CrowdStrike Falcon Complete MDR Reviews

There are a lot of useful features. First of all, it gives you complete details regarding any malicious activities. So you can replace the impact date or everything from where the file comes. CrowdStrike gives you the complete details of when a file comes to your network, how it's displayed on the other systems, etc. That's the feature most customers like as of now, and they are generally more interested in EDR solutions.

The only challenge is the price, as of now. It could be the only area of improvement for me. It's a little challenging to convince new customers when it comes to the price.

We've been working with CrowdStrike for almost a year — a premium protection solution. However, we provide our customers with whichever version they require, be it the complete solution, premium protection, or basic antivirus.

I would rate the stability of this solution an eight out of ten.

I would rate the scalability of this solution as a ten because it can be easily scaled up whenever needed. Our integration instance is intended for medium-sized clients, and the number of proactive customers who are currently using this solution is more than 2,000 to 3,000 users.

Our distributors provide excellent technical support, and we have experts in our systems. Generally, we don't require any help from OEMs or distributors because they are certified in cloud sites. But whenever we need any kind of help, the distributor provides quick response and mitigation.

Positive

I would like to rate it eight out of ten. It was easy because everything is in the cloud, so you don't have to go through on-premises installation or anything. We just need to set up the cloud, and everything will restart and install that way.

Once we received the credentials from CrowdStrike, we had to set up and create policies such as moderate or high protection. All of these technical steps were taken care of by our technical teams, who are well-experienced and handle different projects.

I would rate pricing a five out of ten, where one indicates the low price and ten indicates the high price. Indian customers are price sensitive, and this solution is a little costlier compared to other solutions. However, customers are still willing to pay for it, but they always compare the price with other solutions since India is a price-sensitive market.

It is a little costlier than other solutions. There are no additional costs except for support costs, which are minimal and not an issue.

We're actually a reseller and a system integrator. We're evaluating several endpoint protection solutions for our customers.

In India, many customers are switching to EDR solutions like CrowdStrike. They prefer automated solutions over traditional legacy antivirus and don't want to invest in additional devices.

I always recommend my customers do a Proof of Concept (PoC) because once they go through the product details, features, and performance, we can convert them into CrowdStrike customers. So I always recommend doing the PoC.

We always recommend doing the PoC, which is like a demo. Overall, the solution is an eight out of ten because it's an automated solution, which is a significant improvement over traditional latency antivirus.

With CrowdStrike, the customer can put in data resources and other things which are automated. In traditional solutions, you would have to work on notifications, do lots of research, and collect logs, but in CrowdStrike, you can easily go through the process and get all the details from when the threat hits your system. It's much more convenient and efficient.

I primarily use the solution on the could to enhance my security posture. It's used to prevent malware from getting on our systems.

I'm looking at using their Spotlight feature. The solution is very good at revealing the vulnerabilities we might have. If there's anything on our system, it will reveal it, and we can address it. 

It is stable and reliable.

Technical support is helpful.

It's pretty easy to set up.

The solution can scale. 

The CSPM UI of the solution could be improved. The cloud solution is where there needs improvement done. The on-premises version is mostly fine. 

The licensing is a bit complex. People need to take some time to understand it to ensure they are getting the most out of the offering.

I've used the solution for three or four months. 

The solution is stable and reliable. My understanding is it is quite stable. I'd rate it nine out of ten for stability. 

The solution is very scalable. I'd rate it eight of nine out of ten. It can extend well. 

We have more than 400 users. We use it on the server side, not for end-user computing. 

We have been using the solution pretty regularly for monitoring. 

Support is very good. They were very helpful during setup. They got back to us pretty quickly. We haven't had any issues with them. 

Positive

We did POCs with other solutions. However, we did not go live with anything other than Crowd Strike. We wanted a good cloud option and those Crowd Strike.

The initial setup is very easy. I'd rate it at a 7.5 out of ten. We did a POC with them before doing the full contract, and the support was very good. We had a few challenges, and support took care of it in a reasonable amount of time.

The deployment took a month or so since we had quite a number of things to handle and complete. 

Our infrastructure team manages the deployment and maintenance. We have not done a lot of maintenance as of now. We are still in learning mode. Likely down the road, we might need just one person to monitor the console and act on things as they arise. 

We handled the initial setup in-house, although we did get help from support occasionally. 

It is too early to say if there will be an ROI. When we run it for a year or so, we'll have a better idea of if we will see one. 

The pricing is pretty contextual. It's hard to give a general price. 

We did look at other options and found Crowd Strike offered a very good cloud option. 

I am a customer. 

We are using the latest version of the solution. 

I'd advise others to do a lot of research and do a POC so that they are aware of what they will be getting and what they will be signing up for. 

I'd rate the solution nine out of ten.

Endpoint protection is the most valuable feature of CrowdStrike Falcon Complete at this moment.

I would improve the Operational Technology environment functionalities.

I have been using CrowdStrike Falcon Complete for four years.

We are working on the complete version.

This solution is quite stable.

I would rate the stability of CrowdStrike Falcon Complete a ten out of ten.

CrowdStrike Falcon Complete is a scalable solution.

I would rate it a ten out of ten.

We have 12,000 users in our organization who use this solution.

We have a full service, we don't require any admins, and we use the support from CrowdStrike directly.

The technical support is great.

It is very easy to implement. We are already attaching new companies with this platform, and there are no issues. 

It is completed really quickly. You simply need an Internet connection, and it is quite simple to connect additional PCs and workstations.

Pricing is reasonable.

There are no additional fees.

I would rate CrowdStrike Falcon Complete a ten out of ten.

This is their XDR/MDR service offering. Basically, we used it as our endpoint EDR software. We also leveraged their MDR services to outsource any SOC duties for threat detection and containment. 

We used it in conjunction with LogicHub to have some SOAR capabilities for specific use cases in our environment, which was very useful. It really reduced time for our analysts to do simple detections or things that are triggered for basic automation rules based on a threat instance. 

We used it as a vulnerability dashboard for endpoint management. We deployed the agent in 95% of our endpoints.

It worked much better as an endpoint management tool, like for vulnerability management to track vulnerabilities. It's more about trust and verification rather than relying on the IT Ops team to give us regular reports on the vulnerabilities on the endpoints. 

We relied on the CrowdStrike system to provide evidence to the IT Ops team for patching things that were not really patched. It really worked well for third-party patch management. It's not labeled for that use. However, it worked really well and really helped our patch management initiative with 24/7 coverage for all our endpoints.

We used the quarantine feature as well a few times. We did a trial for it. 

As an end-point solution, nothing beats it, to be honest.

Their threat intelligence is very good. Their MDR response time and the SLAs they have with their MDR SOC team are very good and responsive. Those two have saved us from breaches a few times in my previous role, so it's proven pretty valuable.

The only thing is you have to pay for it, and it's on the expensive side. That's the one thing with any of these services. It also rates highly on the Gartner scale, so obviously, pricing is a bit high.

Their agent is a bit finicky for Mac devices. It works great once you get it working, however, it is a bit finicky to get it deployed across the board. It's not CrowdStrike's fault for the Mac thing, it's just the way Mac is, even though it's not a big concern. 

Their UI is a bit noisy. They have too many sections and they have too many components. It's hard to get all that data into one dashboard, and Falcon Complete has multiple dashboards. It gets a bit cumbersome, that's the only area I would focus maybe a little bit.

Other than that, we didn't really hit any roadblocks, to be honest.

I used it in my previous role for about three and a half years.

The stability is very good. 

Scaling is very easy. We had over 4,000 systems, and we had them installed in AWS servers. Scalability and installation-wise, it is super easy.

Support has been very good.

Positive

I've also used Sophos, those guys are very similar.

Installation is very easy.

Once it's installed, we have a team of four that can handle maintenance duties. SOC operations and IT operations can handle deployment and maintenance tasks. 

IT Ops helps with the installs and they do some of the installs themselves.

I cannot recall the exact pricing of the solution. 

The pricing is fair for what it is. They do provide good service, and the threat intelligence engine is really awesome. I would rate them 4.5 out of five in terms of affordability.

We are just customers and end-users.

What you have to do with any type of endpoint management solution is look at the effort that's required to deploy any solution. I'd recommend new users do a POC for sure in the beginning. And then, based on the POC, always try to negotiate pricing. Definitely do as long as a POC as you can, proof of concept, and see if the solution meets your environment's needs.

I'd rate the solution a nine out of ten.

We are using CrowdStrike Falcon Complete for fileless attacks, ransomware, and zero-day attacks.

The most valuable feature of CrowdStrike Falcon Complete is the lightweight design, easily manageable portal, and minimal IT maintenance required.

CrowdStrike Falcon Complete could improve by having advanced features, such as SOC, and HDR. There would have been a lot of processes involved.

I have been using CrowdStrike Falcon Complete for approximately three years.

CrowdStrike Falcon Complete is a stable solution.

The scalability of rowdStrike Falcon Complete is good.

We have approximately 500 computers using the solution. We have approximately 1,200 people using the solution.

I have not contacted the technical support from CrowdStrike Falcon Complete.

The initial setup of CrowdStrike Falcon Complete is easy. The time it took for the deployment was approximate one week for 500 computers.

We did the deployment of CrowdStrike Falcon Complete in-house.

There is a license needed to use the solution. The price of the solution is fair.

We evaluated McAfee and Symantec before choosing CrowdStrike Falcon Complete.

Symantec is complicated and it did not have as many features when compared to CrowdStrike Falcon Complete. McAfee is also a very complicated solution.

If you use this solution your environment will be safe.

I rate CrowdStrike Falcon Complete an eight out of ten.

The most valuable features of CrowdStrike Falcon Complete are the modern and intuitive capabilities, and because it is cloud-based it is much easier to adopt and roll out to the environment.

I have been using CrowdStrike Falcon Complete for approximately one year.

CrowdStrike Falcon Complete is a stable solution.

The scalability of CrowdStrike Falcon Complete is good.

We have approximately 1,000 users using this solution in my company. We have plans to increase our usage.

The support is good from CrowdStrike Falcon Complete. We call them and we have a response immediately. They could improve by increasing their knowledge.

I rate the support from CrowdStrike Falcon Complete a four out of five.

Previously used Symantec Endpoint Protection. We switched to CrowdStrike Falcon Complete because we had a lot of real threats that passed through the antivirus and at the same time, we were not getting the right technical support from Symantec.

The setup of CrowdStrike Falcon Complete was easy. We have not yet completed the full implementation, it is still ongoing and we hope to finish it in two to three months. 

We had some initial proof of concept and did it on test PCs and test servers. We are moving it into production. We are doing small steps every week.

We had support from CrowdStrike Falcon Complete available during the implementation.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use CrowdStrike Falcon Complete internally and externally according to the MITRE ATT&CK framework. MITRE ATT&CK describes most of the TTPs and explains them, including the default use cases and deployed policies. Our internal use case for the solution is specifically for internal fraud cases to use in our internal forensics team.

CrowdStrike Falcon Complete has helped in improving my company in terms of achieving strategies and executing frameworks.

What I found most valuable in CrowdStrike Falcon Complete is that it has a lot of monitoring dashboards and use cases, and I saw that it's a very good product, but my company has only tested it, so it's not been used for real use cases. My company hasn't tested the complete license for CrowdStrike Falcon Complete, so the team hasn't checked the open fiber rooms for zero-day attacks, IOAs and IOCs, or any indicators of fraudulent activities.

I was also amazed at the solution and its licensing. My company did a competitive analysis of many EDR solutions, but it went with CrowdStrike Falcon Complete. It's one of the top-rated solutions on CyberRatings as well.

At the moment, nothing is missing in CrowdStrike Falcon Complete. I'm amazed by it. It's perfect and I'm not aware of any other vendors that provide its features, but it would also depend on the configuration and policy management of the solution, for example, I can bring you an EDR solution and configure it badly, so it won't do anything. It also depends on the people, not just the technology you're obtaining, so this is the most important thing to do for all solutions, even for firewalls. You can obtain a firewall and if you permit everyone to go through it, then it's useless.

What could be improved in CrowdStrike Falcon Complete is its management console. Currently, that console is on the cloud, so if the cloud is compromised, then the management console would also be compromised, and that's quite risky.

I've been using CrowdStrike Falcon Complete for six months.

CrowdStrike Falcon Complete is too stable, but I still have to test it in a forensic case before I could comment on the stability of the solution.

We usually follow TMMI, so in terms of the maturity and scalability of CrowdStrike Falcon Complete, it's fine, so far.

Our only experience in terms of contacting the technical support team for CrowdStrike Falcon Complete was during implementation.

Setting up CrowdStrike Falcon Complete was too easy because it's a cloud solution, so it was too easy to implement. There's nothing to do, for example, you just need to install the agent from the PCs on the endpoint.

In terms of the deployment time for CrowdStrike Falcon Complete, the infrastructure team implemented the endpoints which took one week, then there's the tuning of the policies, so overall, the deployment took one month.

There's a third party or a partner either for implementation or support for CrowdStrike Falcon Complete, but my company did it in-house.

We haven't seen ROI from CrowdStrike Falcon Complete because we've just done a POV for the top management and there are limited attacks in our organization. We've done some use cases or POCs on a zero-day attack, changing the binaries, etc., and CrowdStrike Falcon Complete was perfect and detected all of the behaviors, isolated them, and did all the functions we expected it to do.

The pricing for CrowdStrike Falcon Complete is competitive. It's a cheaper solution when you compare it with others, and on a scale of one to five, I'm rating its pricing a four. You also don't need to pay extra for its features. CrowdStrike Falcon Complete is perfect.

My company evaluated another solution that was also top-rated: FireEye (now called Trellix).

CrowdStrike Falcon Complete currently has five thousand users in my company and the roles vary from top management to C-level to endpoint users to high privilege users, so a lot of people and a lot of money.

My company recommends CrowdStrike Falcon Complete for the financial, military, and oil and gas sectors. It's by sector, not by people. All the roads now move toward security and securing the business, and it also depends on the criticality of the assets you own and how you're securing the assets. Whenever or whoever has a critical asset should go for a strong security solution such as CrowdStrike Falcon Complete.

In terms of how extensively the solution is being used in my company, there's no 100% security, so my company is always developing security solutions that can handle new attacks, future attacks, and more sophisticated attacks, so I'm unable to give a percentage of the extent of usage of CrowdStrike Falcon Complete, but if I can just measure this from a governance perspective, it's 80%, specifically from a compliance perspective.

At the moment, I'm unable to give my advice to others looking into implementing CrowdStrike Falcon Complete because I need to use the solution on a real test or real compromise first.

I'm rating CrowdStrike Falcon Complete eight out of ten because of its management console being on the cloud. My company doesn't prefer this setup, even if it has an NDA with the vendor because if the cloud itself was compromised, the management is also compromised, and all users will be isolated, so this isn't good from a risk perspective.

My company is a customer of CrowdStrike Falcon Complete.

What's most valuable about CrowdStrike Falcon Complete as an endpoint security solution is that it provides different features against malware outbreaks. The solution is also cloud-based so it offers flexibility in terms of managing it. It's also easy to deploy the agent and you can deploy it through CrowdStrike, your CloudStrike console, or you can take that agent out and you can use different solutions to deploy it through your group policy, your SSCM, or any asset management tool.

What could be improved in CrowdStrike Falcon Complete is the threat hunting feature and the insights it provides, in particular, the variable analysis feature. Protection against zero-day threats and sandboxing could also be improved in CrowdStrike Falcon Complete. If you compare it with other solutions, it can go head-to-head, but the features I mentioned still need improvement.

CrowdStrike Falcon Complete is a stable solution.

CrowdStrike Falcon Complete is a scalable solution. From the infrastructure and operation side, it's one of the best tools in terms of scalability.

I have not worked directly with the technical support team of CrowdStrike Falcon Complete. My company has a different team that worked directly with the CrowdStrike presale team, and that CrowdStrike team was really good, always supportive, and helpful.

I have no idea on the licensing cost of CrowdStrike Falcon Complete.

I have experience with CrowdStrike Falcon Complete, and I've worked with it recently. I work as a solution architect, so I work with different products, and I can't tell you exactly which version of CrowdStrike Falcon Complete I used.

I manage different customers, so the solution is deployed on various clouds, but mostly on a hybrid cloud, with providers being AWS and GCP.

My advice to anyone looking into implementing CrowdStrike Falcon Complete is to go for it. You should move from the traditional antivirus to the next-gen antivirus. Next-gen antivirus such as CrowdStrike Falcon Complete has malware detection, exploit detection, and endpoint detection and response (EDR) features that you won't find in the traditional antivirus. Signature-based antivirus also fails to detect zero-day attacks as well as crypto locker, ransomware, etc. CrowdStrike Falcon Complete has IOA behavioral protection, and it has an analysis functionality and great reporting capabilities, so you should go for it.

My rating for CrowdStrike Falcon Complete is eight out of ten. Sometimes on remote users as it is release-signed, there's some issue with the agent and some false positives as well. In terms of detection, an antivirus or EDR solution, or any kind of threat protection product, you have to check a few things. One is how good it is when malware is in the pre-execution stage and the post-execution stage. I have done some analysis on CrowdStrike Falcon Complete on seventy-five different parameters and controls, and I concluded that the product is really good. It's not a ten out of ten because I cannot provide a perfect score for any product. Eight out of ten is a good score in my point of view because you'd still feel that other things are missing in the product.