CrowdStrike announced its Falcon AI Detection and Response AIDR module on December 15 2025 designed to secure the AI interaction layer. The vendor positions this as a pioneering move into Security for AI claiming it protects the reasoning and decision making capabilities of AI agents.
PeerSpot Community Insights (Based on 48 In-Depth User Reviews)
While CrowdStrike is betting big on protecting AI systems, verified users are still focused on strengthening traditional EDR fundamentals. Data from 48 PeerSpot reviews reveals a consistent theme: users praise Falcon's behavioral detection, lightweight agents, and real-time response for conventional threats—ransomware, malware, and zero-day attacks. However, when it comes to AI, reviewers indicate a notable gap. Multiple users report that AI features are either "in early stages" or "not visible in our panel yet". One MSP user explicitly stated a desire for "AI-based stock monitoring to prioritize thousands of alerts" but noted CrowdStrike's AI integration remains immature for their needs. The bottom line: users trust CrowdStrike to stop breaches, but the community is still waiting for AI to deliver practical, day-to-day value—let alone protect other AI systems.
I rate the overall product an eight out of ten. I would recommend it to others. However, it's crucial to understand areas where the product might not provide coverage and how to mitigate those gaps. For example, it covers endpoints, networks, and Office 365 environments, but are there other areas in the attack surface that it doesn't address well? It's essential to be aware of any potential gaps upfront. The solution helps in preventing incidents. However, it's challenging to quantify the exact impact because we don't know what would have happened without it. It's similar to having insurance for your house.
Large account Manager at Softcell Technologies Limited
Jul 25, 2024
Falcon endpoint protections provides real-time threat prevention and response to identity-based attacks.1. Protection: Protects traditional AD 2. Detection: Uses AI-powered anomaly detection to identify and neutralize threats3. Provides 24/7 managed detection and response for identity threat4. Risk-based access: Enforces MFA based on real-time risk assessment5. Unified security: Integrates endpoint and identity protection for comprehensive security 6. Managed services: Falcon Complete ITP is a fully managed solution that includes expert management, monitoring, and remediation
Improvement is always possible. It's challenging to gauge how much future mitigation is provided, especially since we've only been using the product for about one and a half years. Every product faces this challenge because nothing is ever completely foolproof. So, besides relying on technology, we also focus on increasing our staff's awareness of security issues. Feedback from my colleagues suggests that the reporting and dashboarding of incidents could be improved.
Large account Manager at Softcell Technologies Limited
Jul 25, 2024
One thing that is not yet available is attack simulation. For example, if someone tries to attack your Active Directory on inactive accounts, a cyber attacker could hack those accounts and try to get into your company. This could be a feature to add. It would give a fake reply each time someone tries to hack it. Multiple companies that I know of would like that.
