CrowdStrike Falcon Reviews

We primarily use the solution as advanced threat protection. It is used to protect all endpoints, servers, etc. 

They're very good at what they do. As far as the product is, in its current state, I don't have any complaints at all right now. They do a quarterly review with us, just so they can let us know how many viruses or how much malware they've stopped, etc. Those features are quite good. They also go through the portal step-by-step to describe whatever they improved or tightened up. They will explain everything clearly and in a way that a customer can understand.

They do also ask for feedback, which is nice. They'll ask things like "The last time we changed this, how was your experience?" or "Did you get a lot of false positives?" or "Did you get any complaints?" etc. That's pretty good. Not many companies do that.

The UI is simple and self-explanatory. Everything is easy to understand.

So far, in the past three years, they've been absolutely great. They've been more proactive than the solution we had previously was. They even introduced new products in their line and they came back and told us that they could add that product to our current solution. At first, we added them, then we decided we had sufficient resources in house to manage it ourselves and removed it. They were great about the change. 

They've caught quite a lot of viruses and malware that have been sent through improper links, which is very reassuring. 

They report any network isolation that has been done on certain endpoints if they detect a malicious file or malware on the device that couldn't be cleaned by automation. They isolate it or us. The end-user can contact the service desk and say, "Hey, I'm not able to surf the internet. I can't do anything, so can you help me?" or we're able to look at the endpoint and see "oh, your PC is infected, that's why you aren't allowed on." It's protecting us well.

Even though the users are somewhere else, even when they're not at headquarters, we are able to remediate everything before we put them on the network again. Those network isolations are great when we detect high threat malicious items. Those are valuable tools that we appreciate.

If an operating system is stopped by support by the original vendor like Microsoft, or maybe Apple, within a few weeks, CrowdStrike will also decide they no longer support it, and they kind of move on. I understand their model. However, if we still have the OS, it's hard to keep it protected. So, for example, if Microsoft decides to stop supporting or patching a solution, Crowdstrike too will stop supporting it and making updates. It's still a useable product, it's just not getting updates or patches and therefore may be vulnerable. 

The result is that we can't guarantee we're going to be able to protect that hardware or operating system. We either have to upgrade to a newer platform, which sometimes is not possible because you have a legacy application. Whatever that constraint is, sometimes we're not able to move things. We still have to rely on other products to support that. That's the only quandary I have with them. 

Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about.

When a file is infected or it detects a ransomware file network, when it does remediate, it should self-heal as Sophos does. That's a good feature to have, but I don't know enough pros and cons about that to kind of recommend that because if it is a false positive, that may be a problem. If it detected a valid file and if for some reason it decides, "Oh, this looks like an infection," and maybe it's not actually infected, and if it goes in and remediates it by replacing it with an older file, that may be a problem. However, I don't know, because I've never used that feature or heard anybody say that's a problem.

I've been using the solution for about three years now.

I have two engineers that regularly watch everything. We all get alerts. We'll see if something gets isolated, or a user will tell us. We isolate the issues and work on them so nothing gets through the endpoints into the system. Within 30 minutes to an hour, an issue can be cleared.

It's therefore very stable. We're able to catch everything before it can get it. It's reliable for sure.

They're so pro-active there's very little intervention that we have to do on our end.

The solution is easily scalable. A company shouldn't have any issues with that aspect of the solution.

Technical support is great. We've never had to contact them at all. Instead, they've always been proactive and reached out to us.

Their quarterly review manager will contact us every three months. They schedule it months ahead and we actually jump on a Zoom or WebEx meeting. They actually go through the improvements, how much detections they go through, all of our features, anything new that has been added, anything they're seeing out in the world in terms of threats, and where we need to tighten up the roles.

They would improve the sensitivity level or they will decrease the sensitivity level for some false positives. For example, they might say "Hey, we detect these, but they're not really a threat because this is just a Word document that's produced in an older format. It's not something that's malicious." Then they would decrease the sensitivity in certain areas, to eliminate the issue going forward. They always ask permission before tweaking anything. They will come to us and say, "this is what we're considering doing it and why we want to do it. Is that okay?" We usually agree to that and then they go ahead and do it.

It's just a phenomenal company. If they ever stopped the way they handle their customer service, then I would probably move on to a different company. So far they've been pretty good. For the last three years, they contacted us always and told us about every aspect of the solution. I don't think I missed a quarterly meeting so far with them due to the fact that it's all been so valuable.

Originally, we had Webroot. We used to get, every so often, a slew of viruses that would get through the cracks. I don't know if Webroot's definition didn't get updated in a timely manner or if they were just delayed in something, however, whatever it was, we used to get that intrusion quite a bit. Then we would patch it and we would have to remediate everything. It wasn't ideal. 

We were looking for a product that would be more proactive than a reactive solution, and after doing a bunch of research, we decided on CrowdStrike. 

The solution's initial setup was very simple. The only thing we had an issue with is our network operation. Is a separate organization that manages it. We have a network operation that we used for 24 hour monitoring. They don't support CrowdStrike and they were not experts in it. They stood us we would have to manage it ourselves. In the beginning, we were kind of worried about it. However, after that initial stage, the simplicity of how to install it, configure it was like a breeze.

We manage the entire solution in house. For maintenance, we have me and two engineers, plus a second level of support. There are around five people altogether.

I'm not sure of the exact cost of the solution. That's a detail our finance department handles.

We did research on Cylance. We looked at Norton as well. We went through a bunch of products and we decided CrowdStrike was probably the most advanced threat protection at that time, which was three years ago. 

One of the products we were looking at is Sophos. The reason we were looking at Sophos is we were purchasing a backup and disaster recovery tool. In that tool, they had a built-in Sophos pack; they integrated Sophos in to protect the backup and replication and recovery. That way, if a backup had infections, for some reason, and they weren't picked up, and it got into our backup product, then Sophos could kick in and pick it up. It has automated remediation, meaning it reverses back the infection before infection if that makes sense.

Sophos has a self-healing technology built into it, which is an AI technology that they invented. We were looking at that because we thought that may be a better product. We were doing some homework on that and trying to figure out more about it. We're still in the process of purchasing a backup and recovery tool, so we're still doing our homework.

We're just customers. We don't have a business relationship with the company.

I'm not sure which version of the solution we're using. The last time I checked, it was version 5.6. It is up-to-date, however. I get a report every so often saying, we've updated the sensors, or current version, etc. It's an auto-update and it does that. Whenever it's missing something or it couldn't reach an endpoint, the company will send me a report of that, saying these endpoints are not updated because we couldn't detect it on the network any longer.

The only advice I would say to others considering the solution is, if they have an unsupported operating system or legacy application, to look closely at CrowdStrike to see if the solution actually makes sense for them. This is due to the fact that they're not going to be able to support it. If they have thousands of servers and 20% of them are legacy applications, they may not want to think about CrowdStrike because the solution doesn't support legacy products. Other than that, I fully recommend CrowdStrike. The advanced threat protection they have has always been great.

I'd rate the solution a solid nine out of ten.

We primarily use the solution for real-time ransomware protection.

The solution hasn't picked up a virus yet, so I don't know if I'm able to really discuss the most valuable aspect of the solution just yet. It's very new. 

It's not costly, and it's not constantly running, it's only looking for suspicious items when it starts to take action. There's nothing constantly scanning your device, so it's not slowing anything down in that respect. That's what I liked about it the most. 

It's not your traditional antivirus that just sits there constantly scanning your computer for Trojans and malware, etc. This doesn't take any action until it sees something actually going on.

The initial setup is very simple.

The solution doesn't have a whole lot of email security on offer. We did know that going into the purchase, however. We decided to get a different solution for that aspect of security.

They have a sandbox feature, but it's all they do. They have different grades. There's the Socket Pro and then there's an ADR. Then there's another one where they pretty much watch your system for you. And it's all different. It's all based on the price you want to spend. I wasn't going to drop a large amount of money.

They don't really have anything when it comes to scanning attachments. That would be something I would like.

I've only been using the solution for one month. It's still a relatively new product for us.

The technical support so far has just been helping with the setup via the initial webinar. The technician was very knowledgeable. He knew what each feature meant. If I had a question about it, he went into great depth. I've been quite satisfied with technical support so far. As a whole, they are very easy to work with.

I had Bitdefender for three years before switching to this solution.

They were fine. I didn't have a lot of problems, but I'd been hit with ransomware four times while I had Bitdefender. I considered that as kind of a sign that maybe we should change things up.

The malware, as far as uninstalling, wasn't triggering the antivirus. I wanted something a little more advanced, due to the fact that the Ransomware protection just really wasn't there. The anti-virus aspect was pretty good. The email protection was pretty good, as well.

The initial setup is pretty easy. It's very simple to work with. It's been really easy to install.

I did one webinar with a support engineer. He showed me how to set it up, and to run with it. 

We just did a screen share. He gave me insights into the best possible way to set it up and that's how I rolled it out. It was a helpful experience.

The pricing on CrowdStrike is per license. It was about $42 per seat yearly.

I looked at Komodo, a Gen One antivirus. I liked their product. It was pretty good. They have what is called a sandbox feature where you could take a file or the endpoint security will take the file and dump it into like a virtual sandbox and run it to test its safety. It turned out the file was malware, the solution would remove it. 

We decided not to go with it, however, due to the fact that it didn't have many reviews. Komodo is actually cheaper than CrowdStrike. I've been down the road before with bad antiviruses and had some bad experiences. Since they didn't have a whole ton of notoriety out there, you didn't see a lot on it, which kind of scared me away from it, even though I liked what they had.

CrowdStrike, it's new, however, Amazon uses it. My thoughts are if it's good enough for them, I assume it's good enough for me.

We looked at Sophos as well, however, it was very expensive. Sophos offers everything, and they are a great product, however, for us, the price was just too much.

We're just a customer. We don't have a special relationship with CrowdStrike.

We're using the most up to date version of the solution right now.

So far, I've had good luck with this solution. That said, it hasn't hit anything. I won't get a true test until I actually get somebody that sends up malware. In the meantime, no news is good news.

I would rate the solution nine out of ten right now. They're pretty good. I haven't done anything super-advanced or to spec. There's a lot there to work with if I want to, however, I keep it pretty basic. I only have a couple of policies. It's not a huge company, so it's not real hard.

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

We rely on our environmental security and we haven't had any infections so that's valuable for us. It means we haven't lost any time due to the system being down from ransomware or anything like that, so it's quite positive. 

Improvement could be made in the number of false positives we get, there are more than there needs to be. Typical Windows functions sometimes get stopped by CrowdStrike. In general, I'd rather err on the side of safety but some of these are really straightforward functions that should get through.

For the future, I think they need to keep building on their extensibility, the capability to be extended, so that it's not lost and we can utilize the knowledge that we're gaining from the endpoints. 

I've been using this solution for a little over a year. 

This is a stable solution, I'm unaware of any failures. 

Scalability is expensive but it works. We've installed it on more than 900 machines in the corporation and it covers every role from civil engineers, architects, HR people, office workers and the server. Maintenance takes the equivalent of one full-time position but it's a shared responsibility among the IT team. 

The technical support do a good job. 

The initial setup occurred before I began working here although I believe it is quite straightforward. The install process for machines is pretty good. If we want to de-install it's not so great, but overall it's tolerable.

I believe that we pay about US$ 65,000 annually which covers 900 machines in the company. There are no other costs but there are additional features that can be purchased but we haven't done that. 

CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side.

I would rate this solution an eight out of 10. 

I use it for cloud workload protection and threat detection in AWS environments.

The pay-as-you-go model enabled me to deploy quickly from the AWS Marketplace management account.

It scaled protection for workloads without upfront commitments and reduced the initial operational overhead.

It provides real-time visibility into cloud threats, helping stop breaches faster in dynamic AWS setups.

I find the seamless AWS integration and single lightweight agent to have minimal performance impact.

The cloud-native SIEM and runtime security leverages threat intelligence for proactive detection.

Flexible billing through AWS is ideal for startups testing security without long-term locks.

I believe that AI-powered SOAR workflow suggestions could streamline incident response.

I have been using it for 1 month.

We are a new startup, so we did not use any previous solutions.

The pay-as-you-go model excels for startups with variable AWS workloads, avoiding large upfront costs and scaling with usage.

I evaluated Prisma Cloud, Wiz, and Orca Security alongside native AWS options.

CrowdStrike Falcon for AWS (pay-as-you-go) delivers strong cloud-native protection via AWS Marketplace, which is ideal for startups scaling workloads.

I use CrowdStrike Falcon for EDR and security purposes. Also, I am using file integrity monitoring, asset management, and patch management modules. Additionally, I'm also utilizing an identity protection module.

CrowdStrike Falcon needs to improve their host management system.

I have been using CrowdStrike Falcon for a year and a half. I am using the latest version. I am a partner of CrowdStrike.

The solution offers great stability. I have faced no issues with the tool.

There are 5,000 users using the solution.

I only contacted technical support to ask a few questions, and they helped me out.

The solution's initial setup process was easy. The deployment process took only 10 hours for 5,000 clients.

The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality.

Protection has been good in the solution. I got only one false positive in a year and a half, which is great.

There is no suggestion to provide because it is easy to implement, and there are no exclusions or testing required. If you plan to try it, it should work well without any issues.

Overall, I rate the product a nine point seven out of ten.

We use it to monitor everything related to the activity and to block any malicious activity. We are new in the security field in our company.

All the features are beneficial.

They should provide us with good visibility for everything.

We have been using this solution for two years, and it is deployed on cloud. We are also using the latest version.

The stability is amazing, and we don't have any issues.

It is scalable. We have 700 users, and we plan to increase the usage. We only need about three technical staff for deployment and maintenance, a senior systems engineer and two infrastructure managers.

We've used technical support, and I rate them a ten out of ten.

Positive

The setup was straightforward, and it took one month to enable the policy and use cases. We completed it in-house.

It has an annual license, and it is not that expensive.

We evaluated Trend Micro before moving forward with CrowdStrike Falcon.

I rate this solution a ten out of ten. Regarding advice, it is important to learn about CrowdStrike Falcon's capabilities and features. It would be easier to use if they gave that understanding.

We primarily use CrowdStrike Falcon for malware detection, endpoints, and application behavior detection. The company has different teams, but our team handles the Windows and Mac hosts.

Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches.

Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement.

Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data.

In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network.

I've been using CrowdStrike Falcon since January or February, so it's been eleven months, but my company used it even before I joined the organization.

Overall, CrowdStrike Falcon is a stable product. My company is satisfied with its stability.

Per my experience, CrowdStrike Falcon is scalable.

The CrowdStrike Falcon technical support is good because it's responsive, and the team reverts to you within a reasonable timeframe and in an excellent manner, which is essential for support. However, my team didn't have many cases because CrowdStrike Falcon doesn't require much support.

My company also took product training and implemented the learnings within the environment. CrowdStrike Falcon is effective and gives the required throughput and output, so in the last ten or eleven months, support cases have been very low, but whenever an issue is raised, the level of support has been excellent.

The company previously used Kaspersky, but CrowdStrike Falcon was far better. I heard that there was some attack, and Kaspersky couldn't handle that. CrowdStrike Falcon, on the other hand, offers excellent protection even from multiple malware attacks, and it has a good application behavior analysis feature.

My company did extensive penetration testing on CrowdStrike Falcon, which had good or far better results than Kaspersky. The company had a bad experience with Kaspersky.

The initial setup for CrowdStrike Falcon is moderate in terms of difficulty, so it's not very easy, but it's not complex as well.

How long the setup takes depends on how you want to deploy CrowdStrike Falcon, but at the moment, it doesn't take much time for my company. It's quicker, but any company implementing CrowdStrike Falcon for the first time may need some good training or some hands-on experience. Otherwise, compared to other products, I would say CrowdStrike Falcon is better, implementation-wise.

As I'm part of the technical team, not the budgeting team, I don't have information on CrowdStrike Falcon pricing.

My company uses multiple products related to cybersecurity, for example, Netskope. For endpoint security, my company uses Microsoft Defender ATP and Endgame. My company is also working with CrowdStrike Falcon. For vulnerability management, my company uses Qualys, in particular for the AWS environment.

I don't remember the exact version of CrowdStrike Falcon I'm using, but I know that the tool is on Windows, Mac, and some AWS environments within the company.

Within the company, the total number of endpoints is around seven hundred. Two admins handle the endpoints for CrowdStrike Falcon.

My advice for anyone looking to implement CrowdStrike Falcon is to go for it, especially if you want to add value to your cybersecurity, specifically endpoint protection and application behavior analysis. CrowdStrike Falcon has reliable results, so I prefer it over other tools.

My rating for CrowdStrike Falcon is nine out of ten.

My company is a customer, and not a partner of CrowdStrike Falcon.

We use Falcon to protect around 500 endpoints.

The detection is very effective.

I have been using Falcon for two years.

I'm happy with CrowdStrike technical support. I rate CrowdStrike support 10 out of 10. 

Positive

CrowdStrike is very easy to set up. We upgrade it once annually. 

We pay an annual license. CrowdStrike costs a little more than its competitors. However, it's the best solution available, so we are fine with the price.

I rate CrowdStrike Falcon 10 out of 10.

I mainly use Falcon for endpoint protection.

Falcon has decreased the load on our analyst team because they don't have to manually contact the system owners to stop that particular event from happening as Falcon detects threats and quarantines the machines itself.

Falcon's best feature is its detection and blocking of threats.

Falcon could be improved with more function on the mobile end of things and better optimization with mobile devices. In the next release, CrowdStrike should include the ability to send logs to SIM tools.

I've been using CrowdStrike Falcon for three years.

Falcon hasn't missed any attacks - it's very stable and reliable.

I'm very happy with CrowdStrike's technical support.

Positive

The initial setup was straightforward because the vendor helped us throughout, and there was training while it was being deployed. The deployment took between one and two weeks to complete.

We used an in-house team.

I would recommend anybody looking at Falcon to go for it because it's an easy-to-understand solution that's really worth having. I would give Falcon a rating of nine out of ten.

This is an EDR solution used for antivirus purposes. It is used for vulnerability assessments, security posture management and to safeguard a business from all kind of attacks.

This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs.

This solution could be improved with greater scope for admins to make changes to the solution. Human input and intelligence has little value as the solution is built on artificial intelligence. 

I have used this solution for two years. 

This is a stable solution. 

This is a scalable solution. 

The customer service and support team are very good but it can be challenging to get hold of them.

Neutral

The initial setup is straightforward because it is a cloud only solution. 

This solution offers annual subscriptions. The pricing for this solution could be reduced.

The policies are very simple to create and offers very minimum options. Based on this, I would recommend those implementing this system make full use of all the features from the beginning. 

I would rate this solution a nine out of ten.