CrowdStrike Falcon Reviews

CrowdStrike is a malware protection solution that is deployed on a private cloud across all areas of our organization. We have deployed the solution to 10,000 users. Roles-based it's the security team. 

We recently upgraded to a new feature that is set to roll out. CrowdStrike is a requirement, it's our standard. If you have a new OS deployed or a new server deployed, this is a required component. It has been automated as we grow and as we add more systems.

CrowdStrike allows us to sleep better at night.

I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution.

This solution lacks basic functionality, such as being able to perform on-demand scanning. This presents a challenge when it comes to the payment card industry, PCI which has that as built-in requirements for the PCI DSS standard.

I would also like to see the endpoint firewall component produce some level of logging and feedback. 

I have been using CrowdStrike Falcon for three years.

CrowdStrike is very stable, we've had very few technical issues. The false positive rate is average. It has been very easy to manage and to determine where issues are.

This solution is very scalable. It is easy to roll out more agents and is fairly automated. We have it deployed in multiple environments such as hybrid versus cloud versus private. 

We have had very positive interactions with not only our manage service provider, but the vendor directly. They've offered good support when we've had some questions and concerns. Their documentation is fairly extensive.

We follow trends to make sure we have the best product for our organizations. The one we were using fell behind a bit. We wanted something that was completely cloud-based so that the infrastructure wasn't on-prem and we wouldn't be required to manage the upgrades of servers and applications. 

The initial setup was moderate. There is a lot to think about and a lot to plan out, however once that is done the actual deployment is straightforward. We used a tiered deployment, deploying the product in a learning mode or logging mode only. We also did a tiered deployment by division and then enabled features by division to make sure that if there was an impact, we could at least contain it to one area and revert back as quickly as possible.

We deployed with an integrator. They were very knowledgeable and knew what they were doing. They involved the vendor when required. We use half of an FTE to maintain the solution. We also have a managed service provided that also integrated the log files from this product into our SIM. We are pointing all the logs to a log reporting utility that allows us to react to alerts. 

Because we are information security, we come with a price tag, unfortunately. When we look at it as a whole, we are able to sleep at night, we have a good solution and it is protecting us from the zero-days and the latest malware. I don't know what you put the cost of breach prevention at.  We feel we are using a product that is at the top of the industry. We are doing as much as we can to protect our organization, so there is the return on investment that way.

We pay yearly for the solution. It makes it easier for budgeting purposes. We did incur additional costs when we implemented their firewall solution, calling it the endpoint firewall. 

We're constantly looking for other options the industry's top solutions and where the industry is going next. In cybersecurity, we ensure we are protected today but also make sure that we are thinking towards the future and analyzing other solutions to see if they are better, or potentially better in the future.

If you are looking at CrowdStrike, plan appropriately. Make sure you have planned it out and do your testing. We found that it was legacy-friendly. We have a lot of legacy applications and we were concerned about that. We ran into some minor issues but we did find that it was friendly, however, there were some newer applications that the product did not interact with as well as we expected. They were easy fixes, but you should do your due diligence so you run into fewer surprises.

I would rate CrowdStrike a 9 out of 10.

We primarily use the solution for our Windows and Macs.

The detection and response have been excellent overall. We've had no ransomware attacks. 

We found the initial setup to be straightforward. 

The solution is stable. 

Scalability hasn't been an issue for us.

The price is too high.

I've been using the solution for three years now. 

The stability has been fantastic. We have never had an outage. There are no bugs or glitches. The performance is great.

As we are a smaller organization, scalability hasn't been an issue. It's been very good so far. 

We have about 120 users and they include technical people, salespeople, project managers, and developers.

This solution is being widely used in our organization as it is mandatory. All of our users need to have it. 

The product works really well. We very rarely had to reach out to technical support. When we reached out to them, they've been pretty good.

We were in the old McAfee EPO and with all the ransomware and all that stuff hitting us, we found that McAfee wasn't really cutting it. That's why we switched.

The initial setup is simple. It's not overly complex or difficult. 

For us, the deployment took a couple of weeks and we were good to go.

You need very few staff members for deployment and maintenance. 

We did not use an integrator, consultant, or reseller to help us with the implementation. We were able to handle it ourselves.

There's not really an ROI. The ROI is that we haven't been hit by ransomware.

The product is quite expensive. It's higher than the competition in general in terms of cost. 

We pay a yearly licensing fee.

They also offer what they call the Falcon Complete, which was a complete managed service, which we chose not to go with. We measured it ourselves.

We looked at Carbon Black, Cybereason, and Microsoft Defender ATP. We chose CrowdStrike, as it's always easy to use. It was the most mature product as well. We liked what Gartner had to say about CrowdStrike.

We're a managed security services provider.

I can't speak to the exact version of the solution we're using at this time. 

I would advise users to just follow the advice of CrowdStrike. They have some very good manuals and YouTube videos and stuff of that. It's a complex piece of software, however, you need to work very well and make sure your implementation is correct.

I'd rate the solution at a ten out of ten.

It is used for stopping data breaches. 

It is totally on the cloud. It cannot be deployed on-prem. They don't have any on-prem options.

It is very useful for endpoint protection and stopping data breaches. That's its real strength.

I like the Overwatch feature the most. 

Its performance is brilliant. It is a good, lightweight agent. I've seen it do really good things on the endpoints, and there is no problem with its performance.

On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant.

I have been using this solution for four years.

It is stable.

It is the most scalable solution among all solutions that I've seen so far. Because it's cloud-based, it's really quick to roll out to 1,000, 10,000, or 100,000 endpoints. You can scale it depending on how many endpoints you've got. It is a good solution.

We have about 10 customers who use this solution.

My experience has been good so far.

Its installation is quick and easy. I wouldn't change anything there. The duration depends on the number of endpoints to which you want to push it, but it is fast. I've seen them roll thousands in a matter of hours.

The number of people required for its deployment and maintenance depends on the package you take, but generally, it has a much lower requirement than any other endpoint protection solution.

My advice is to go with a partner that has got experience. I would also advise seriously considering the Overwatch feature. 

I would rate it a nine out of 10.

CrowdStrike Falcon is leading the market in EDR. They are the first that to have this kind of solution against malware. They have an advantage in respect to the rest of the competitors. They offer a certain amount to protect in case of malware or cyber-attacks. They have a policy or insurance connected to the service. That's the reason why we choose CrowdStrike over other solutions.

The most valuable feature is the machine learning that they use to check certain patterns in the endpoint devices. It checks the whole ecosystem or entire environment.

I am very happy with CrowdStrike Falcon because it does not use a lot of resources in the endpoint, it's a lightweight solution. It provides good protection and it is very effective. Additionally, it is easy to integrate, has great features, good capabilities, and the users have a positive experience.

I have been using CrowdStrike Falcon for approximately one year.

CrowdStrike Falcon is stable.

I have found CrowdStrike Falcon to be scalable.

I have not needed to use technical support.

The cost of CrowdStrike Falcon could be reduced. It is quite expensive if you compare it to other solutions, such as Blue Coat, Symantec, McAfee, or Kaspersky.

My advice to those wanting to use CrowdStrike Falcon is to try it out to see if it works well in their environment. I consider CrowdStrike Falcon is a very accurate solution. They are confident about the capabilities of their solutions because they offer money or payback if there is a high-impact cyber incident or cyberattack while using the solution.

They need to have special consideration about the different plans and budgets that they need to get the solution that they want.

I rate CrowdStrike Falcon a ten out of ten.

CrowdStrike Falcon is working on our production servers.

CrowdStrike Falcon is a very light solution. It does not use too much processor or RAM.

In the future release of CrowdStrike Falcon, they should add a sandbox feature.

I have used CrowdStrike Falcon within the past 12 months.

The solution is stable.

CrowdStrike Falcon is scalable. We have approximately 400 servers using this solution.

We have plans to increase the usage of this solution in one or two years.

We used technical support for the implementation of the solution and it was a good experience. They know the products well and they were able to give us all the answers to the questions that we had.

The setup is really easy. The full deployment took two months.

For the deployment of the solution, we used a three-person team and for the maintenance, we use the whole infrastructure team of four people.

The price of CrowdStrike Falcon could be better. It is very expensive, we pay approximately $900 per month for the licenses. There are not any additional fees.

Before choosing CrowdStrike Falcon we evaluated Sophos and Microsoft solutions.

The product is really good, but there is a lot of additional features that you need to have for it to be a complete solution. Be sure that your budget is enough to acquire the complete solution that you need.

I rate CrowdStrike Falcon a ten out of ten.

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

I like the detection rates of mobile threats.

The policies allow us to define the level of protection.

The dashboards are good, as well as user management.

The management reporting functionality needs to be improved.

We would like to see more features for vulnerability management included.

We have been using CrowdStrike Falcon since one year.

This is a stable product.

We haven't had any problems with scalability and it expands with the company's needs.

We have 20,000 users and about 20 of them are administrators.

We have been in touch with technical support for a few issues. They are quite good and the response is fast.

We were using Cylance prior to CrowdStrike, and these two products overlapped for a time. We also use an on-premises solution called F-Secure.

CrowdStrike has a much lower rate of false positives than Cylance and the dashboard makes it easier to use.

The initial setup is very simple. It took two months to deploy for 20,000 clients.

Our in-house team handled the implementation and deployment. No maintenance is required.

The pricing is good and there are no costs in addition to the standard licensing fees. It is similar to that of Cylance and our on-premises solution.

This is a product that I absolutely recommend.

I would rate this solution a nine out of ten.

We have various use cases. We are protecting servers and endpoints that are utilizing this product to focus on advanced, persistent threats, with the goal of reducing the overhead on the endpoint for early detection.

Right now, we have not put enforcement, and we're moving to the next level of detection.

Using this solution has reduced my need for imaging. We can mitigate the issue and address it immediately, for people both on and off of the network.

The most valuable feature is that we don't need to re-image machines as much as we had to.

They need to strengthen the forensic capabilities of this product, for e-discovery.

We started testing and deploying CrowdStrike Falcon about a year and a half ago, in the early part of 2019.

In terms of stability, it's a great tool.

At this time, we have between 5,000 and 6,000 endpoints.

We have been in touch with CrowdStrike technical support and they have been very supportive.

Prior to CrowdSrike, we used a signature-based solution from Symantec.

The initial setup was very straightforward and very easy. We've been bringing stuff into the SWOT platform and getting that data. It has been pretty good.

The implementation was done in-house. We had, in part, help from a strategic partner, EY.

CrowdStrike is what we did for the time and for the moment. It is number two when you look at the magic quadrant, and we have implemented that for the time being. When we selected it, that was right for us to get away from a Symantec signature-based environment for endpoint detection response.

We have moved over to CrowdStrike for now. When you look at the quadrant, the number one is Microsoft. With Defender built into the operating system, there is less overhead on the endpoint. We will eventually, most likely, migrate to that.

I have experience with Cylance, as well. They gave that the advanced persistent threat leader title, at one point in the market. I implemented that for one client and now, being in this CISO role, I went with CrowdStrike over Cyberreason and Cylance/Blackberry. The main reason for CrowdStrike is the Falcon technologies and what they do with their strategy.

We're moving to Office 365, and it will make sense for me to adopt Microsoft Defender because it's integrated into the platform. One of the differences between Defender versus CrowdStrike or any other of them is that they have to sit outside. Microsoft Defender can go deep down into the kernel, and that's a good thing for the endpoint. You can do a lot and detect a lot, which makes it far safer against advanced persistent threats.

Overall, this product has been pretty good and I recommend it.

I would rate this solution a nine out of ten.

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

Falcon Protect looks at processes and issues in real-time.

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

I have been using CrowdStrike Falcon for the past year and a half.

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.