CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.
| Type | Title | Date | |
|---|---|---|---|
| Category | Extended Detection and Response (XDR) | Jun 2, 2025 | Download |
| Product | Reviews, tips, and advice from real users | Jun 2, 2025 | Download |
| Comparison | CrowdStrike Falcon vs SentinelOne Singularity Complete | Jun 2, 2025 | Download |
| Comparison | CrowdStrike Falcon vs Microsoft Defender XDR | Jun 2, 2025 | Download |
| Comparison | CrowdStrike Falcon vs Trend Vision One | Jun 2, 2025 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Microsoft Defender for Endpoint | 4.1 | N/A | 94% | 197 interviewsAdd to research |
| Wazuh | 3.7 | 12.4% | 79% | 46 interviewsAdd to research |
CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure comprehensive endpoint visibility and rapid response times. Users appreciate the lightweight agent and seamless deployment process, along with detailed reporting features. Integration with security tools and efficient customer support are essential features.
What are the key features of CrowdStrike Falcon?
What are the benefits or ROI of CrowdStrike Falcon?
In industries like finance, healthcare, and retail, CrowdStrike Falcon is often used for critical security due to its robust threat detection capabilities. Financial firms value its rapid response and detailed reporting for compliance, while healthcare providers appreciate the minimal system performance impact. Retailers benefit from its comprehensive endpoint visibility and integration with other security tools.
CrowdStrike Falcon was previously known as CrowdStrike Falcon, CrowdStrike Falcon XDR, CrowdStrike Falcon Threat Intelligence, CrowdStrike Identity Protection, CrowdStrike Falcon Surface.
We use Falcon to investigate threats and reduce risks in our environment. It covers multiple departments within the same building and company. All units are attached to one controller, so we can manage them from one point.
We can implement different kinds of policies on sensitive data for various departments. For example, I can limit how data can be changed if I'm dealing with financial data. It's the same for production or logistics. We can set rules for data sharing and access because some departments need to share data with customers.
CrowdStrike's AI-driven analytics have improved our security considerably. It's sharing information from across the infrastructure and applying machine learning to prevent issues. This is a powerful, proactive approach to cybersecurity. It takes action in time to prevent the problem, so we don't need to remedy it after the fact. Sometimes, by the time you take action, it's already too late.
Before deploying Falcon, I would avoid taking action due to potential risks. With CrowdStrike, I don't worry about recovering data, so I can focus on preventing situations. In two years, I have never had that problem. When I look at the platform, I can see all the notifications and the actions taken. I can see how potential attacks can possibly reach the server and create a significant incident. Thus, I can directly measure the quality of the service.
Falcon is easy to integrate with our infrastructure because we can control the entire network through our fiber router and switch. CrowdStrike can interface with all devices easily and provide integrated security. Falcon gives you greater control without any problems.
The agent will recognize issues immediately, and we can follow up to create a plan for if this problem reappears or is still present on the infrastructure. Falcon enables instant remediation. It doesn't take two or three days. It's in real-time.
Falcon has the capacity to identify potential problems quickly. The administrator can deploy the agent, and the users cannot change it. This assures you that the agent remains on this device. Also, the agent can act preemptively to provide alerts about potential problems.
When there's a problem, you can follow the rules. For example, you can put a file that might be infected into quarantine or lock the device, preventing it from propagating the threat to other devices or networks. The agents are collecting information and feeding that back into the CrowdStrike platform, so you have 24/7 control and visibility.
Falcon's deep learning capabilities are flexible and work across multiple operating systems. You can control everything from the same place, whether you're dealing with a Windows, Linux, or Mac device. You can define your policies precisely and decide how you want the platform to respond in any situation.
CrowdStrike's AI approach is interesting because it improves the capacity to correlate information based on all the deployments on devices worldwide. It analyzes this data to identify something anomalous that could potentially be a problem in your environment. Falcon can isolate the issue to determine if it's a real threat. You will get an email saying the platform has identified a potential problem they are investigating.
Falcon explains the steps they are taking. After the issue has been resolved, you will get another message showing CrowdStrike's analysis and evidence that the problem is now under control. I get about 20 emails from CrowdStrike daily.
I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time.
We have used Falcon for two years.
I rate CrowdStrike support 10 out of 10. They have one of the best teams that I've worked with. They're very fast and professional, with a high level of skill and knowledge.
Positive
I previously used Sophos. It's a good solution that works well with other Sophos infrastructure, like firewalls, etc. For example, if the firewall is from Sophos, it can interact with the software to identify a problem. However, CrowdStrike is more powerful when using hardware from different vendors. It doesn't rely on specific hardware because it works with an agent, so you're more flexible and less constrained.
Overall, Falcon is more powerful than other solutions. It is light on resource consumption. It has a minimal effect on the client when you have installed the system because everything is controlled by our cloud platform where you can see the portfolio of devices.
The installation was quite easy. The platform is based in the cloud, but you need to download agents based on your operating system. After you install the agents, you only need to configure the various devices on the cloud platform. CrowdStrike's platform is managed by the vendor. You can log in and manage your portfolio of devices and define your policy or apply profiles to groups of users and devices.
We feel like Falcon is worth what we pay. The cost of the solution is minimal compared to restoring data from a potential attack.
Falcon's price is accessible, and it's a good value for the level of quality we get. We don't have any objections based on the cost, and we understand that you will pay more for an enterprise solution. There is no objection to the cost. It's appropriately priced for the service that we receive.
I rate CrowdStrike Falcon 10 out of 10.
