CrowdStrike Falcon OverviewUNIXBusinessApplication

CrowdStrike Falcon is the #1 ranked solution in top Threat Intelligence Platforms, #2 ranked solution in endpoint security software, #2 ranked solution in top Anti-Malware Tools, and #2 ranked solution in EDR tools. PeerSpot users give CrowdStrike Falcon an average rating of 8.8 out of 10. CrowdStrike Falcon is most commonly compared to Microsoft Defender for Endpoint: CrowdStrike Falcon vs Microsoft Defender for Endpoint. CrowdStrike Falcon is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
CrowdStrike Falcon Buyer's Guide

Download the CrowdStrike Falcon Buyer's Guide including reviews and more. Updated: December 2022

What is CrowdStrike Falcon?

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. 

Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

Request a free trial here: https://go.crowdstrike.com/try-falcon-prevent

CrowdStrike Falcon was previously known as CrowdStrike.

CrowdStrike Falcon Video

Archived CrowdStrike Falcon Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Chief Information Security Officer at a hospitality company with 5,001-10,000 employees
Real User
Stable and easy to set up, and has reduced our need to re-image machines
Pros and Cons
  • "The most valuable feature is that we don't need to re-image machines as much as we had to."
  • "They need to strengthen the forensic capabilities of this product, for e-discovery."

What is our primary use case?

We have various use cases. We are protecting servers and endpoints that are utilizing this product to focus on advanced, persistent threats, with the goal of reducing the overhead on the endpoint for early detection.

Right now, we have not put enforcement, and we're moving to the next level of detection.

How has it helped my organization?

Using this solution has reduced my need for imaging. We can mitigate the issue and address it immediately, for people both on and off of the network.

What is most valuable?

The most valuable feature is that we don't need to re-image machines as much as we had to.

What needs improvement?

They need to strengthen the forensic capabilities of this product, for e-discovery.

Buyer's Guide
CrowdStrike Falcon
December 2022
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.

For how long have I used the solution?

We started testing and deploying CrowdStrike Falcon about a year and a half ago, in the early part of 2019.

What do I think about the stability of the solution?

In terms of stability, it's a great tool.

What do I think about the scalability of the solution?

At this time, we have between 5,000 and 6,000 endpoints.

How are customer service and support?

We have been in touch with CrowdStrike technical support and they have been very supportive.

Which solution did I use previously and why did I switch?

Prior to CrowdSrike, we used a signature-based solution from Symantec.

How was the initial setup?

The initial setup was very straightforward and very easy. We've been bringing stuff into the SWOT platform and getting that data. It has been pretty good.

What about the implementation team?

The implementation was done in-house. We had, in part, help from a strategic partner, EY.

Which other solutions did I evaluate?

CrowdStrike is what we did for the time and for the moment. It is number two when you look at the magic quadrant, and we have implemented that for the time being. When we selected it, that was right for us to get away from a Symantec signature-based environment for endpoint detection response.

We have moved over to CrowdStrike for now. When you look at the quadrant, the number one is Microsoft. With Defender built into the operating system, there is less overhead on the endpoint. We will eventually, most likely, migrate to that.

I have experience with Cylance, as well. They gave that the advanced persistent threat leader title, at one point in the market. I implemented that for one client and now, being in this CISO role, I went with CrowdStrike over Cyberreason and Cylance/Blackberry. The main reason for CrowdStrike is the Falcon technologies and what they do with their strategy.

We're moving to Office 365, and it will make sense for me to adopt Microsoft Defender because it's integrated into the platform. One of the differences between Defender versus CrowdStrike or any other of them is that they have to sit outside. Microsoft Defender can go deep down into the kernel, and that's a good thing for the endpoint. You can do a lot and detect a lot, which makes it far safer against advanced persistent threats.

What other advice do I have?

Overall, this product has been pretty good and I recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr Network Administrator at a construction company with 501-1,000 employees
Real User
Offers good insights when it has a detection
Pros and Cons
  • "It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
  • "I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."

What is our primary use case?

Our primary use case is for endpoint protection.

How has it helped my organization?

When we have detections, I get insight into the top-down view of where it thinks it saw the problem and what triggered the detection. This allows us to have insight into what it thinks it is compared to what could have we have really been doing.

What is most valuable?

It seems to do a pretty good job of protecting the host. Gives good insights when it has a detection. It's pretty incredible.

For how long have I used the solution?

I have been using CrowdStrike Falcon for six months.

What do I think about the stability of the solution?

So far, it's been 100% stable. Besides the very lightweight agent, it's all Cloud-based, so I haven't had any downtime.

What do I think about the scalability of the solution?

Scalability is super easy. The deployment was easy. It's all price based. Money is the biggest challenge, not deploying it. It requires one system engineer. 

We have around 400 users. There are five of us who manage it, including the help desk, system engineers, and the director.

How are customer service and technical support?

We haven't needed to contact support yet. 

Which solution did I use previously and why did I switch?

We previously used Cylance. We switched because they weren't innovative. It was the same product that we bought three years ago. They were a great product and they had a job and they did it well. They just didn't ever innovate and they never improved. It's the same products we bought for the same three years. CrowdStrike was more innovative and it seemed to be a better long-term product. They seem to be improving constantly.

How was the initial setup?

The initial setup was very easy. The deployment took about 60 days. We had a few methods of deployment. We did a push method. We had an agent tell all the machines that we were able to script it and push the apps to that.

What about the implementation team?

We used the project management of CrowdStrike's themselves for the deployment. They were really good. 

What was our ROI?

We haven't had any outages based on malware or ransomware. I can't put numbers to it, but not having that kind of an outbreak definitely has an ROI attached to it.

Which other solutions did I evaluate?

We looked at a few other solutions but the main competitor was Carbon Black. 

What other advice do I have?

I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
CrowdStrike Falcon
December 2022
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
655,994 professionals have used our research since 2012.
Head Of Infrastructure at a insurance company with 201-500 employees
Real User
Provides reliable detection that protects our endpoints and servers
Pros and Cons
  • "The detection is very reliable. Also, OverWatch is a great feature."
  • "The Integration with tools, SOC tools, could be better."

What is our primary use case?

We use CrowdStrike Falcon to secure the endpoints and servers that we have on-premise.

What is most valuable?

The detection is very reliable. Also, OverWatch is a great feature.

What needs improvement?

The reporting part is basic. It's not that intuitive and you cannot go further backward in terms of historical information.

The Integration with tools, SOC tools, could be better. 

For how long have I used the solution?

I have been using CrowdStrike Falcon for two years, more or less.

What do I think about the stability of the solution?

The stability is good, it's compatible with most of our platform. The agent upgrade could be better, but it's more or less aligned with the platforms. We also use Mac OS on some endpoints. Mac is not always the reflection of the agent that is the latest.

What do I think about the scalability of the solution?

We haven't experienced any issues relating to scalability.

How are customer service and technical support?

Their customer support is good. I've always gotten the answers that I needed timely and with the content I needed.

How was the initial setup?

The initial setup was a bit complex, but that was due to our environment. In the beginning, we used the outdated VDI infrastructure of Citrix, but we have since evolved along the way and now it's straightforward; however, in the beginning, it was a bit difficult to get the CDI working properly, deploying the agents. 

Deployment time varies, but for most endpoints, it only takes a few minutes.

What's my experience with pricing, setup cost, and licensing?

The price is too high. When we are reaching a new renewal, management always asks what's going on in the market.

What other advice do I have?

For the purpose of starting, yes, it's a very good solution, but you need to take two things into consideration: proper alignment with the infrastructure and the price. The price negatively affects the adoption of this solution.

On a scale from one to ten, I would give this solution a rating of eight — because of the price and reporting.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
Provides instant visibility and protection across an organization
Pros and Cons
  • "It's given me a level of confidence that my network is secure."
  • "CrowdStrike Falcon by itself does not supply in-depth reporting."

What is our primary use case?

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

How has it helped my organization?

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

What is most valuable?

Falcon Protect looks at processes and issues in real-time.

What needs improvement?

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

For how long have I used the solution?

I have been using CrowdStrike Falcon for the past year and a half.

What do I think about the stability of the solution?

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

How are customer service and technical support?

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

Which solution did I use previously and why did I switch?

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

How was the initial setup?

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

What's my experience with pricing, setup cost, and licensing?

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

What other advice do I have?

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
Offers a cloud-based option and has good stability
Pros and Cons
  • "The stability is good; we haven't experienced any glitches or bugs."
  • "The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."

What is most valuable?

I like that it's cloud-based instead of on-premise.

What needs improvement?

I miss a feature for the USB control that they have as an add-on. I haven't gotten to the point where I want to pay for it, but the features that I miss are available.

The biggest issue with Falcon as a standalone product is it doesn't have very much reporting.
Out of the box, the only weakness is the level of reporting.

All the analytics and the telemetry are there, it's just a matter of getting to it. Other vendors offer some of that stuff right out of the box.

CrowdStrike Falcon has been very low maintenance. There are features on it that I haven't touched yet. I've got a SIEM that I haven't really had time to explore fully. I have a patch management system that does what it does. I have a firewall and IDS that do what they do, and I have an endpoint security system that does what it does.

MSPs keep asking how one person can keep up to the different solutions and alerting, if you don't have any problems, then it's pretty easy to keep up. Everything does what it does.  I don't experience any of the issues that apparently a lot of people have on their network. How can I tell you what to improve if it's doing what it's supposed to do? 

For how long have I used the solution?

I have been using CrowdStrike Falcon since June of 2019. 

What do I think about the stability of the solution?

The stability is good; we haven't experienced any glitches or bugs.

What do I think about the scalability of the solution?

We're a small company so the scalability is fine for us.

How are customer service and technical support?

I don't have to talk to their technical support often. When I need help, I contact them by email.  Sometimes it takes a little while to get through to them, but otherwise, when they respond the issue is resolved. Not a real concern. 

Which solution did I use previously and why did I switch?

We had Vipre business on-premise, the product was being discontinued and I wanted to move away from an on-premise solution.  At the time Vipre did not seem to be quite as mature as other options.  I understand that they have improved quite a bit since I looked at them last.

How was the initial setup?

The initial setup was straightforward. Initial agent deployment took roughly 15 minutes.  SIEM integration required some coordination between vendors, but was relatively uneventful when support teams were involved.

What's my experience with pricing, setup cost, and licensing?

Licensing cost is negotiable. There are no additional costs.

On a scale from one to ten, I would give this solution a rating of nine. I'm sure there's always something that can be improved.

Which other solutions did I evaluate?

We evaluated Vipre, Carbon Black, and a few others.

What other advice do I have?

There are half a dozen players out there that are the best of the breed. Pick one.

When it came to CrowdStrike versus Carbon Black, configuration and setup were deciding, driving factors. CrowdStrike was much easier to configure, but overall, is it better or worse? I can't make that judgment call.

All I know is what I've been told by other vendors that are trying to get my business. They tell me about issues that I've never encountered with the products that I have. In summary, take what a vendor says about another vendor's product with a grain of salt.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Tom Smolinsky - PeerSpot reviewer
Executive Technology Advisor at Vitso
Real User
Good UI, performance, integration, and alerting
Pros and Cons
  • "The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
  • "I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it."

What is our primary use case?

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

How has it helped my organization?

I was able to look through some rapid analysis when bad things happen. More so than having to get, especially in the distributed world of post-COVID, being able to have a central place to be able to see what's going on, on the landscape of endpoints at any given time.

What is most valuable?

The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system. What does it usually do, and is it doing anything differently?

The UI is great, and the performance was great. The way it gathers and presents the information was very good and it integrates well with things with a central log aggregator, such as Splunk. You can do more big data analytics that includes security. It seems to be fully featured in all of those areas.

What needs improvement?

I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it. It's got a pretty good engine to do that on its own but it's one of the things that are important to us, so I'm just trying to increase the time-to-issue identification.

By comparison to buying into the Microsoft suite, it was definitely less costly. CrowdStrike can be costly.

For how long have I used the solution?

I have had this solution for approximately three years.

What do I think about the stability of the solution?

It seems stable. The performance is good.

What do I think about the scalability of the solution?

It's a scalable solution. They are running 1400 endpoints on it right now, and it seems to be fine.

There is only one person working at it right now and they are the security engineer/operator.

If you look at how they spend their day, a tool like that does a lot with a little and can make a one man band pretty effective or much more effective. It makes the response to an issue right when it happens way more possible with such small security. 

How are customer service and technical support?

We haven't used technical support.

How was the initial setup?

The initial setup was already completed before I started with this company.

What's my experience with pricing, setup cost, and licensing?

When comparing to Microsoft, CrowdStrike Falcon is more expensive.

I'm going by the client and some of the things that are driving their decisions. 

It's typical when Microsoft throws things in and it seems really cheap, even though you're spending a million and a half dollars with them. You may as well increase the value of that million and a half.

My guess is that CrowdStrike is going to maintain parity or stay ahead of Microsoft.

What other advice do I have?

As I came into this organization, they were moving away from CrowdStrike. 

They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. 

They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then.

I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled?

When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. 

I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool.

For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. 

I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Senior Cyber Security Analyst with 1,001-5,000 employees
Real User
Detailed incident reporting, stable, and the technical support team is well trained
Pros and Cons
  • "The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
  • "Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."

What is our primary use case?

The primary use case is digital security investigations using the dashboard.

How has it helped my organization?

Every week, a manager would look at a detailed report to see what kind of CrowdStrike incidents we had.

What is most valuable?

The most valuable feature is the indicator of compromise, which shows you what file was either quarantined or removed. It shows you the malicious files in question, as well as the exact time, the machine, the endpoint, and the host IP address. Everything you need to know is right there in a single dashboard.

What needs improvement?

Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do. It is quite a pricey product.

For how long have I used the solution?

I used CrowdStrike Falcon in my last two cybersecurity jobs, over a period of at least two years.

What do I think about the stability of the solution?

The product is stable as a rock. I have never seen any crashes. When it came to patching updates, we were always notified. It is not Windows-based, but rather Linux or Unix-based. It was more stable than any Windows product.

What do I think about the scalability of the solution?

We had a small shop, so we never had any reason to scale.

How are customer service and technical support?

The technical support is pretty good. They're trained in their product and they have a system in place where if the first line of support does not resolve the issue, they are emailing us directly back and forth, and they'll hand over the problem from one shift to the next.

It is not very difficult to get in touch with the support team, although it does require clearance from whoever handles the money aspect. You have to be really careful because they will charge you fees for any kind of solution that they provide.

I have used them twice, once for each company that I was working for. The first time, we used the CrowdStrike service to do the investigation so that we could focus our time on other products. They have teams that will act like a managed service provider to take care of incidents. We handled major incidents in-house but we let them handle the minor ones.

With the second company, we had to do the investigations as the incidents came in, so it was two totally separate vantage points. Both worked extremely well in both manners and forms.

Which solution did I use previously and why did I switch?

CrowdStrike was already in place before I arrived, at both places where I have used it.

We were also using Carbon Black, as well as other tools, but they were not being used to the same degree. I think that we were using Carbon Black for white-listing applications.

I also spent a lot of time using Nessus, which is a vulnerability scanner. I would look at scans to see what kind of vulnerabilities were present, and patch management updates with other teams.

How was the initial setup?

I was not there for the initial setup, but what I did learn was that the implementation team came in and worked with our engineering team. They set it up and then our team verified that all of the endpoints where there and that we had the visibility we needed for all of the subnets in all of the locations.

When I spoke with my teammate, I was told that it was pretty much straightforward and out of the box. The fact that it is a cloud-based deployment made it easier, too.

What's my experience with pricing, setup cost, and licensing?

Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business. It is not a one-time payment. Any upgrades that you want to do, you're going to have to pay multiple times.

What other advice do I have?

My advice for anybody who is implementing CrowdStrike Falcon is to get in touch with the vendor and then follow best practices. They have a lot of documentation and everything is there. For the most part, I would suggest looking at the technical support documentation first and then contacting a representative at the vendor to continue the process.

Most companies have it integrated with the SIEM and with their ticketing system, although I did not use it in that capacity because it costs more money.

Most of the time, you're not going to have to lay a finger. Once it finds an infected file, you might have to reboot the computer if it can't immediately remove it, or other such minor stuff. In general, however, it's never given me any issues and it's never given me a headache. Overall, it's very straightforward and just one tool out of the whole.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Saifuddin Ebrahim - PeerSpot reviewer
Senior System Engineer at a computer software company with 1,001-5,000 employees
Real User
Good threat intelligence with fair pricing and good stability
Pros and Cons
  • "The solution can scale easily."
  • "Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."

What is our primary use case?

We primarily use the solution for threat intelligence.

What is most valuable?

The threat intelligence on offer is the solution's most valuable aspect.

The solution is very stable.

The solution can scale easily.

The pricing is very competitive.

What needs improvement?

The solution overall is a good product, and we don't see too much room for improvement.

Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply.

The solution could use better device control.

For how long have I used the solution?

I believe I've been using the solution for the past three years.

What do I think about the stability of the solution?

The solution is very stable. We don't find there are any bugs or glitches. We haven't had it crash or freeze on us. It's quite reliable.

What do I think about the scalability of the solution?

The scalability of the solution is good. If a company needs to expand out, they can do so easily with this solution.

In our organization, we have about 2,500 people using the solution. We already use the solution at 100% capacity, meaning everyone in the company uses it. If new employees are onboarded, they also use the solution. Chances are, we will increase usage int he future.

How are customer service and technical support?

Technical support could move a bit faster. We find that it takes time - at least a day - to reach support and then get a response. Therefore, we're not completely satisfied with the level of service provided to us. It's an area that could be improved upon for sure.

Which solution did I use previously and why did I switch?

We used to use Carbon Black. We switched due to the fact that this solution offered us better partnership offers.

How was the initial setup?

The initial setup is not complex. It's very, very easy.

You can set up and deploy the product in 30 to 40 minutes. It's straightforward.

You only need a few people to handle deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The price is very reasonable and quite competitive in the market.

Which other solutions did I evaluate?

Before choosing this solution, and switching from Carbon Black, we looked at Endgame and Kaspersky.

What other advice do I have?

We are working with all the versions for the most part, due to the fact that we are partners of CrowdStrike and we position CrowdStrike to our customers. We also use the solution for our company.

I'd recommend the solution to others, however, I would advise that they try it first as a POC so that they can first see the value of the product.

Overall, I'd rate the solution eight out of ten. If technical support could be faster and there was more device control, I would rate the solution higher.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Technical Architect at a consultancy with 10,001+ employees
Real User
An easy to navigate interface and it maintains itself, but the detection capability needs improvement
Pros and Cons
  • "At this point what is most valuable is the interface, which is easy to navigate."
  • "In the six months that I have been using CrowdStrike, it has not been able to detect anything."

What is our primary use case?

The primary use case of this solution is as endpoint detection and response.

What is most valuable?

At this point what is most valuable is the interface, which is easy to navigate.

What needs improvement?

In the six months that I have been using CrowdStrike, it has not been able to detect anything. We have been using Trend Micro and it has detected some malicious activities.

We have CrowdStrike conduct some inner forensic investigations in hopes that it will be more advanced and detect things that may have been missed by Trend Micro.

It would be helpful to have some prebuilt search queries based on the top ten queries in the industry for detection.

For how long have I used the solution?

I have been using CrowdStrike for six months.

It's a SaaS-based solution that maintains itself. It updates automatically so that we are always using the latest version.

It is not like an on-premises solution where you maintain and upgrade the version to get the newest release. It's a cloud service that is maintained by the vendor.

What do I think about the scalability of the solution?

From my understanding, CrowdStrike is scalable as it's a cloud solution. 

This is not an area that we have fully explored as we have less than 20 end-points.

How are customer service and technical support?

There has not been any contact with technical support or community support. I have been able to do what I needed through the documentation provided.

Which solution did I use previously and why did I switch?

We are currently using CrowdStrike, and also running another AV because CrowdStike is not detecting any malicious activities and the other AV is. We are giving it some more time to see if anything happens.

We decided to start using CrowdStrike for our external facing servers because it is the market leader in EDRs. While Trend Micro has an EDR, they call it XPR it is still new to the market.

How was the initial setup?

The initial setup is straightforward, it is easy to install and only took a few minutes.

We have deployed it on our external facing servers.

What's my experience with pricing, setup cost, and licensing?

The pricing could be reduced. If it was more reasonable that would be great.

What other advice do I have?

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sr. IT Support Executive at a hospitality company with 1,001-5,000 employees
Real User
Great online learning and flawless endpoints but takes a while to scan
Pros and Cons
  • "Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
  • "It does take more time to scan than other solutions."

What is our primary use case?

We primarily use the product as a security solution.

What is most valuable?

Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon. 

The machines are flawless. They don't have any issues. There I don't even recognize the machines which are on endpoints. Even when I go to the console to check these machines, they are working on a very good level, even though the wireless migration should detect those aspects. 

The AI features are pretty good.

They've recently introduced more webinars that make remote learning of the solution very easy. For people such as myself, or even a company looking to develop their skillsets and interested in better understanding the cloud, providing good web courses is really helpful.

What needs improvement?

I'm new to the solution. Currently, I'm comparing it to other EDR solutions to see if anything is missing, however, I'm still learning the ins and outs of the product.

It may be due to the fact that I am new, however, I'm having trouble understanding their licensing.

It does take more time to scan than other solutions.

The solution should continue to make the learning curve as short as possible by providing even more training and documentation.

For how long have I used the solution?

I've been working with the solution for two months. I recently joined my company and they mostly prefer using CrowdStrike Falcon. The solution is pretty new to me.

What do I think about the stability of the solution?

The stability of the solution is excellent, especially in a market like India.

What do I think about the scalability of the solution?

The product is very scalable. The solution can scale well, especially for small setups looking to expand out in the future.

How are customer service and technical support?

If they're having an issue, we tend to stick to the team and occasionally reach out to the support team of Falcon CrowdStrike.

I've never directly been in contact with the technical support team, however, my colleagues have. I'd say that overall we are satisfied with their level of service. Typically, their technical support team will give us direct intel and then our internal team with resolve the issue, so it's a true partnership.

Also, during the pandemic, they've provided everyone with lots of webinars to help their clients understand the solution better. For me especially, being anew user, I'm benefitting from this new level of service.

Which solution did I use previously and why did I switch?

We've used different solutions in the past. It really depends on the environment. That typically dictates which solution we would implement. We use, for example, McAfee as well. I personally have worked with Amnesia.

When it comes to Amnesia, initially I was able to employ them on my on-premise machine. I have installed Falcon on the cloud and infrastructure, however, I haven't dealt with the on-premise deployment. 

You can use Amnesia with McAfee. Apart from that you also have a provision for signing with McAfee and using their host software and the server software and their media solution and placing those onto an on-premise machine or onto a particular server and you would have the ability to administrate from there. That's more for a company that is into privacy and doesn't want to share their data on a cloud.

How was the initial setup?

The solution isn't complex in terms of setup. It's very straightforward, actually.

I'm sure that for small environments or a company that may scale up, the installation would be minimal. It wouldn't be a standard installation, however, we're able to implement rather easily in small environments.

What's my experience with pricing, setup cost, and licensing?

The solution is much more costly than other cloud or on-premises solutions. However, it offers good stability, so if a client can afford it, we tend to recommend it as an option.

Which other solutions did I evaluate?

I'm currently checking other EDR solutions to see what is on offer. Clients are asking about McAfee and Symantec, so I am looking at those as options.

What other advice do I have?

I'm unsure which version of the solution we are using.

I'm currently practicing my skills on this EDR solution. I have worked with this software and I've already collaborated with my seniors who are currently experts on this particular product. I'm getting pretty good help. 

Most of our clients have their own infrastructure which is mostly on the cloud. They have their own solid, robust infrastructure. When it comes to small environments that are currently adapting to the cloud, CrowdStrike could be a great opportunity. The solution, for example, doesn't require a minimum installation. It can work well for very small companies as well as larger organizations.

If a company has the financial means, we tend to recommend this product. There are great security features on offer that are much better than other options in India at this time.

I'd advise companies considering this solution to check their resources. They have to choose the option between being on-premise and the cloud option. They need to try and run it before adopting any solution. It's important also to consider security and monitoring for threats.

Overall, I'd recommend companies study their environment and check and compile an e-solutions calendar. There's a lot of them. Microsoft has provided a 99GB advanced dataset collection and it is on the cloud.

I'd rate this product seven out of ten overall. While I've never had any problems with it, there are just so many other options on the market.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Dy General Manager at a real estate/law firm with 501-1,000 employees
Real User
Top 5Leaderboard
Great user experience, very little maintenance required, and easy to set up
Pros and Cons
  • "There's almost no maintenance required. It's very low if there's any at all."
  • "The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."

What is our primary use case?

The solution is primarily being used at our endpoint, which includes roaming users with laptops. It is being used in all of our servers at our data center. Our security team can monitor everything centrally using the Falcon dashboard. If there is an incident, our team can actually go to the root cause of the incident to try to solve it there. 

What is most valuable?

The overall user experience is good. As of today, there have been no incidents that we've had to deal with and we've been using it for years. 

The solution has a very good graphical interface. It makes it easy to use. The central monitoring is excellent.

There's almost no maintenance required. It's very low if there's any at all.

The solution is an AI and ML-enabled tool for protecting our endpoints. We're still able to use Symantec as an endpoint as well.

What needs improvement?

The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ. 

I'd really like to have a complete solution. Right now most of the incidents happen on our endpoints. It is visible at the endpoint, the end server. If this can have a correlation tool that could actually give us a comprehensive dashboard, that would be useful. It could give us top-down visibility and could be from the firewall or any kind of security protection tool. It could be part of the DNS protection suite. However, that's why it's so important to have better integration capabilities.

If this endpoint is trying to get at this particular website and it is identified as DNS level protection, that also comes to this dashboard. Around 80% to 90% view of whatever it is happening with this endpoint, whatever action it is doing, can be inspected on the dashboard.

 If the endpoint is protected by CrowdStrike. I am only to access this application through a CrowdStrike protected device. 

For how long have I used the solution?

We have been using CrowdStrike as a tool now for the last three months.

What do I think about the stability of the solution?

The stability may be too early to judge, as we are still in a POC. However, when we see the product, it is very, very stable.

What do I think about the scalability of the solution?

We didn't go with the Basic version. We went with Superior. Even the insurance companies are also sold on this product. 

We find that the solution is very, very scalable as a tool and it can completely manage and protect the endpoint. It offers around 99.99% of your protection and assurance and can scale up however much you like.

We have implemented it for approximately 200 users as a POC. We are ready to have a contract with CrowdStrike and we will be implementing it for 700 users in the end, so we will scale it from the POC when we begin to officially use it.

How are customer service and technical support?

Due to the fact that we are still running a POC, we have direct access to the principal on the contract. They have given us a lot of confidence in the product and they are always available alongside the system integrator. We basically have two layers of support.

At this initial stage, if there is any troubleshooting needed, or any type of support is required, the system integrator will provide this to us. If we need to escalate to support for some reason, we have agreed to have CrowdStrike themselves look into any issues.

So far, it's been an effective system and we are satisfied with the level of support we've received.

Which solution did I use previously and why did I switch?

We were using Symantec products, which were Symantec EndPoint Four and Five. We found that the latest modules needed additional tools to protect us. There were multiple tools needed at various levels. There was complexity in increasing users on this platform. It also took a more traditional approach to security, and we were looking for something more advanced that had advanced AI and ML capability.

We evaluated CrowdStrike and we found it satisfactory in our environment. Therefore, we decided to change to it from Symantec.

How was the initial setup?

The initial setup is very, very straightforward, and very easy to use. So far, we've found it very easy to drill down to the root cause.

This is a new area and product for us, so we decided to start using it as a POC. We started in March, or the end of February, of this year, and we have done a POC for some of our users. We'll be going forward with a full implementation and increasing our usage.

In terms of maintenance, I don't find there's much of a requirement for it. It is very easy to maintain. For monitoring and reporting purpose, we have access to a dashboard. Our security can take a look at everything themselves. We also have team members that are capable of configuring this product. That will help us to reduce the requirement of manpower in the long run.

What about the implementation team?

We had a system integrator partner that assisted us with the POC.

What's my experience with pricing, setup cost, and licensing?

I'm not sure what the exact cost of the solution is.

What other advice do I have?

We're a customer. We don't have a business partnership with this solution.

I'm not sure which version of the solution we're using right now. It is the latest, as far as I know. We're currently running a POC with it.

In today's environment, it's very crucial to protect a company from ransomware, and malware. We focus mainly on avoiding these types of attacks. We're always interested in the latest tools that have the latest techniques and are effective in our environment.  

On top of that. we've noticed during the pandemic, there are even more threats happening. We need to focus most of our energy on the endpoints which are basically connected to an unprotected network.

The focus on the endpoints has to be increased at this point in time to ensure we have maximum protection. We prefer to have a cloud-based product rather than an on-premise-based product to protect our data and our endpoints. Therefore, we may need to move to a cloud-based protection suite. Other companies should also consider this. Whether they choose a product like CrowdStrike, Cortex, or Cylance is up to them.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Mark Krishnan - PeerSpot reviewer
Associate Director - Infrastructure Engineering at AFT
Real User
Great protection, excellent customer service, and an easy to understand UI
Pros and Cons
  • "The UI is simple and self-explanatory. Everything is easy to understand."
  • "Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"

What is our primary use case?

We primarily use the solution as advanced threat protection. It is used to protect all endpoints, servers, etc. 

What is most valuable?

They're very good at what they do. As far as the product is, in its current state, I don't have any complaints at all right now. They do a quarterly review with us, just so they can let us know how many viruses or how much malware they've stopped, etc. Those features are quite good. They also go through the portal step-by-step to describe whatever they improved or tightened up. They will explain everything clearly and in a way that a customer can understand.

They do also ask for feedback, which is nice. They'll ask things like "The last time we changed this, how was your experience?" or "Did you get a lot of false positives?" or "Did you get any complaints?" etc. That's pretty good. Not many companies do that.

The UI is simple and self-explanatory. Everything is easy to understand.

So far, in the past three years, they've been absolutely great. They've been more proactive than the solution we had previously was. They even introduced new products in their line and they came back and told us that they could add that product to our current solution. At first, we added them, then we decided we had sufficient resources in house to manage it ourselves and removed it. They were great about the change. 

They've caught quite a lot of viruses and malware that have been sent through improper links, which is very reassuring. 

They report any network isolation that has been done on certain endpoints if they detect a malicious file or malware on the device that couldn't be cleaned by automation. They isolate it or us. The end-user can contact the service desk and say, "Hey, I'm not able to surf the internet. I can't do anything, so can you help me?" or we're able to look at the endpoint and see "oh, your PC is infected, that's why you aren't allowed on." It's protecting us well.

Even though the users are somewhere else, even when they're not at headquarters, we are able to remediate everything before we put them on the network again. Those network isolations are great when we detect high threat malicious items. Those are valuable tools that we appreciate.

What needs improvement?

If an operating system is stopped by support by the original vendor like Microsoft, or maybe Apple, within a few weeks, CrowdStrike will also decide they no longer support it, and they kind of move on. I understand their model. However, if we still have the OS, it's hard to keep it protected. So, for example, if Microsoft decides to stop supporting or patching a solution, Crowdstrike too will stop supporting it and making updates. It's still a useable product, it's just not getting updates or patches and therefore may be vulnerable. 

The result is that we can't guarantee we're going to be able to protect that hardware or operating system. We either have to upgrade to a newer platform, which sometimes is not possible because you have a legacy application. Whatever that constraint is, sometimes we're not able to move things. We still have to rely on other products to support that. That's the only quandary I have with them. 

Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about.

When a file is infected or it detects a ransomware file network, when it does remediate, it should self-heal as Sophos does. That's a good feature to have, but I don't know enough pros and cons about that to kind of recommend that because if it is a false positive, that may be a problem. If it detected a valid file and if for some reason it decides, "Oh, this looks like an infection," and maybe it's not actually infected, and if it goes in and remediates it by replacing it with an older file, that may be a problem. However, I don't know, because I've never used that feature or heard anybody say that's a problem.

For how long have I used the solution?

I've been using the solution for about three years now.

What do I think about the stability of the solution?

I have two engineers that regularly watch everything. We all get alerts. We'll see if something gets isolated, or a user will tell us. We isolate the issues and work on them so nothing gets through the endpoints into the system. Within 30 minutes to an hour, an issue can be cleared.

It's therefore very stable. We're able to catch everything before it can get it. It's reliable for sure.

They're so pro-active there's very little intervention that we have to do on our end.

What do I think about the scalability of the solution?

The solution is easily scalable. A company shouldn't have any issues with that aspect of the solution.

How are customer service and technical support?

Technical support is great. We've never had to contact them at all. Instead, they've always been proactive and reached out to us.

Their quarterly review manager will contact us every three months. They schedule it months ahead and we actually jump on a Zoom or WebEx meeting. They actually go through the improvements, how much detections they go through, all of our features, anything new that has been added, anything they're seeing out in the world in terms of threats, and where we need to tighten up the roles.

They would improve the sensitivity level or they will decrease the sensitivity level for some false positives. For example, they might say "Hey, we detect these, but they're not really a threat because this is just a Word document that's produced in an older format. It's not something that's malicious." Then they would decrease the sensitivity in certain areas, to eliminate the issue going forward. They always ask permission before tweaking anything. They will come to us and say, "this is what we're considering doing it and why we want to do it. Is that okay?" We usually agree to that and then they go ahead and do it.

It's just a phenomenal company. If they ever stopped the way they handle their customer service, then I would probably move on to a different company. So far they've been pretty good. For the last three years, they contacted us always and told us about every aspect of the solution. I don't think I missed a quarterly meeting so far with them due to the fact that it's all been so valuable.

Which solution did I use previously and why did I switch?

Originally, we had Webroot. We used to get, every so often, a slew of viruses that would get through the cracks. I don't know if Webroot's definition didn't get updated in a timely manner or if they were just delayed in something, however, whatever it was, we used to get that intrusion quite a bit. Then we would patch it and we would have to remediate everything. It wasn't ideal. 

We were looking for a product that would be more proactive than a reactive solution, and after doing a bunch of research, we decided on CrowdStrike. 

How was the initial setup?

The solution's initial setup was very simple. The only thing we had an issue with is our network operation. Is a separate organization that manages it. We have a network operation that we used for 24 hour monitoring. They don't support CrowdStrike and they were not experts in it. They stood us we would have to manage it ourselves. In the beginning, we were kind of worried about it. However, after that initial stage, the simplicity of how to install it, configure it was like a breeze.

We manage the entire solution in house. For maintenance, we have me and two engineers, plus a second level of support. There are around five people altogether.

What's my experience with pricing, setup cost, and licensing?

I'm not sure of the exact cost of the solution. That's a detail our finance department handles.

Which other solutions did I evaluate?

We did research on Cylance. We looked at Norton as well. We went through a bunch of products and we decided CrowdStrike was probably the most advanced threat protection at that time, which was three years ago. 

One of the products we were looking at is Sophos. The reason we were looking at Sophos is we were purchasing a backup and disaster recovery tool. In that tool, they had a built-in Sophos pack; they integrated Sophos in to protect the backup and replication and recovery. That way, if a backup had infections, for some reason, and they weren't picked up, and it got into our backup product, then Sophos could kick in and pick it up. It has automated remediation, meaning it reverses back the infection before infection if that makes sense.

Sophos has a self-healing technology built into it, which is an AI technology that they invented. We were looking at that because we thought that may be a better product. We were doing some homework on that and trying to figure out more about it. We're still in the process of purchasing a backup and recovery tool, so we're still doing our homework.

What other advice do I have?

We're just customers. We don't have a business relationship with the company.

I'm not sure which version of the solution we're using. The last time I checked, it was version 5.6. It is up-to-date, however. I get a report every so often saying, we've updated the sensors, or current version, etc. It's an auto-update and it does that. Whenever it's missing something or it couldn't reach an endpoint, the company will send me a report of that, saying these endpoints are not updated because we couldn't detect it on the network any longer.

The only advice I would say to others considering the solution is, if they have an unsupported operating system or legacy application, to look closely at CrowdStrike to see if the solution actually makes sense for them. This is due to the fact that they're not going to be able to support it. If they have thousands of servers and 20% of them are legacy applications, they may not want to think about CrowdStrike because the solution doesn't support legacy products. Other than that, I fully recommend CrowdStrike. The advanced threat protection they have has always been great.

I'd rate the solution a solid nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Service at Four-U Office Inc
Real User
Inexpensive, doesn't slow down devices, and an easy initial setup
Pros and Cons
  • "The initial setup is very simple."
  • "They don't really have anything when it comes to scanning attachments."

What is our primary use case?

We primarily use the solution for real-time ransomware protection.

What is most valuable?

The solution hasn't picked up a virus yet, so I don't know if I'm able to really discuss the most valuable aspect of the solution just yet. It's very new. 

It's not costly, and it's not constantly running, it's only looking for suspicious items when it starts to take action. There's nothing constantly scanning your device, so it's not slowing anything down in that respect. That's what I liked about it the most. 

It's not your traditional antivirus that just sits there constantly scanning your computer for Trojans and malware, etc. This doesn't take any action until it sees something actually going on.

The initial setup is very simple.

What needs improvement?

The solution doesn't have a whole lot of email security on offer. We did know that going into the purchase, however. We decided to get a different solution for that aspect of security.

They have a sandbox feature, but it's all they do. They have different grades. There's the Socket Pro and then there's an ADR. Then there's another one where they pretty much watch your system for you. And it's all different. It's all based on the price you want to spend. I wasn't going to drop a large amount of money.

They don't really have anything when it comes to scanning attachments. That would be something I would like.

For how long have I used the solution?

I've only been using the solution for one month. It's still a relatively new product for us.

How are customer service and technical support?

The technical support so far has just been helping with the setup via the initial webinar. The technician was very knowledgeable. He knew what each feature meant. If I had a question about it, he went into great depth. I've been quite satisfied with technical support so far. As a whole, they are very easy to work with.

Which solution did I use previously and why did I switch?

I had Bitdefender for three years before switching to this solution.

They were fine. I didn't have a lot of problems, but I'd been hit with ransomware four times while I had Bitdefender. I considered that as kind of a sign that maybe we should change things up.

The malware, as far as uninstalling, wasn't triggering the antivirus. I wanted something a little more advanced, due to the fact that the Ransomware protection just really wasn't there. The anti-virus aspect was pretty good. The email protection was pretty good, as well.

How was the initial setup?

The initial setup is pretty easy. It's very simple to work with. It's been really easy to install.

What about the implementation team?

I did one webinar with a support engineer. He showed me how to set it up, and to run with it. 

We just did a screen share. He gave me insights into the best possible way to set it up and that's how I rolled it out. It was a helpful experience.

What's my experience with pricing, setup cost, and licensing?

The pricing on CrowdStrike is per license. It was about $42 per seat yearly.

Which other solutions did I evaluate?

I looked at Komodo, a Gen One antivirus. I liked their product. It was pretty good. They have what is called a sandbox feature where you could take a file or the endpoint security will take the file and dump it into like a virtual sandbox and run it to test its safety. It turned out the file was malware, the solution would remove it. 

We decided not to go with it, however, due to the fact that it didn't have many reviews. Komodo is actually cheaper than CrowdStrike. I've been down the road before with bad antiviruses and had some bad experiences. Since they didn't have a whole ton of notoriety out there, you didn't see a lot on it, which kind of scared me away from it, even though I liked what they had.

CrowdStrike, it's new, however, Amazon uses it. My thoughts are if it's good enough for them, I assume it's good enough for me.

We looked at Sophos as well, however, it was very expensive. Sophos offers everything, and they are a great product, however, for us, the price was just too much.

What other advice do I have?

We're just a customer. We don't have a special relationship with CrowdStrike.

We're using the most up to date version of the solution right now.

So far, I've had good luck with this solution. That said, it hasn't hit anything. I won't get a true test until I actually get somebody that sends up malware. In the meantime, no news is good news.

I would rate the solution nine out of ten right now. They're pretty good. I haven't done anything super-advanced or to spec. There's a lot there to work with if I want to, however, I keep it pretty basic. I only have a couple of policies. It's not a huge company, so it's not real hard.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
John Seaver - PeerSpot reviewer
Director Of Information Technology at DLZ Construction Svs.
Real User
Very good for endpoint security; we've remained infection free without any downtime
Pros and Cons
  • "We haven't had any infections or down time."
  • "Too many false positives."

What is our primary use case?

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

What is most valuable?

We rely on our environmental security and we haven't had any infections so that's valuable for us. It means we haven't lost any time due to the system being down from ransomware or anything like that, so it's quite positive. 

What needs improvement?

Improvement could be made in the number of false positives we get, there are more than there needs to be. Typical Windows functions sometimes get stopped by CrowdStrike. In general, I'd rather err on the side of safety but some of these are really straightforward functions that should get through.

For the future, I think they need to keep building on their extensibility, the capability to be extended, so that it's not lost and we can utilize the knowledge that we're gaining from the endpoints. 

For how long have I used the solution?

I've been using this solution for a little over a year. 

What do I think about the stability of the solution?

This is a stable solution, I'm unaware of any failures. 

What do I think about the scalability of the solution?

Scalability is expensive but it works. We've installed it on more than 900 machines in the corporation and it covers every role from civil engineers, architects, HR people, office workers and the server. Maintenance takes the equivalent of one full-time position but it's a shared responsibility among the IT team. 

How are customer service and technical support?

The technical support do a good job. 

How was the initial setup?

The initial setup occurred before I began working here although I believe it is quite straightforward. The install process for machines is pretty good. If we want to de-install it's not so great, but overall it's tolerable.

What's my experience with pricing, setup cost, and licensing?

I believe that we pay about US$ 65,000 annually which covers 900 machines in the company. There are no other costs but there are additional features that can be purchased but we haven't done that. 

What other advice do I have?

CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side.

I would rate this solution an eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Associate - IT at a financial services firm with 51-200 employees
Real User
A lightweight solution that readily alerts us to unusual behavior
Pros and Cons
  • "This solution has made the lives of the IT staff much easier, compared to the previous one."
  • "I would like to see the machine learning feature enhanced."

What is our primary use case?

CrowdStrike is an anti-virus solution, and we use it to protect our users from malware.

How has it helped my organization?

This solution has made the lives of the IT staff much easier, compared to the previous one. This is the lightest client available that is compatible with different versions of the OS.

What is most valuable?

The most valuable feature is that our systems are monitored and we are alerted to any unusual behavior.

What needs improvement?

I would like to see the machine learning feature enhanced.

For how long have I used the solution?

One year.

What do I think about the stability of the solution?

So far, the solution has been stable. It did not clash with any other product that we have. Also, it is very light, and the users do not have the impression that anything is slowing down their system.

What do I think about the scalability of the solution?

This is simply a client that you have to roll out, so it is fully scalable.

All of the people in our company use this solution.

How are customer service and technical support?

Technical support for this solution is good.

Which solution did I use previously and why did I switch?

We did use another solution previously, but technologies keep changing. We found that CrowdStrike meets our requirements.

How was the initial setup?

Our implementation was straightforward, and it was completed within one week.

The first step was to uninstall the old anti-virus solution, and then the CrowdStrike protection was enabled. There was a brief period where both of the solutions were running at the same time.

What about the implementation team?

The implementation was handled by the consultants from CrowdStrike. Everything was done by their staff, from their end and according to their recommendation. The consultants and their service were excellent.

What's my experience with pricing, setup cost, and licensing?

This solution has a very competitive price.

Which other solutions did I evaluate?

We evaluated solutions by TrendMicro, Kaspersky, Carbon Black, and SentinelOne.

What other advice do I have?

My advice for anybody implementing this solution is to understand the requirements. Look at their vision, and understand how the technology is changing in the market in order to meet the threat of cyber attack. They need to follow the latest standards.

I would rate this solution a ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Kunal Gupta - PeerSpot reviewer
Security Engineer at a tech services company with 10,001+ employees
Real User
It can connect to host and isolate it from the network if needed

What is our primary use case?

We are currently using this solution as an ERD tool to control and remediate threat from the endpoint remotely, it serves as a next-gen antivirus solution. It can also be used in a forensic investigation, threat hunting, trend analysis, malware analysis, etc.

How has it helped my organization?

  • CrowdStrike is a SaaS-based solution which means it can be operated from anywhere, which gives the admins access to control the endpoints from multiple endpoints.
  • It has a very low footprint, using 1-2 % CPU and around 40 Mb of RAM, and the agent size is small and easy to deploy as well.
  • It has segregation of roles at various levels for the analysts, admins, SMEs, etc.

What is most valuable?

  • It can connect to host and isolate it from the network if needed; this feature helps us to investigate the endpoint without visiting the endpoint and then testing. 
  • It saves time and helps to contain the threat in less time.
  • complete visibility into the endpoint 

What needs improvement?

The current version of Falcon does not support DLP which is a may be a good to have in a EDR Solution. It must be included in the future version if possible. There must be a on-premise versions. MDM is also coming soon must also have ability to be controled from same dashboard.

For how long have I used the solution?

One Year

What do I think about the stability of the solution?

The solution is pretty stable, and it does pretty accurate work. I have never encountered any issue in this dept.

What do I think about the scalability of the solution?

The solution is scalable to multiple thousands of systems at once. There is no restriction for that.

How are customer service and technical support?

The support portal of CrowdStrike is active and helpful if needed.

Which solution did I use previously and why did I switch?

We compared multiple solutions in EDR and out of them, CrowdStrike gave the most features and value for money.

How was the initial setup?

It is pretty straightforward and without any complex mechanism.

What about the implementation team?

We as a team implemented the solution on our own, with the help of the manual and help desk.

What was our ROI?

It helps to manage a lot of threats with pretty less manpower and in a graceful way.

What's my experience with pricing, setup cost, and licensing?

The setup of CrowdStrike is very simple. It supports all three platforms (Windows, MacOS, Linux), and it has support for the specific version of the above OS. Which means sometimes, a particular OS won't be compatible with the CrowdStrike version.

Which other solutions did I evaluate?

Before choosing the solution, we evaluated various products from the Gartner magic quadrant for endpoint protection platforms (EDR and MDR).

What other advice do I have?

It comes with various modules, so you can choose the module that you need on the basis of the costing it comes with. This is definitely not cheap; it comes with a cost which may depend on the organization if they need it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Director of Security at a insurance company with 51-200 employees
Real User
We are now able to find the root cause analysis on any threat
Pros and Cons
  • "We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment."
  • "As the company has grown, the technical support has felt less personal."

What is our primary use case?

The primary use case is detection and forensics.

The product is cloud-based, so we use the latest build which is available.

How has it helped my organization?

We are now able to find the root cause analysis on any threat. We can figure out where the issue came in versus just dealing with where it is at the moment.

What is most valuable?

The most valuable feature is its forensics capability.

What needs improvement?

It probably needs more integration with firewall vendors. 

It needs integration with other technologies. It doesn't play well with anything else. It is more of a standalone solution. Therefore, integration with other technologies would be great.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

It is extremely stable. It has been around for many years. We have been a customer for almost five years.

What do I think about the scalability of the solution?

It has met every scale need that we have come across.

How are customer service and technical support?

The technical support is excellent. Though, as the company has grown, the technical support has felt less personal.

Which solution did I use previously and why did I switch?

Our previous detection software, Webroot, was letting too much stuff through.

How was the initial setup?

The initial setup is very straightforward. It just required an agent being installed. After that, it was self-managing.

What about the implementation team?

We did the deployment directly with the vendor.

What was our ROI?

The solution has helped to increase staff productivity by probably 25 percent.

What's my experience with pricing, setup cost, and licensing?

We are at about $60,000 per year.

Which other solutions did I evaluate?

We also looked at Cylance and SentinelOne. We went with CrowdStrike based on our own experimentation with it. We threw our own vulnerabilities at it, and it performed the best.

What other advice do I have?

It does everything that it claims, making our life significantly easier. Definitely consider CrowdStrike. It will probably save you from a lot of threats that other products wouldn't catch.

Our security program is relatively immature, but this product has definitely been one of the keystones of our program.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at a tech services company with 11-50 employees
Reseller
When an issue is detected you can log into the GUI and get very specific details about what happened
Pros and Cons
    • "The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."

    What is our primary use case?

    Our primary use case is as an endpoint protection service

    How has it helped my organization?

    We get a notification when there are some malicious activities on our PC whenever we have a detection. The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end user's PC and we can tell if it's something that we actually need or something that's malicious.

    What is most valuable?

    When something is detected you can log into the GUI and you can get very specific details about what happened. It's very helpful for investigating incidents and this sort of thing.

    What needs improvement?

    The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed. 

    When I change the policies for some users, I would like to have an option to apply that policy immediately. Right now, I have to wait for the users to connect to the cloud to take the new policy. I would like for them to develop the ability to have an option to apply the post the policy immediately.

    What do I think about the stability of the solution?

    It's very stable, we haven't had any issues so far.

    What do I think about the scalability of the solution?

    We haven't had any issues when it comes to scalability. We have thirty to forty users.

    How are customer service and technical support?

    We haven't had to use their technical support. 

    How was the initial setup?

    The initial setup was very straightforward. You just download the agent and install it; that's it. The deployment took two to three hours. We have two admins. One of us logs in and sees what happened.

    What other advice do I have?

    I would advise someone considering this solution to just read the documentation. You should start with the documentation, it's very clear and very simple. Anything you need is in the documentation.

    I would rate it a nine out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    PeerSpot user
    Director of Cloud Architecture at a energy/utilities company with 10,001+ employees
    Real User
    We are happy with its ease of use and touch notification
    Pros and Cons
    • "We have seen a reduction to the performance hit to our operating systems."
    • "We are happy with CloudStrike's ease of use and touch notification."
    • "We have had to open a case with the technical support to get some issues and bugs resolved."

    What is our primary use case?

    We use it for threat management.

    How has it helped my organization?

    We are now able to pick up more alerts than we were with McAfee. A lot of things were being missed by our security team using McAfee. 

    We are happier with CloudStrike's ease of use and touch notification than McAfee's.

    What is most valuable?

    I noticed that the performance hits on our operating systems are a more minimal than they were on McAfee.

    What needs improvement?

    We have had to open a case with the technical support to get some issues and bugs resolved, but they were resolved relatively quickly.

    For how long have I used the solution?

    Less than one year.

    What do I think about the scalability of the solution?

    The scalability has been good so far. We have been using it on-premise and on the cloud. We can move it to a different cloud platform, because it is cloud agnostic.

    Which solution did I use previously and why did I switch?

    We just moved over from McAfee to CrowdStrike, which detected a lot of things that McAfee did not. We detected a malicious code on our on-premise system, even though we are migrating our application to the cloud. It was able to detect it right away to send us what the code had tried change and execute. 

    Our company decided to make the switch between the two products, and I have seen the value-add since then.

    How was the initial setup?

    It was pretty easy to set up. We baked it into our subscripts during the start-up process.

    Its integration has been pretty seamless.

    What other advice do I have?

    I would anyone to look at this product based on our company's experience so far.

    We have both the on-premise and AWS versions of the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Manager at a consultancy with 5,001-10,000 employees
    Real User
    It has helped us with security and managing threats that we see currently in our environment
    Pros and Cons
    • "Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
    • "Unfortunately, native applications are not supported."

    What is our primary use case?

    It's security-related product. A security environment based on AIML. It is not like the older stuff, which used to have signature-based updates.

    How has it helped my organization?

    It has helped us with security and managing threats that we see currently in our environment.

    What is most valuable?

    Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures.

    What needs improvement?

    Unfortunately, native applications are not supported.

    For how long have I used the solution?

    Less than one year.

    What do I think about the stability of the solution?

    It manages around a few thousand endpoints and servers in our environment, and it is doing well so far.

    What do I think about the scalability of the solution?

    There are no issues in terms of scalability. 

    How is customer service and technical support?

    We can call the tech support, if needed. Then, they have a dedicated rep for us.

    How was the initial setup?

    It went well. We just installed an app on all the endpoints or devices. They have a good console which helps do this. So, it is as simple as that.

    We are using this for endpoint security, so it doesn't need to integrate with anything else.

    Which other solutions did I evaluate?

    We evaluated three to four other vendors.

    During the PoC, we figured out that this product is far better, and it met our requirements. That is why we went for CrowdStrike. With our PoC, they did a good job in explaining the product. So, the PoC went well, and we were able to achieve what we intended to with it.

    What other advice do I have?

    Do a thorough PoC. Don't go ever go by the sales team unless you have tested it and know it works for your environment, because every environment is unique. The sales guy will promise you the moon. Only unless you have tested, you know it delivers.

    The product has met its purpose for us.

    We use both the on-premise and AWS versions. They are both good products and very simple to move, install, and configure.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user996702 - PeerSpot reviewer
    it_user996702Cloud Security Engineer at a manufacturing company with 1,001-5,000 employees
    User

    Hi,
    What you mean please by not supporting native applications? could you please explain it more?
    Thanks and regards,

    Real User
    It alerts us to malicious malware issues 99% of the time, and will end the attack.

    What is our primary use case?

    It logs automatically and generates alerts. It is all automatically integrated with the cloud.

    How has it helped my organization?

    CrowdStrike will detect any malicious malware attack on the machine. It will end the attack, and immediately alert us to the issue. I would say it catches the attacks 99% of the time.

    What is most valuable?

    I think the automatic alert feature is the most important feature. 

    What needs improvement?

    The management  and log aggregation need some improvement. We have had some issues with the logs. 

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is a scalable solution.

    How was the initial setup?

    The setup was very straightforward. We just had to install it. We did not have to do the dependencies. 

    What's my experience with pricing, setup cost, and licensing?

    I do not have experience with the cost or licensing of the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Fadhullah Iskandar Roy - PeerSpot reviewer
    Solution Architect at a comms service provider with 1,001-5,000 employees
    Real User
    The AWS configuration is good, but the cost is quite pricey
    Pros and Cons
    • "The most valuable feature is its threat analysis."
    • "Scalability is good. We have had no issues with it."
    • "I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better."
    • "Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."

    What is our primary use case?

    The primary use case is threat protection.

    How has it helped my organization?

    It improves a lot of our security operations for threat management. It provides a lot for our day-to-day operations too.

    What is most valuable?

    The most valuable feature is its threat analysis.

    What needs improvement?

    I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    It is quite stable. However, whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing.

    We have not put that much stress on it, about 20 percent.

    What do I think about the scalability of the solution?

    Scalability is good. We have had no issues with it.

    Currently, we have about 4800 resources in the cloud.

    How is customer service and technical support?

    Their technical support is good and helpful.

    How was the initial setup?

    The AWS integration is good, and its configuration is straightforward.

    What was our ROI?

    We have seen ROI.

    What's my experience with pricing, setup cost, and licensing?

    Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace.

    I would like them to further reduce the price, because it is quite pricey at the moment.

    What other advice do I have?

    I would recommend CrowdStrike as a first option product, but to look at others as well.

    The new features that they have released were not bad.

    AWS is better than the on-premise version because it can support cloud resources.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Nachiket Sathaye - PeerSpot reviewer
    Information Security Consultant with 201-500 employees
    Consultant
    I like the overall reports of this solution. They are crisp, and to the point.
    Pros and Cons
    • "I like the overall reports of this solution. They are crisp, and to the point."
    • "It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
    • "It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
    • "The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders."

    What is our primary use case?

    We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

    How has it helped my organization?

    First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.

    In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues. 

    What is most valuable?

    The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well. 

    I also like the overall reports. They are crisp and to the point.

    What needs improvement?

    There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.

    A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    The product is quite stable. 

    What do I think about the scalability of the solution?

    It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.

    How is customer service and technical support?

    Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.

    How was the initial setup?

    Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.

    What was our ROI?

    CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.

    What's my experience with pricing, setup cost, and licensing?

    The pricing will depend upon your volume of usage.

    Which other solutions did I evaluate?

    I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.

    What other advice do I have?

    It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    NachiketSathaye - PeerSpot reviewer
    NachiketSathayeSecurity Consultant at a consultancy with self employed
    Real User

    Crowdstrike has recently announced the EDR platform support to iOS and Android devices as well. So now Security teams can provide better security for external and roaming user devices.

    it_user871761 - PeerSpot reviewer
    Senior Financial Analyst - Data Analytics at a energy/utilities company with 1,001-5,000 employees
    Real User
    We can see what processes are running on the system, what registry keys have been enabled
    Pros and Cons
    • "Enables us to understand what processes are running on the system, what registry keys have been enabled."

      What is our primary use case?

      Primary use is for endpoint investigations.

      How has it helped my organization?

      It allows us to determine root cause, do the analysis, a lot quicker.

      What is most valuable?

      Visibility into the endpoint rate. Understanding what processes are running on the system, what registry keys have been enabled. Pretty much understanding the whole frantic side of the endpoint.

      What needs improvement?

      It would be nice if we could extrapolate indicators of compromise and write them within sandboxes.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      It's fairly stable. We haven't been having too many issues with that.

      What do I think about the scalability of the solution?

      It scales quite well because it's cloud-based and subscription-based. It can scale pretty quickly.

      How is customer service and technical support?

      I would say technical support is fairly good. They understand the technology quite well so they are able to support us a lot better.

      What other advice do I have?

      The most important criteria when selecting a vendor come down to the capability of the technology, the cost, the support, how it fits into our overall architecture strategy, and the stability of the company. For instance, if it's a small company and they go under, you might as well have not invested in it.

      I would rate this solution an eight out of 10 because it has all the features that we need. It's within our budget, and it fits into our overall architecture strategy. There are a few features that could be added, as mentioned.

      I would recommend this technology.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.
      Updated: December 2022
      Buyer's Guide
      Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.