Khushru_Mistry - PeerSpot reviewer
CTO at GM Modular
Real User
The integration is flexible, helps identify required patches, and excels in external media control
Pros and Cons
  • "The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
  • "If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products."

What is our primary use case?

CrowdStrike Falcon is our platform for IT security, encompassing endpoint security, cloud security, and EDR capabilities.

How has it helped my organization?

CrowdStrike protected us from a cyberattack. That's why I believe it's a very effective product. It's already prevented attacks on 2 occasions. It successfully quarantined suspicious files, essentially making our organization much safer.

We also leverage CrowdStrike Falcon Overwatch, a managed threat-hunting service offered by CrowdStrike. This service complements CrowdStrike's EDR functionality, which provides automated detection and response capabilities against external attacks. In our case, CrowdStrike successfully identified and automatically contained a cyberattack launched against our organization.

Our CrowdStrike Falcon integration with our SIEM is proving to be flexible.

What is most valuable?

The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition. It also excels in external media control, particularly USB access. The ability to disable USB access to flash drives significantly improves security.

Furthermore, Falcon helps identify patches needed for Windows, Mac, and other operating systems. This provides valuable reports and insights into our system vulnerabilities, allowing us to proactively address them.

What needs improvement?

If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products.

Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

For how long have I used the solution?

I have been using CrowdStrike Falcon for 2 years.

What do I think about the stability of the solution?

I would rate the stability of CrowdStrike Falcon 8 out of 10.

What do I think about the scalability of the solution?

We've deployed CrowdStrike Falcon across all 3,000 of our endpoints, and it has demonstrated excellent scalability. Therefore, scalability is not a concern for CrowdStrike in terms of performance or its ability to handle growth.

I would rate the scalability a 9 out of 10.

How was the initial setup?

The deployment was straightforward, taking 2 months for 3,000 endpoints. We implemented it directly where needed. The process was simple and easy. We believe this approach offers advantages due to its lower complexity compared to other methods. Careful planning was essential, and with a clear plan for sensor installation, we were able to execute the deployment successfully.

What about the implementation team?

While a third party handled the implementation, the OEM provided us with direct training on Falcon alongside CrowdStrike.

What was our ROI?

CrowdStrike Falcon has demonstrably provided a positive return on investment. We've already encountered two specific instances where, without CrowdStrike, the company would have faced millions in damages. In one case, we would have likely lost our entire SAP system.

What's my experience with pricing, setup cost, and licensing?

The pricing of CrowdStrike Falcon is competitive.

Which other solutions did I evaluate?

After evaluating SentinelOne, we found CrowdStrike to be a superior solution. CrowdStrike offers advantages in dashboard compatibility and a feature called Overwatch, which gives it a competitive edge.

What other advice do I have?

I would rate CrowdStrike Falcon 8 out of 10.

CrowdStrike Falcon is deployed in multiple branches across India.

No maintenance is required from our end.

I recommend CrowdStrike Falcon. It is not a solution we need to think twice about using.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Jawaria Abbas - PeerSpot reviewer
Security Engineer at a computer software company with 201-500 employees
Real User
Top 10
Makes investigation easy and has a lightweight agent
Pros and Cons
  • "The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
  • "The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."

What is our primary use case?

We are using it as an EDR solution for endpoint protection. 

How has it helped my organization?

Everything is changing rapidly nowadays, and new threats can come into the organization from any source. I have found this product to be very useful. 

If I want to drill down into an unusual activity or something else, I can do that. I can go deep into what processes were involved, what network operations were involved, and what unauthorized users wanted to do. I can see how CrowdStrike processed and blocked the operation. The investigation is very easy for me. I can go to the tree level and see what is going on. It is very useful.

What is most valuable?

The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that. In my previous experience, when anything was getting scanned, our PCs would become slow. Users would complain about PCs getting slow. This is a positive point of CrowdStrike Falcon.

What needs improvement?

The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that.

I have some concerns about their support. I am not happy or satisfied with their support. Something happened, and we opened a ticket. Their support engineer just vanished, and after a month, he came back and told us that he was off work and could not pursue the ticket. He said that he now has the time, but logs are gone because there is a time limit. We were asked to repeat the test. This is very unusual for me. 

For how long have I used the solution?

In my organization, we have been using it for the last one and a half years. I have been using it for the last two to three months because I recently joined the organization.

What do I think about the stability of the solution?

From my understanding and observation, it is a stable product, but I have been using this product only for the last two to three months. I am just in the learning phase.

What do I think about the scalability of the solution?

We have almost 3,000 users using this solution. 

How are customer service and support?

I would rate CrowdStrike's support team a three out of ten. Their support is unacceptable for us. We are doing some testing ourselves. When we found an issue where CrowdStrike should have blocked something but did not, we opened a ticket with CrowdStrike. They tried to communicate with us and looked at the files that we shared. We had updated signatures, and we shared with them the SHA values, but after that, they suddenly vanished. Just two days ago, I got an email from them that the engineer was on leave and he is back now. They asked us to perform the activity again, which is unacceptable.

When any issue happened with Symantec, we opened a ticket, and they would accept their mistake if something was not caught by Symantec. They would then update the definitions and send us the latest updates. This is the way to work on the latest technology trends.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

I have experience with Symantec endpoint protection. As compared to Symantec, CrowdStrike is a very good product. I have also worked with Microsoft Defender.

What other advice do I have?

Every product has some advantages and disadvantages. I have worked with Microsoft Defender and Symantec, and now, I am working with CrowdStrike. Every organization's needs are very different. It depends on what the organization wants. For example, the security requirements of the banking sector are very high. The banking sector has different requirements, the retail sector has different requirements, and a software development organization has different requirements. An organization should weigh the pros and cons and decide based on the requirements.

Overall, I would rate CrowdStrike Falcon an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Nakul Chopra - PeerSpot reviewer
Owner at IT Solution
Reseller
Top 5Leaderboard
Good detection and performance and uses very few resources
Pros and Cons
  • "It is an easy product to deploy."
  • "We can't do scanning audits or device blocking or application control."

What is our primary use case?

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

What is most valuable?

The solution offers a very low footprint and provides very good protection. 

The resources that it uses are much lower than any other EDR or antivirus solution. The amount of RAM that it uses and the CPU that it uses are much lower than the other antivirus solutions.

It is an easy product to deploy. 

We've found the product to be scalable. 

It is stable and reliable. 

What needs improvement?

We can't do scanning audits or device blocking or application control. There are traditional antivirus features missing in XDR, and that is an issue. 

For how long have I used the solution?

I've been using the solution for 15 months. 

What do I think about the stability of the solution?

It is a very stable solution. There are no bugs or glitches, and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

We have 55 people currently using the solution. 

This is a scalable product.

How are customer service and support?

We have yet to contact technical support. I can't speak to how their services are. 

Which solution did I use previously and why did I switch?

We were using another antivirus previously. However, it was heavier. We liked how this solution used much fewer resources and the fact that we didn't need to update our machines. 

How was the initial setup?

The solution is simple to set up and deploy. It's cloud-based, which makes everything easy. It is already configured; you just need to prepare it on the endpoint. 

You can deploy the solution within a day. 

What's my experience with pricing, setup cost, and licensing?

We are a partner and therefore get the solution for free. 

What other advice do I have?

We are Crowdstrike partners. 

I'm not sure which version of the solution I'm using; however, it is likely the latest. 

From the theoretical perspective, it's a good product. They just need more features. You can't just replace an antivirus with it; you first need to ensure it's covering all of your requirements.

I'd rate the product nine out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: partner/customer
PeerSpot user
Krishna .R - PeerSpot reviewer
Cyber Security Regional Head at a computer software company with 1,001-5,000 employees
Real User
Cyber security and protection solution with powerful EDR and XDR features that offer return on investment
Pros and Cons
  • "The EDR and XDR features have been most valuable."
  • "For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."

What is our primary use case?

We use this solution for next generation anti-virus protection and detection. We are a premium partner of Crowdstrike. 

What is most valuable?

The EDR and XDR features have been most valuable.

What needs improvement?

For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible.  

For how long have I used the solution?

I have been using this solution for two years. 

What do I think about the stability of the solution?

This is a stable solution. I would rate it a five out of five. 

What do I think about the scalability of the solution?

This is a scalable solution because it is cloud based. 

How are customer service and support?

If customers want technical support, they need to subscribe to a special service that they need to pay for. When it comes to CrowdStrike, customer use the different support services as per their needs. By default, they don't provide the telephonic support.

I would rate the support a four out of five.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is very straightforward and required two people. I would rate it a four out of five. It take approximately one week to set up. 

What was our ROI?

We receive good ROI when using this solution. I would rate it a four out of five. CrowdStrike offers a breach warranty which greatly reduces risk for customers. 

What's my experience with pricing, setup cost, and licensing?

When it comes to licensing, customers can choose a bundle or select licences based on the specific features they would like access to. This solution comes with premium pricing. It is approximately 20 to 30% more expensive than competing solutions. 

I would rate the pricing a three out of five. 

What other advice do I have?

I would advise others to tell their customer upfront that staying connected to the internet is very critical to the use of this cloud based solution. 

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Pre-Sales Engineer at EliteVAD
Real User
Light with good detection capabilities and able to expand
Pros and Cons
  • "The stability is very good."
  • "The pricing is a bit too high."

What is our primary use case?

We primarily use the solution for antivirus and endpoint security.

What is most valuable?

I like its detection capabilities, number one. It's also very light. It doesn't slow down my machine.

The solution is stable.

It's quite scalable. 

What needs improvement?

The pricing is a bit too high. They need to adjust their target market.

I'd like to see a risk assessment or vulnerability management feature to show the company risk factors for the endpoints that have Crowdstrike deployed. 

I'm not sure if they offer patch management. If they don't, they really should. For larger enterprises, managing all those endpoints and trying to figure out which needs a patch can get tedious.

For how long have I used the solution?

I've used the solution for a few months. We're still in the initial engagement.

What do I think about the stability of the solution?

The stability is very good. I can't complain about it. The only concern would be pricing. For this market, it's mostly SMEs and mid-market that we would target, and many would be those looking for antivirus or endpoint security.

What do I think about the scalability of the solution?

The product is scalable. We have about 15 people working on it right now. 

How are customer service and support?

We just went through training and were able to do most things ourselves. We haven't needed technical support.

Which solution did I use previously and why did I switch?

I'm also working with Bitdefender. 

I switched companies. My previous company was using Crowdstrike and my new one is on Bitdefender. It uses multiple Bitdefender products.

What's my experience with pricing, setup cost, and licensing?

They do have relatively high pricing. 

The target market is large enterprises. Maybe they could work on something that can be offered to even small and medium markets.

I was working for a vendor, and we were sharing pricing with a large enterprise, and it was around $800,000 USD or thereabout.

What other advice do I have?

I was a Crowdstrike partner and was working with the vendor. I've since changed jobs. 

Whether or not it makes sense to use the solution depends on your budget and your pocket. The features are pretty similar to other options. Whether or not it makes sense to use depends on what you're looking for in endpoint security.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
IT Consultant at a comms service provider with 5,001-10,000 employees
Consultant
Top 20
Provides real-time monitoring and response to security incidents
Pros and Cons
  • "The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models."
  • "There is room for improvement in managing multiple customer IDs."

What is our primary use case?

We use CrowdStrike Falcon mostly for EDR.

How has it helped my organization?

We implemented CrowdStrike Falcon to gain better control over our endpoints, servers, and work sessions. Unlike traditional antivirus programs, Falcon's sophisticated features allow us to comprehensively manage and enhance security, providing a more robust solution for our specific needs.

In the past year, Falcon has significantly improved our organization's security by consolidating endpoint management. With a single call to Falcon, we can oversee all endpoints, eliminating the need for multiple platforms and streamlining our security operations for better efficiency and awareness.

What is most valuable?

The most valuable feature of CrowdStrike Falcon for me is its unified sensor, applicable across all models. This consistency simplifies operations, and while the analytics and server capabilities are significant, having a single sensor for all models stands out as the key advantage in managing security effectively.

What needs improvement?

There is room for improvement in managing multiple customer IDs. Enhancements in the console web for better control and customization of sensor features would be valuable to ensure a smoother experience in handling various customer IDs and installations.

For how long have I used the solution?

I have been using CrowdStrike Falcon for about a year.

What do I think about the stability of the solution?

I have not had any stability issues with CrowdStrike Falcon.

What do I think about the scalability of the solution?

I would rate the scalability of CrowdStrike Falcon as a ten out of ten.

How are customer service and support?

The technical support is not very good. I would rate it as an eight out of ten. One improvement could be reducing the response time for cases, as waiting two or three days, even for less critical issues, can be a bit long. Additionally, a better feedback loop on submitted ideas would enhance the efficiency of communication with the product group, providing more clarity on whether proposed features or versions will be considered.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before Falcon, we used Trellix. We switched to Falcon for enhanced security, moving beyond just antivirus protection. Falcon provides more advanced features and a comprehensive security solution.

How was the initial setup?

The deployment of Falcon was relatively easy, with no major issues except occasional misconfigurations on the filter. The process for individual work sessions is fast, taking around a few minutes, but for servers, it requires more time due to the need for antivirus removal and sensor replacement, involving server restarts. Overall, the deployment time depends on the scope, ranging from minutes for work sessions to more extended periods for servers.

What other advice do I have?

At the moment, we have around twenty thousand users in our environment. Our setup spans multiple locations, mainly in Portugal, and we operate on various operating systems, including Mac, Linux, and Windows.

Falcon, being a SaaS product, doesn't require maintenance on our end. Updates are needed for servers, but they can be easily managed through the web interface without causing any inconvenience for us.

I would recommend conducting a proof of concept with CrowdStrike Falcon before making a decision. While the product has strengths, I would advise new users to address questions and doubts directly with the product team, especially when seeking new features or improvements. Ensure there is a clear communication channel for feedback and inquiries. Overall, I would rate CrowdStrike Falcon as a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
Security Analyst at a insurance company with 1,001-5,000 employees
Real User
Top 20
Used few system resources, can easily isolate infected machines, and add modules
Pros and Cons
  • "I like the feature called RTC, the remote time connector."
  • "I have worked with their technical support on several problems that were never fully resolved."

What is our primary use case?

We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.

Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.

What is most valuable?

I like the feature called RTC, the remote time connector. It allows us to connect to a computer via the command line and execute commands for various functions and investigations. This eliminates the need for any additional programs. We can launch the connection and its subcommands from a single console.

The containment feature is another valuable tool. It allows us to isolate any machine exhibiting suspicious behavior or facing a detected threat. Once activated, containment immediately severs the machine's network connection and blocks user access.

What needs improvement?

Despite implementing tuning rules specifically designed to address them, we are still encountering a significant number of false positives. This issue persists even after collaborating with their support team to find a solution.

I have worked with their technical support on several problems that were never fully resolved.

For how long have I used the solution?

I have been using CrowdStrike Falcon for three years.

What do I think about the stability of the solution?

While we encountered some bugs with on-demand scanning, the overall performance and stability of the system are positive. CrowdStrike Falcon is less resource-intensive than our old McAfee solution, which often led to performance complaints due to its high memory consumption.

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable. Adding new features or licenses to CrowdStrike Falcon is seamless, with no disruption to our system's performance. Installing new modules is easy because it uses the same sensor.

How are customer service and support?

While I've found screen sharing helpful with other support teams, CrowdStrike's technical support has never proactively suggested it. Instead, they've always initiated contact by calling me back after I submitted a ticket. We recently offered to screen share, but it seems it's not their preferred method. The support is good but it is not the best I have used.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we utilized Carbon Black for our endpoint security needs. However, we transitioned to CrowdStrike for several compelling reasons. As a prominent market competitor with widespread adoption among organizations, CrowdStrike offered a robust platform capable of meeting our evolving security requirements.

The 2021 incident further underscored the importance of robust security tools. CrowdStrike's capabilities proved invaluable in navigating the aftermath and instilled confidence in its continued effectiveness for future challenges.

Beyond its proven track record, CrowdStrike seamlessly integrates with our existing security ecosystem. The platform's comprehensive feature set simplifies endpoint management from a centralized console. Additionally, its granular telemetry across various modules provides invaluable insights during incident detection, enabling us to gather holistic information from each affected machine.

Furthermore, CrowdStrike consolidates our security stack by encompassing next-generation firewalls, endpoint detection and response, and real-time endpoint scanning, eliminating the need for separate solutions like McAfee. This streamlined approach enhances operational efficiency and simplifies security management.

How was the initial setup?

The initial deployment presented some challenges due to the need to install the solution on all machines. This phase, requiring careful coordination among ten people over several weeks, involved connecting all the computers to the network. However, once this foundation was laid, the subsequent rollout proceeded smoothly.

What about the implementation team?

The implementation was completed in-house by our people.

What was our ROI?

The return on investment is evident in the enhanced security posture achieved through continuous monitoring and immediate isolation of compromised machines. This proactive approach not only mitigates risk but also provides significant peace of mind for our team, alleviating concerns and optimizing their performance.

What's my experience with pricing, setup cost, and licensing?

While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours.

What other advice do I have?

I would rate CrowdStrike Falcon a nine out of ten.

CrowdStrike Falcon is a great tool. Investing in proper training on the CrowdStrike Falcon platform is highly recommended for any organization seeking to maximize its potential and avoid navigation struggles within the console. However, it's important to note that effective utilization of Falcon without CrowdStrike's managed services necessitates the formation of a dedicated team responsible for managing the solution. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
PeerSpot user
AVP of Tech at a insurance company with 201-500 employees
Real User
Top 10
Integrates well with Arctic Wolf, simple to set up, and offers excellent pricing
Pros and Cons
  • "Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
  • "They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."

What is our primary use case?

We use this product as an antivirus. We use it as an add-on for Arctic Wolf, which it integrates with. 

What is most valuable?

The solution integrates well with Arctic Wolf. 

Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue.

It's very scalable.

The stability is excellent.

I'm very impressed by its low pricing.

The initial setup was simple, and the deployment was fast.

What needs improvement?

I do not have any notes for improvement. It just works. 

They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution. 

For how long have I used the solution?

I've been using the solution for five years. 

What do I think about the stability of the solution?

The product is rock solid. I've never had an issue with stability. It is reliable and the performance is good. There are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

The product is very scalable. You can extend it as needed.

We have between 220 and 300 users at this time. 

How are customer service and support?

I've never dealt with technical support. 

Which solution did I use previously and why did I switch?

We had multiple other antiviruses, including Norton, Avast, and Defender. We chose Falcon due to its Arctic Wolf integration. 

How was the initial setup?

The initial setup was very easy.

We did not need a lot of people to set it up. It took a couple of people and less than five hours to have everything up and running. 

No maintenance is required. 

What's my experience with pricing, setup cost, and licensing?

The licensing is very low. It's quite affordable. 

What other advice do I have?

The solution is excellent. I'd advise people that if they have Arctic Wolf, they'll have an easy time.

I'd rate the solution ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.