CrowdStrike Falcon Complete MDR Reviews

We use the solution for protecting the endpoints.

The solution simplified our structure.

The Falcon Spotlight is a most valuable feature.

While the pricing does not bother us, it is a bit on the high side. It could be lower.

An MDM, Mobile Device Manager, should be added in the next release. 

We just started implementing CrowdStrike Falcon Complete a couple of weeks ago. 

We have only recently started to implement the solution, so I am not in a position to comment on its stability. 

We have not had occasion to contact technical support. 

We did not use a different solution in the past. 

The initial setup was easy.

We handled the initial setup on our own. We make use of CrowdStrike's help.

The pricing could be lower. The solution is a bit expensive. 

In addition to CrowdStrike Falcon Complete, we also looked at FireEye from Palo Alto and at other solutions from Symantec. We decided to go with CrowdStrike Falcon Complete.

I rate CrowdStrike Falcon Complete as an eight out of ten.

It's an EDR group solution. We use it for behavioral-based analysis.

On our endpoints, we have signature-based and behavioral-based analyses, and we use CrowdStrike Falcon Complete for behavioral-based analyses. 

I think it has very good features that help dig deeper while doing an investigation. Its IOCs alerting mechanism is good. I think it is AI based and categorizes behaviors which are unusual.

CrowdStrike Falcon Complete has good instrumentation, and the user interface is good too.

Pricing is definitely a problem. It could be cheaper for licensing.

I've been using CrowdStrike Falcon Complete for 5 years.

It is stable.

It is scalable as well. It's a cloud-based solution, so I don't doubt the scalability. I think it's good.

We have 6,000 end users who are using it.

The technical support is good. You raise a complaint, and they respond immediately.

The installation was smooth and didn't take much time.

We did it by ourselves. We have two or three engineers who run it and perform the rolling, installation, and upgrades.

We have a yearly license, and it could be cheaper.

We evaluated Trend Micro and Sophos before choosing CrowdStrike Falcon Complete.

CrowdStrike Falcon Complete is great, and I would rate it at eight on a scale from one to ten.

If you go with this solution, I think that you should also obtain another service called Hybrid Analysis, the premium edition. I think with this, you'll get malware samples you can correlate, and it will be a good tool for the SOC team.

Currently, we're trying to understand which solution would be able to help us to block external ports on computers. We're looking at Crowdstrike and working to understand how they can help us handle this.

While I'm not directly on the team that deals with the solution daily, I would say that the solution is very stable.

The solution is quite flexible.

We haven't had any issues with the product so far. 

It's my understanding that the reporting aspect of the solution could be improved. It should be more flexible and robust.

The solution should include some sort of DLP capabilities.

I've been using the solution for a while. It's been about three years or so.

The stability of the solution is very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is great.

We have more than 25,000 users on the solution currently. 

We are currently evaluating the solution to see if we will continue to use it or not going forward. Until that is done, I can't speak to if there are plans to increase usage.

I've never been in touch with technical support. A different team handles that aspect. I cannot speak to how helpful or responsive they are. I can't provide any useful insights at this time. 

The initial setup took place about three years ago. At the time it was installed I wasn't a part of the company. Therefore, I can't speak to how easy or difficult the solution is to set up and deploy. I wasn't a part of the process. 

We pay a licensing fee in order to use the solution, however, I can't speak to the overall cost. It's not an aspect of the solution I directly deal with.

My company is a customer and an end-user of the solution. It doesn't have any direct affiliation with Crowdstrike.

We're using the latest version of the solution at this time. I can't speak to what the actual version number is. 

I'd rate the solution, on a scale from one to ten, at an eight. We're mostly quite satisfied with the solution.

I'd recommend the solution to other users and organizations.

Our clients use it for protecting themselves from getting ransomware. Their use case is just to protect their endpoints because it is really bad out there.

It is a hybrid deployment. You have to have agents on all the endpoints, and all the CrowdStrike AI is on the cloud.

Their intelligence is really good. The security whitepapers that they write are outstanding.

They handle it all for the clients. CrowdStrike Complete is managed by CrowdStrike. They only call a client if there is a problem that they can't address. They pretty much contain and eradicate. This is not something that every vendor provides.

People should be able to obtain training at any point of the engagement so that if somebody who doesn't have the basic knowledge is getting thrown into it, they are able to get trained, and CrowdStrike is able to help them out.

CrowdStrike is really doing what they're supposed to be doing, but it is like anything else where they have to keep up on their research and development, or they'll fall behind. This is a fast-paced environment, and I've seen that vendors that were really good three years ago are terrible now. CrowdStrike is trying to stay ahead of the bad guys. They have AI. I have not had a problem with them missing anything. If they missed something, they should just make sure that they don't miss it again and understand why they missed it. I don't know if they did.

I have been using this solution for years.

It is stable.

It is easy. All you need to do is to get the correct pricing. When you add more endpoints, you are going to pay more for the license. When you do mergers and acquisitions, it is always a concern. If you've got really good security products in one company but not in the other one, you have to bring them in.

Most of our clients are medium-sized companies. We also have large clients, but they have got full security staff. CrowdStrike does well in medium-sized companies because they need them really badly. With CrowdStrike Complete, they don't have to have the staff to manage it.

I have interacted with them, and they are excellent.

Our clients had other solutions, and they switched because they got ransomware. A lot of solutions aren't always what they say they are. Some are good, but people don't have the staff to manage them. With CrowdStrike Complete, you don't have to have the staff to manage it.

Its initial setup is very straightforward. The agents are really easy to roll out. 

I always tell my clients that it is a partnership. You have to do health checks with them to make sure that you're doing what you should be doing and they're doing what they're supposed to be doing.  Sometimes, clients put products in place, and they leave them. Then they find out that they didn't set them right, and now they're a victim of a ransomware attack that they could have avoided. They had the right security product in place. 

CrowdStrike should be promoting these health checks with their clients, and they do, but I don't know if all salespeople do it. That is so important because sometimes it is not the vendor that caused the issue. It is the client, but they didn't know any better.

They are really reasonable for the services they are providing. When you add more endpoints, you are going to pay more for the license.

I would recommend this solution. I would advise others to get the best pricing and doing it around the quarters. You should really understand the pricing structure and the fact that you still need somebody to be able to take their call if there is something they can't do. Do health checks, and make sure that it is implemented correctly and you have got all your endpoints covered. It is a partnership between the vendor and the customer, and CrowdStrike is really good at that.

I would rate CrowdStrike Falcon Complete a ten out of ten.

It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.

It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike. 

It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.

It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.

Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.

I have been providing this solution for three years.

It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.

It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.

One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.

The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer. 

Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.

I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks. 

Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast. 

The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer. 

We are a team of two. I and my colleague do the deployment. 

It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.

Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.

CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.

We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector. 

There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints. 

I would rate CrowdStrike Falcon Complete an eight out of ten.

We are a solution provider and CrowdStrike Falcon Complete is one of the products that we offer to our customers. We have several different customers for which we provide this software as a service. In other cases, customers purchase licenses for it through us and we administrate it.

The most valuable feature is the Managed Detection and Response.

All of our customers complain about the reporting and say that it is very poor.

Technical support in Latin America could be improved.

It is not difficult to use and it is fast to implement.

I would like to have a feature to collect logs and explore the information.

In the next release, I would like to have a simplified remote installation.

CrowdStrike Falcon Complete

It is easy to scale this product. We have approximately 20,000 users.

Technical support in Latin America is delayed. Many times, the customers ask for something from support but they speak Spanish, and that delays the response.

The initial setup is straightforward and pretty easy to complete.

The implementation is fast.

The average price is approximately $500 per customer.

I would rate this solution a seven out of ten.

We primarily use the solution for endpoint security. It is a very important aspect of security for us as the threat landscape is growing. There constantly needs to be better monitors of the activity on the endpoints and windows server. That's the main driver behind using this solution.

The AI and the group knowledge base that they get from having multiple clients in the cloud is very useful to us. It helps keep us safe from attacks as it allows them to apply a broader knowledge base to our protection for our company.

The solution doesn't actually scan desktops. They prevent execution and they do a very, very, very good job at that. However, if there is malware, et cetera, on an endpoint, there's not a scan feature to simply remove it. You have to go in and clean the registry and do the other stuff yourself. It would be ideal if there was some sort of scanning functionality built-in.

The logging features aren't robust and the information isn't kept long enough. The active logs are only retained for seven days. It would be better if it was available for, let's say, 30 days. If we were going to do any forensics, we would have the time to execute them.

We have been using the solution for about two years at this point. We plan to use it at least until the end of this year. It hasn't been very long.

We have looked at Carbon Black previously, as well as Cybereason. We were looking for alternatives to Crowdstrike, however, we decided we would keep this solution until the end of the year.

The reason we didn't switch yet is mostly due to time constraints. We had to renew or implement a new solution and it wasn't going to happen in the timeframe we were looking at. Therefore, we had to put it off. 

The Carbon Black is not as advanced as CrowdStrike. Also, Cybereason lags too far behind on Mac OS upgrades. We wouldn't have been able to roll out Cybereason, even though it looks like a very good product, as it didn't support Big Sur and wouldn't for another five or six months, which meant we would have machines that wouldn't be covered

We are a customer and an end-user of the product. We don't have a business relationship of any kind with Crowdstrike.

The solution is deployed from the cloud. We put it on our endpoints, however, the core application is in CrowdStrike's cloud. It's a cloud app.

Overall, I would rate the solution at a seven out of ten.

Our primary use case is an ordinary antivirus. We also use it to watch the activity on the machine.

It has good visibility, works well, and it is fast.

It is easy to see what is happening and the reporting is good, although I still don't understand everything. We are still trying to understand all of the information that we receive. When a problem is being investigated, the product does a deep inspection and this is something that we really like. You can see things like which file is connected with which services. The deep inspection is something that we don't have in any other of our other tools.

The central console is good and it is easy to work with.

This product is easy to maintain on a daily basis.

There are some parts of this solution that are too slow. The performance slows down by between 10% and 40%, depending on what type of work the machine is doing. For example, we had to shut down our backup because it was too slow and it started to overlap with other tasks. We did not try to use our SQL database because there was too much of an impact. This is not on the network but on the machine and even a few percentage points difference is significant for us because of the volume of transactions.

 Integration slows down the system a bit.

I would like to have an alternate dashboard view, which is somewhat simpler. The one it presents now is like Splunk, and it is very good, but it would be helpful to have a simpler one that only shows the basics like what you have and what it has found. As it is now, it takes time to get used to it. After a while, it won't be a problem for me or other users in the company. When you're working with a regular antivirus, it is much easier to set up and start using.

We have been working with CrowdStrike Falcon Complete for two months. We are still deploying and integrating it into our environment.

Because we are still in the process of initial integration, it is our partner who is in contact with technical support. We're still waiting for them to answer with respect to one issue, and now after waiting for two weeks, I cannot say that I'm very happy with that. However, given that it is the holiday season, it's pretty understandable.

I expect that it will be complete in January when we are fully operational. During New Year and Christmas, it is a bit of a lazy time for everybody.

We have several solutions in place. We have a firewall, antivirus, and email antivirus systems, and there are still things that pass through. This product is our fourth layer of defense.

The initial setup was straightforward for us because we had assistance. On our own, this would not have been as easy.

We had CrowdStrike partners who assisted us with the implementation. They asked us things like what should be protected and what should not be. It was a lot of work for our partner to complete the deployment.

At approximately €60 per machine, per year, I think that it's a good price point. When you compare this to Windows Defender for Endpoints, the price of that solution is about €50 Euro per month per user.

There are people who spend a lot of time trying to find the right price to sell new products at, so I always think that people know the value of their product and what price they can sell it at.

Every solution has pros and cons. I don't see anything that is more advanced than other solutions, and it's just an ordinary spy product. I have to wait for some time to see how well it works in the real world, but it finds some malware and it finds some things that pass through as normal. 

At this point in time, I can't yet say for the general case whether I would recommend this product. We are still having a problem with the slowness and the impact on the performance of the system. For workstations or servers that do not have a high load on them, I would certainly recommend buying it. In our case, we had to remove it from our backup servers. So, if you're already using a backup, or hosting servers for VMware or Hyper-V, or using a SQL database, then you should consider testing it first. I'm still not sure what will happen in our case.

At this point, I cannot rate it an eight or higher because we still don't have an answer on improving the performance. If ultimately they resolve our problem then I would rate this solution an eight or a nine out of ten.

I would rate this solution a seven out of ten.