CrowdStrike Falcon Complete MDR Reviews

Endpoint protection is the most valuable feature of CrowdStrike Falcon Complete at this moment.

I would improve the Operational Technology environment functionalities.

I have been using CrowdStrike Falcon Complete for four years.

We are working on the complete version.

This solution is quite stable.

I would rate the stability of CrowdStrike Falcon Complete a ten out of ten.

CrowdStrike Falcon Complete is a scalable solution.

I would rate it a ten out of ten.

We have 12,000 users in our organization who use this solution.

We have a full service, we don't require any admins, and we use the support from CrowdStrike directly.

The technical support is great.

It is very easy to implement. We are already attaching new companies with this platform, and there are no issues. 

It is completed really quickly. You simply need an Internet connection, and it is quite simple to connect additional PCs and workstations.

Pricing is reasonable.

There are no additional fees.

I would rate CrowdStrike Falcon Complete a ten out of ten.

This is their XDR/MDR service offering. Basically, we used it as our endpoint EDR software. We also leveraged their MDR services to outsource any SOC duties for threat detection and containment. 

We used it in conjunction with LogicHub to have some SOAR capabilities for specific use cases in our environment, which was very useful. It really reduced time for our analysts to do simple detections or things that are triggered for basic automation rules based on a threat instance. 

We used it as a vulnerability dashboard for endpoint management. We deployed the agent in 95% of our endpoints.

It worked much better as an endpoint management tool, like for vulnerability management to track vulnerabilities. It's more about trust and verification rather than relying on the IT Ops team to give us regular reports on the vulnerabilities on the endpoints. 

We relied on the CrowdStrike system to provide evidence to the IT Ops team for patching things that were not really patched. It really worked well for third-party patch management. It's not labeled for that use. However, it worked really well and really helped our patch management initiative with 24/7 coverage for all our endpoints.

We used the quarantine feature as well a few times. We did a trial for it. 

As an end-point solution, nothing beats it, to be honest.

Their threat intelligence is very good. Their MDR response time and the SLAs they have with their MDR SOC team are very good and responsive. Those two have saved us from breaches a few times in my previous role, so it's proven pretty valuable.

The only thing is you have to pay for it, and it's on the expensive side. That's the one thing with any of these services. It also rates highly on the Gartner scale, so obviously, pricing is a bit high.

Their agent is a bit finicky for Mac devices. It works great once you get it working, however, it is a bit finicky to get it deployed across the board. It's not CrowdStrike's fault for the Mac thing, it's just the way Mac is, even though it's not a big concern. 

Their UI is a bit noisy. They have too many sections and they have too many components. It's hard to get all that data into one dashboard, and Falcon Complete has multiple dashboards. It gets a bit cumbersome, that's the only area I would focus maybe a little bit.

Other than that, we didn't really hit any roadblocks, to be honest.

I used it in my previous role for about three and a half years.

The stability is very good. 

Scaling is very easy. We had over 4,000 systems, and we had them installed in AWS servers. Scalability and installation-wise, it is super easy.

Support has been very good.

Positive

I've also used Sophos, those guys are very similar.

Installation is very easy.

Once it's installed, we have a team of four that can handle maintenance duties. SOC operations and IT operations can handle deployment and maintenance tasks. 

IT Ops helps with the installs and they do some of the installs themselves.

I cannot recall the exact pricing of the solution. 

The pricing is fair for what it is. They do provide good service, and the threat intelligence engine is really awesome. I would rate them 4.5 out of five in terms of affordability.

We are just customers and end-users.

What you have to do with any type of endpoint management solution is look at the effort that's required to deploy any solution. I'd recommend new users do a POC for sure in the beginning. And then, based on the POC, always try to negotiate pricing. Definitely do as long as a POC as you can, proof of concept, and see if the solution meets your environment's needs.

I'd rate the solution a nine out of ten.

We are using CrowdStrike Falcon Complete for fileless attacks, ransomware, and zero-day attacks.

The most valuable feature of CrowdStrike Falcon Complete is the lightweight design, easily manageable portal, and minimal IT maintenance required.

CrowdStrike Falcon Complete could improve by having advanced features, such as SOC, and HDR. There would have been a lot of processes involved.

I have been using CrowdStrike Falcon Complete for approximately three years.

CrowdStrike Falcon Complete is a stable solution.

The scalability of rowdStrike Falcon Complete is good.

We have approximately 500 computers using the solution. We have approximately 1,200 people using the solution.

I have not contacted the technical support from CrowdStrike Falcon Complete.

The initial setup of CrowdStrike Falcon Complete is easy. The time it took for the deployment was approximate one week for 500 computers.

We did the deployment of CrowdStrike Falcon Complete in-house.

There is a license needed to use the solution. The price of the solution is fair.

We evaluated McAfee and Symantec before choosing CrowdStrike Falcon Complete.

Symantec is complicated and it did not have as many features when compared to CrowdStrike Falcon Complete. McAfee is also a very complicated solution.

If you use this solution your environment will be safe.

I rate CrowdStrike Falcon Complete an eight out of ten.

The most valuable features of CrowdStrike Falcon Complete are the modern and intuitive capabilities, and because it is cloud-based it is much easier to adopt and roll out to the environment.

I have been using CrowdStrike Falcon Complete for approximately one year.

CrowdStrike Falcon Complete is a stable solution.

The scalability of CrowdStrike Falcon Complete is good.

We have approximately 1,000 users using this solution in my company. We have plans to increase our usage.

The support is good from CrowdStrike Falcon Complete. We call them and we have a response immediately. They could improve by increasing their knowledge.

I rate the support from CrowdStrike Falcon Complete a four out of five.

Previously used Symantec Endpoint Protection. We switched to CrowdStrike Falcon Complete because we had a lot of real threats that passed through the antivirus and at the same time, we were not getting the right technical support from Symantec.

The setup of CrowdStrike Falcon Complete was easy. We have not yet completed the full implementation, it is still ongoing and we hope to finish it in two to three months. 

We had some initial proof of concept and did it on test PCs and test servers. We are moving it into production. We are doing small steps every week.

We had support from CrowdStrike Falcon Complete available during the implementation.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use CrowdStrike Falcon Complete internally and externally according to the MITRE ATT&CK framework. MITRE ATT&CK describes most of the TTPs and explains them, including the default use cases and deployed policies. Our internal use case for the solution is specifically for internal fraud cases to use in our internal forensics team.

CrowdStrike Falcon Complete has helped in improving my company in terms of achieving strategies and executing frameworks.

What I found most valuable in CrowdStrike Falcon Complete is that it has a lot of monitoring dashboards and use cases, and I saw that it's a very good product, but my company has only tested it, so it's not been used for real use cases. My company hasn't tested the complete license for CrowdStrike Falcon Complete, so the team hasn't checked the open fiber rooms for zero-day attacks, IOAs and IOCs, or any indicators of fraudulent activities.

I was also amazed at the solution and its licensing. My company did a competitive analysis of many EDR solutions, but it went with CrowdStrike Falcon Complete. It's one of the top-rated solutions on CyberRatings as well.

At the moment, nothing is missing in CrowdStrike Falcon Complete. I'm amazed by it. It's perfect and I'm not aware of any other vendors that provide its features, but it would also depend on the configuration and policy management of the solution, for example, I can bring you an EDR solution and configure it badly, so it won't do anything. It also depends on the people, not just the technology you're obtaining, so this is the most important thing to do for all solutions, even for firewalls. You can obtain a firewall and if you permit everyone to go through it, then it's useless.

What could be improved in CrowdStrike Falcon Complete is its management console. Currently, that console is on the cloud, so if the cloud is compromised, then the management console would also be compromised, and that's quite risky.

I've been using CrowdStrike Falcon Complete for six months.

CrowdStrike Falcon Complete is too stable, but I still have to test it in a forensic case before I could comment on the stability of the solution.

We usually follow TMMI, so in terms of the maturity and scalability of CrowdStrike Falcon Complete, it's fine, so far.

Our only experience in terms of contacting the technical support team for CrowdStrike Falcon Complete was during implementation.

Setting up CrowdStrike Falcon Complete was too easy because it's a cloud solution, so it was too easy to implement. There's nothing to do, for example, you just need to install the agent from the PCs on the endpoint.

In terms of the deployment time for CrowdStrike Falcon Complete, the infrastructure team implemented the endpoints which took one week, then there's the tuning of the policies, so overall, the deployment took one month.

There's a third party or a partner either for implementation or support for CrowdStrike Falcon Complete, but my company did it in-house.

We haven't seen ROI from CrowdStrike Falcon Complete because we've just done a POV for the top management and there are limited attacks in our organization. We've done some use cases or POCs on a zero-day attack, changing the binaries, etc., and CrowdStrike Falcon Complete was perfect and detected all of the behaviors, isolated them, and did all the functions we expected it to do.

The pricing for CrowdStrike Falcon Complete is competitive. It's a cheaper solution when you compare it with others, and on a scale of one to five, I'm rating its pricing a four. You also don't need to pay extra for its features. CrowdStrike Falcon Complete is perfect.

My company evaluated another solution that was also top-rated: FireEye (now called Trellix).

CrowdStrike Falcon Complete currently has five thousand users in my company and the roles vary from top management to C-level to endpoint users to high privilege users, so a lot of people and a lot of money.

My company recommends CrowdStrike Falcon Complete for the financial, military, and oil and gas sectors. It's by sector, not by people. All the roads now move toward security and securing the business, and it also depends on the criticality of the assets you own and how you're securing the assets. Whenever or whoever has a critical asset should go for a strong security solution such as CrowdStrike Falcon Complete.

In terms of how extensively the solution is being used in my company, there's no 100% security, so my company is always developing security solutions that can handle new attacks, future attacks, and more sophisticated attacks, so I'm unable to give a percentage of the extent of usage of CrowdStrike Falcon Complete, but if I can just measure this from a governance perspective, it's 80%, specifically from a compliance perspective.

At the moment, I'm unable to give my advice to others looking into implementing CrowdStrike Falcon Complete because I need to use the solution on a real test or real compromise first.

I'm rating CrowdStrike Falcon Complete eight out of ten because of its management console being on the cloud. My company doesn't prefer this setup, even if it has an NDA with the vendor because if the cloud itself was compromised, the management is also compromised, and all users will be isolated, so this isn't good from a risk perspective.

My company is a customer of CrowdStrike Falcon Complete.

What's most valuable about CrowdStrike Falcon Complete as an endpoint security solution is that it provides different features against malware outbreaks. The solution is also cloud-based so it offers flexibility in terms of managing it. It's also easy to deploy the agent and you can deploy it through CrowdStrike, your CloudStrike console, or you can take that agent out and you can use different solutions to deploy it through your group policy, your SSCM, or any asset management tool.

What could be improved in CrowdStrike Falcon Complete is the threat hunting feature and the insights it provides, in particular, the variable analysis feature. Protection against zero-day threats and sandboxing could also be improved in CrowdStrike Falcon Complete. If you compare it with other solutions, it can go head-to-head, but the features I mentioned still need improvement.

CrowdStrike Falcon Complete is a stable solution.

CrowdStrike Falcon Complete is a scalable solution. From the infrastructure and operation side, it's one of the best tools in terms of scalability.

I have not worked directly with the technical support team of CrowdStrike Falcon Complete. My company has a different team that worked directly with the CrowdStrike presale team, and that CrowdStrike team was really good, always supportive, and helpful.

I have no idea on the licensing cost of CrowdStrike Falcon Complete.

I have experience with CrowdStrike Falcon Complete, and I've worked with it recently. I work as a solution architect, so I work with different products, and I can't tell you exactly which version of CrowdStrike Falcon Complete I used.

I manage different customers, so the solution is deployed on various clouds, but mostly on a hybrid cloud, with providers being AWS and GCP.

My advice to anyone looking into implementing CrowdStrike Falcon Complete is to go for it. You should move from the traditional antivirus to the next-gen antivirus. Next-gen antivirus such as CrowdStrike Falcon Complete has malware detection, exploit detection, and endpoint detection and response (EDR) features that you won't find in the traditional antivirus. Signature-based antivirus also fails to detect zero-day attacks as well as crypto locker, ransomware, etc. CrowdStrike Falcon Complete has IOA behavioral protection, and it has an analysis functionality and great reporting capabilities, so you should go for it.

My rating for CrowdStrike Falcon Complete is eight out of ten. Sometimes on remote users as it is release-signed, there's some issue with the agent and some false positives as well. In terms of detection, an antivirus or EDR solution, or any kind of threat protection product, you have to check a few things. One is how good it is when malware is in the pre-execution stage and the post-execution stage. I have done some analysis on CrowdStrike Falcon Complete on seventy-five different parameters and controls, and I concluded that the product is really good. It's not a ten out of ten because I cannot provide a perfect score for any product. Eight out of ten is a good score in my point of view because you'd still feel that other things are missing in the product.

We use CrowdStrike Falcon Complete as an endpoint detection and response solution. We have over 10,000 users of this product. It requires less than 10 staff to deploy and maintain CrowdStrike. We are looking at rolling out more features of the product.

CrowdStrike has improved our meantime to closure on incidents. By enabling us to have more contextual awareness for each of the detections, it provides a much richer and broader scale of intelligence to each of the incidents and detections.

The threat intelligence of CrowdStrike Falcon is the most valuable feature. I also  enjoy their contextual awareness, endpoint detection and response.

The solution could use an on-demand scan feature.

I have been using CrowdStrike Falcon for 18 months.

CrowdStrike Falcon Complete is stable. 

The solution is scalable. We did a proof of concept with CrowdStrike versus others. CrowdStrik lived up to these capabilities.

I have used their technical support, and they are good. I would rate them a four out of five.

Positive

We were using a couple of other solutions before CrowdStrike and decided to move away from them as they weren't as good.

The initial setup of CrowdStrike is fairly straightforward. I would rate the initial setup a four out of five.

We used a professional service, an integrator, to implement the solution. Our organization is complex, so the roll-out took a couple of months.

From what I understand from our network architect, CrowdStrike Falcon is good value for the money required. We receive good service and support. The training is excellent. They offer a number of free classes to train users and analysts. It is a very capable product.

I would rate CrowdStrike Falcon Complete an eight out of ten overall.

We primarily use the solution for security purposes. We use it to protect our endpoints and prevent any kind of malicious attacks on our company.

In terms of Endpoint security, we feel very secure. Sandboxing is in a place where we can analyze everything before releasing anything into the production environment. It has really helped in terms of how we can prevent the malware from spreading across Endpoints, especially in these scenarios where work from home is common and where users are directly connected to a potentially insecure network.

The best part of CrowdStrike is the integration with various other tools and technologies such as, for example, Mimecast. We use Mimecast for email security and detection via Crowdstrike. If we have a backend integration of Mimecast logs with Crowdstrike, that's an excellent way for us to secure email.

The initial setup is straightforward. 

The stability and performance have been pretty good overall. 

The solution has proven to be very easy to implement and easy to manage.

It is very simple to use and not overly technical. 

The product gives us very low false positives. 

Considering the recent SolarWinds attacks in November or December last year, we were looking for something that could secure the EDR first tokens. It would be helpful if that was on offer.

They need to continuously integrate with other security tools such as CyberArk or Mimecast, to cover the entire IT infrastructure. They should keep in mind that there is a risk in the ADFS web environment. From an Endpoint perspective, it's all good, however, they need to explore the origins via something like Crowdstrike.

The customization could be improved upon. As of now with the area first and web security tokens, we don't see the EDR. We are looking for some solution that can provide EDR solution on the EDR first web environment.

We've been using the solution since 2017. It's been about three years or so. We've used it for a while.

The stability is very good. We don't see anything currently that can negatively impact the Endpoint as the agent is installed, however, the processing does not consume the CPU or memory. It's giving us great anti-malware detection along with a very good performance on the Endpoint as well.

The solution is fairly easy to scale, as it's not specific to any domain we can implement CrowdStrike on a standalone server, or multi-forest. In terms of scalability, it can support the multi-cloud strategy as well.

We have about 12,000. places in which the solution is being used. It's on 9,000 devices as a user Endpoint, which is Windows 10, and approximately 3000 servers.

We do intend to increase usage. Every year is we see a5% to 10% increase in usage.

We get a lot of proactive support from Crowdstrike. Before anything enters our environment, we get a lot of information from our account manager and there is an annual assessment as well. Overall, it's very good in terms of how they provide us with support services.

The initial setup is usually straightforward. We don't see any challenges with the implementation in general, however, there are a few connectivity issues when the ports are not open from our internal network to the Crowdstrike servers. Otherwise, it's very easy.

We always get pressured to reduce the cost, however, considering the importance of security, it's worth paying the current rate. Overall it's a good investment when it comes to security practices.

When we started off with this POC, we were exploring Carbon Black alongside Crowdstrike. Taking into consideration the overall scalability and compatibility in our environment, we decided to go for Crowdstrike.

We are customers and end-users.

We don't have the agent or on-premise servers. This solution is SaaS and we don't need those in order to use it. 

I'd rate the solution at a nine out of ten considering the experience we've had over the last three years. The only downside is, in certain cases, that we still see the same gaps we have seen in SolarWinds. CrowdStrike is aware of those and is aware of what they need to do. As the first step, for example, what I've seen in the last six months is the integration with Mimecast which is quite a positive development. 

If you look at the Gartner or other rating agencies, where you can compare the features of Crowdstrike versus others leaders such as Trend Micro or Carbon Black, CrowdStrike is shown to be easy to implement, easy to manage, and very simple to use. You don't need a core skillset to manage a Crowdstrike in your environment. It's very friendly. At the same time, it gives very accurate results. You'll get fewer false positives.