
Pros and Cons
- "The initial setup is a very fast process."
- "We'd like to see more integration capabilities."
What is our primary use case?
We're installing the solution on some of our external servers. It has a cloud portal, and we can control everything through the cloud. It's good for remote sites.
What is most valuable?
I like that it has a centralized cloud, and all the agents provide visibility on our remote sites. It offers good central management. It can be accessed through external networks.
The management is taken care of. It's a complete solution that's taken care of by CrowdStrike. We don't have to do anything.
What needs improvement?
We'd like to see more integration capabilities.
We need more log storage as CrowdStrike will dump all logs to the centralized server.
For how long have I used the solution?
I've been using the solution for five years.
What do I think about the stability of the solution?
The solution is stable enough. We have not had any downtime. The only issue is if we have issues with the internet connectivity.
How are customer service and support?
We get support from their local vendors. We have a lot of local support. If they cannot handle the case, they directly forward the issue to CrowdStrike. The downside is that support asks for too many logs. We, of course, have to investigate first and try to solve the problem ourselves.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I've worked with Kaspersky. They are a similar solution. I've also used Microsoft Defender, which is also very similar. We do use a lot of Microsoft products, and Defender is readily available everywhere. They are the market leaders right now. Their software has very good integration across the whole Microsoft product offering. CrowdStrike, however, we have high trust with, as they are focused specifically on security, unlike Microsoft. CrowdStrike offers updates quicker than Microsoft or other services.
How was the initial setup?
The initial setup is a very fast process. Cloud solutions are fast to set up. They just give you access to their cloud and they have an API integration. It will be up and running within a few minutes.
What's my experience with pricing, setup cost, and licensing?
The tool is very expensive. It's similar to Microsoft Defender. That said, it's not overpriced. It's worth it for the level of security. We need it for our company.
What other advice do I have?
I'd rate the solution nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Updated: September 2025
Product Categories
Extended Detection and Response (XDR) Security Information and Event Management (SIEM) Endpoint Protection Platform (EPP) Threat Intelligence Platforms Endpoint Detection and Response (EDR) Attack Surface Management (ASM) Identity Threat Detection and Response (ITDR) AI-Powered Cybersecurity PlatformsPopular Comparisons
Microsoft Defender for Endpoint
Fortinet FortiEDR
Splunk Enterprise Security
Microsoft Sentinel
Darktrace
SentinelOne Singularity Complete
IBM Security QRadar
Microsoft Defender XDR
HP Wolf Security
Cortex XDR by Palo Alto Networks
Fortinet FortiClient
Elastic Security
WatchGuard Firebox
Trellix Endpoint Security Platform
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I would like to compare CrowdStrike and Carbon Black. On what basis should I decide?
- What is the biggest difference between Carbon Black CB Defense, CrowdStrike, and SentinelOne?
- What do you recommend to choose when replacing Symantec EDR: SentinelOne or CrowdStirke Falcon?
- What is the biggest difference between CrowdStrike and Cylance?
- CrowdStrike Falcon vs Microsoft Defender ATP: Comparison of features and performance
- Is Crowdstrike Falcon better than Trend Micro Deep Security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which solution do you prefer: CrowdStrike Falcon or SentinelOne Singularity Complete?
- How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?