CrowdStrike Falcon Reviews

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

I was able to look through some rapid analysis when bad things happen. More so than having to get, especially in the distributed world of post-COVID, being able to have a central place to be able to see what's going on, on the landscape of endpoints at any given time.

The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system. What does it usually do, and is it doing anything differently?

The UI is great, and the performance was great. The way it gathers and presents the information was very good and it integrates well with things with a central log aggregator, such as Splunk. You can do more big data analytics that includes security. It seems to be fully featured in all of those areas.

I think there's an opportunity to enhance the AI or at least the traps to say, if something changes from this baseline, let us know and flag it. It's got a pretty good engine to do that on its own but it's one of the things that are important to us, so I'm just trying to increase the time-to-issue identification.

By comparison to buying into the Microsoft suite, it was definitely less costly. CrowdStrike can be costly.

I have had this solution for approximately three years.

It seems stable. The performance is good.

It's a scalable solution. They are running 1400 endpoints on it right now, and it seems to be fine.

There is only one person working at it right now and they are the security engineer/operator.

If you look at how they spend their day, a tool like that does a lot with a little and can make a one man band pretty effective or much more effective. It makes the response to an issue right when it happens way more possible with such small security. 

We haven't used technical support.

The initial setup was already completed before I started with this company.

When comparing to Microsoft, CrowdStrike Falcon is more expensive.

I'm going by the client and some of the things that are driving their decisions. 

It's typical when Microsoft throws things in and it seems really cheap, even though you're spending a million and a half dollars with them. You may as well increase the value of that million and a half.

My guess is that CrowdStrike is going to maintain parity or stay ahead of Microsoft.

As I came into this organization, they were moving away from CrowdStrike. 

They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. 

They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then.

I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled?

When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. 

I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool.

For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. 

I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet.

I would rate this solution an eight out of ten.

The primary use case is digital security investigations using the dashboard.

Every week, a manager would look at a detailed report to see what kind of CrowdStrike incidents we had.

The most valuable feature is the indicator of compromise, which shows you what file was either quarantined or removed. It shows you the malicious files in question, as well as the exact time, the machine, the endpoint, and the host IP address. Everything you need to know is right there in a single dashboard.

Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do. It is quite a pricey product.

I used CrowdStrike Falcon in my last two cybersecurity jobs, over a period of at least two years.

The product is stable as a rock. I have never seen any crashes. When it came to patching updates, we were always notified. It is not Windows-based, but rather Linux or Unix-based. It was more stable than any Windows product.

We had a small shop, so we never had any reason to scale.

The technical support is pretty good. They're trained in their product and they have a system in place where if the first line of support does not resolve the issue, they are emailing us directly back and forth, and they'll hand over the problem from one shift to the next.

It is not very difficult to get in touch with the support team, although it does require clearance from whoever handles the money aspect. You have to be really careful because they will charge you fees for any kind of solution that they provide.

I have used them twice, once for each company that I was working for. The first time, we used the CrowdStrike service to do the investigation so that we could focus our time on other products. They have teams that will act like a managed service provider to take care of incidents. We handled major incidents in-house but we let them handle the minor ones.

With the second company, we had to do the investigations as the incidents came in, so it was two totally separate vantage points. Both worked extremely well in both manners and forms.

CrowdStrike was already in place before I arrived, at both places where I have used it.

We were also using Carbon Black, as well as other tools, but they were not being used to the same degree. I think that we were using Carbon Black for white-listing applications.

I also spent a lot of time using Nessus, which is a vulnerability scanner. I would look at scans to see what kind of vulnerabilities were present, and patch management updates with other teams.

I was not there for the initial setup, but what I did learn was that the implementation team came in and worked with our engineering team. They set it up and then our team verified that all of the endpoints where there and that we had the visibility we needed for all of the subnets in all of the locations.

When I spoke with my teammate, I was told that it was pretty much straightforward and out of the box. The fact that it is a cloud-based deployment made it easier, too.

Our licensing fees were between $50,000 and $60,000 per year, which was pretty expensive for a small business. It is not a one-time payment. Any upgrades that you want to do, you're going to have to pay multiple times.

My advice for anybody who is implementing CrowdStrike Falcon is to get in touch with the vendor and then follow best practices. They have a lot of documentation and everything is there. For the most part, I would suggest looking at the technical support documentation first and then contacting a representative at the vendor to continue the process.

Most companies have it integrated with the SIEM and with their ticketing system, although I did not use it in that capacity because it costs more money.

Most of the time, you're not going to have to lay a finger. Once it finds an infected file, you might have to reboot the computer if it can't immediately remove it, or other such minor stuff. In general, however, it's never given me any issues and it's never given me a headache. Overall, it's very straightforward and just one tool out of the whole.

I would rate this solution a nine out of ten.

We primarily use the solution for threat intelligence.

The threat intelligence on offer is the solution's most valuable aspect.

The solution is very stable.

The solution can scale easily.

The pricing is very competitive.

The solution overall is a good product, and we don't see too much room for improvement.

Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply.

The solution could use better device control.

I believe I've been using the solution for the past three years.

The solution is very stable. We don't find there are any bugs or glitches. We haven't had it crash or freeze on us. It's quite reliable.

The scalability of the solution is good. If a company needs to expand out, they can do so easily with this solution.

In our organization, we have about 2,500 people using the solution. We already use the solution at 100% capacity, meaning everyone in the company uses it. If new employees are onboarded, they also use the solution. Chances are, we will increase usage int he future.

Technical support could move a bit faster. We find that it takes time - at least a day - to reach support and then get a response. Therefore, we're not completely satisfied with the level of service provided to us. It's an area that could be improved upon for sure.

We used to use Carbon Black. We switched due to the fact that this solution offered us better partnership offers.

The initial setup is not complex. It's very, very easy.

You can set up and deploy the product in 30 to 40 minutes. It's straightforward.

You only need a few people to handle deployment and maintenance.

The price is very reasonable and quite competitive in the market.

Before choosing this solution, and switching from Carbon Black, we looked at Endgame and Kaspersky.

We are working with all the versions for the most part, due to the fact that we are partners of CrowdStrike and we position CrowdStrike to our customers. We also use the solution for our company.

I'd recommend the solution to others, however, I would advise that they try it first as a POC so that they can first see the value of the product.

Overall, I'd rate the solution eight out of ten. If technical support could be faster and there was more device control, I would rate the solution higher.

We primarily use the product as a security solution.

Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon. 

The machines are flawless. They don't have any issues. There I don't even recognize the machines which are on endpoints. Even when I go to the console to check these machines, they are working on a very good level, even though the wireless migration should detect those aspects. 

The AI features are pretty good.

They've recently introduced more webinars that make remote learning of the solution very easy. For people such as myself, or even a company looking to develop their skillsets and interested in better understanding the cloud, providing good web courses is really helpful.

I'm new to the solution. Currently, I'm comparing it to other EDR solutions to see if anything is missing, however, I'm still learning the ins and outs of the product.

It may be due to the fact that I am new, however, I'm having trouble understanding their licensing.

It does take more time to scan than other solutions.

The solution should continue to make the learning curve as short as possible by providing even more training and documentation.

I've been working with the solution for two months. I recently joined my company and they mostly prefer using CrowdStrike Falcon. The solution is pretty new to me.

The stability of the solution is excellent, especially in a market like India.

The product is very scalable. The solution can scale well, especially for small setups looking to expand out in the future.

If they're having an issue, we tend to stick to the team and occasionally reach out to the support team of Falcon CrowdStrike.

I've never directly been in contact with the technical support team, however, my colleagues have. I'd say that overall we are satisfied with their level of service. Typically, their technical support team will give us direct intel and then our internal team with resolve the issue, so it's a true partnership.

Also, during the pandemic, they've provided everyone with lots of webinars to help their clients understand the solution better. For me especially, being anew user, I'm benefitting from this new level of service.

We've used different solutions in the past. It really depends on the environment. That typically dictates which solution we would implement. We use, for example, McAfee as well. I personally have worked with Amnesia.

When it comes to Amnesia, initially I was able to employ them on my on-premise machine. I have installed Falcon on the cloud and infrastructure, however, I haven't dealt with the on-premise deployment. 

You can use Amnesia with McAfee. Apart from that you also have a provision for signing with McAfee and using their host software and the server software and their media solution and placing those onto an on-premise machine or onto a particular server and you would have the ability to administrate from there. That's more for a company that is into privacy and doesn't want to share their data on a cloud.

The solution isn't complex in terms of setup. It's very straightforward, actually.

I'm sure that for small environments or a company that may scale up, the installation would be minimal. It wouldn't be a standard installation, however, we're able to implement rather easily in small environments.

The solution is much more costly than other cloud or on-premises solutions. However, it offers good stability, so if a client can afford it, we tend to recommend it as an option.

I'm currently checking other EDR solutions to see what is on offer. Clients are asking about McAfee and Symantec, so I am looking at those as options.

I'm unsure which version of the solution we are using.

I'm currently practicing my skills on this EDR solution. I have worked with this software and I've already collaborated with my seniors who are currently experts on this particular product. I'm getting pretty good help. 

Most of our clients have their own infrastructure which is mostly on the cloud. They have their own solid, robust infrastructure. When it comes to small environments that are currently adapting to the cloud, CrowdStrike could be a great opportunity. The solution, for example, doesn't require a minimum installation. It can work well for very small companies as well as larger organizations.

If a company has the financial means, we tend to recommend this product. There are great security features on offer that are much better than other options in India at this time.

I'd advise companies considering this solution to check their resources. They have to choose the option between being on-premise and the cloud option. They need to try and run it before adopting any solution. It's important also to consider security and monitoring for threats.

Overall, I'd recommend companies study their environment and check and compile an e-solutions calendar. There's a lot of them. Microsoft has provided a 99GB advanced dataset collection and it is on the cloud.

I'd rate this product seven out of ten overall. While I've never had any problems with it, there are just so many other options on the market.

We primarily use the solution for real-time ransomware protection.

The solution hasn't picked up a virus yet, so I don't know if I'm able to really discuss the most valuable aspect of the solution just yet. It's very new. 

It's not costly, and it's not constantly running, it's only looking for suspicious items when it starts to take action. There's nothing constantly scanning your device, so it's not slowing anything down in that respect. That's what I liked about it the most. 

It's not your traditional antivirus that just sits there constantly scanning your computer for Trojans and malware, etc. This doesn't take any action until it sees something actually going on.

The initial setup is very simple.

The solution doesn't have a whole lot of email security on offer. We did know that going into the purchase, however. We decided to get a different solution for that aspect of security.

They have a sandbox feature, but it's all they do. They have different grades. There's the Socket Pro and then there's an ADR. Then there's another one where they pretty much watch your system for you. And it's all different. It's all based on the price you want to spend. I wasn't going to drop a large amount of money.

They don't really have anything when it comes to scanning attachments. That would be something I would like.

I've only been using the solution for one month. It's still a relatively new product for us.

The technical support so far has just been helping with the setup via the initial webinar. The technician was very knowledgeable. He knew what each feature meant. If I had a question about it, he went into great depth. I've been quite satisfied with technical support so far. As a whole, they are very easy to work with.

I had Bitdefender for three years before switching to this solution.

They were fine. I didn't have a lot of problems, but I'd been hit with ransomware four times while I had Bitdefender. I considered that as kind of a sign that maybe we should change things up.

The malware, as far as uninstalling, wasn't triggering the antivirus. I wanted something a little more advanced, due to the fact that the Ransomware protection just really wasn't there. The anti-virus aspect was pretty good. The email protection was pretty good, as well.

The initial setup is pretty easy. It's very simple to work with. It's been really easy to install.

I did one webinar with a support engineer. He showed me how to set it up, and to run with it. 

We just did a screen share. He gave me insights into the best possible way to set it up and that's how I rolled it out. It was a helpful experience.

The pricing on CrowdStrike is per license. It was about $42 per seat yearly.

I looked at Komodo, a Gen One antivirus. I liked their product. It was pretty good. They have what is called a sandbox feature where you could take a file or the endpoint security will take the file and dump it into like a virtual sandbox and run it to test its safety. It turned out the file was malware, the solution would remove it. 

We decided not to go with it, however, due to the fact that it didn't have many reviews. Komodo is actually cheaper than CrowdStrike. I've been down the road before with bad antiviruses and had some bad experiences. Since they didn't have a whole ton of notoriety out there, you didn't see a lot on it, which kind of scared me away from it, even though I liked what they had.

CrowdStrike, it's new, however, Amazon uses it. My thoughts are if it's good enough for them, I assume it's good enough for me.

We looked at Sophos as well, however, it was very expensive. Sophos offers everything, and they are a great product, however, for us, the price was just too much.

We're just a customer. We don't have a special relationship with CrowdStrike.

We're using the most up to date version of the solution right now.

So far, I've had good luck with this solution. That said, it hasn't hit anything. I won't get a true test until I actually get somebody that sends up malware. In the meantime, no news is good news.

I would rate the solution nine out of ten right now. They're pretty good. I haven't done anything super-advanced or to spec. There's a lot there to work with if I want to, however, I keep it pretty basic. I only have a couple of policies. It's not a huge company, so it's not real hard.

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

We rely on our environmental security and we haven't had any infections so that's valuable for us. It means we haven't lost any time due to the system being down from ransomware or anything like that, so it's quite positive. 

Improvement could be made in the number of false positives we get, there are more than there needs to be. Typical Windows functions sometimes get stopped by CrowdStrike. In general, I'd rather err on the side of safety but some of these are really straightforward functions that should get through.

For the future, I think they need to keep building on their extensibility, the capability to be extended, so that it's not lost and we can utilize the knowledge that we're gaining from the endpoints. 

I've been using this solution for a little over a year. 

This is a stable solution, I'm unaware of any failures. 

Scalability is expensive but it works. We've installed it on more than 900 machines in the corporation and it covers every role from civil engineers, architects, HR people, office workers and the server. Maintenance takes the equivalent of one full-time position but it's a shared responsibility among the IT team. 

The technical support do a good job. 

The initial setup occurred before I began working here although I believe it is quite straightforward. The install process for machines is pretty good. If we want to de-install it's not so great, but overall it's tolerable.

I believe that we pay about US$ 65,000 annually which covers 900 machines in the company. There are no other costs but there are additional features that can be purchased but we haven't done that. 

CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side.

I would rate this solution an eight out of 10. 

I use CrowdStrike Falcon for EDR and security purposes. Also, I am using file integrity monitoring, asset management, and patch management modules. Additionally, I'm also utilizing an identity protection module.

CrowdStrike Falcon needs to improve their host management system.

I have been using CrowdStrike Falcon for a year and a half. I am using the latest version. I am a partner of CrowdStrike.

The solution offers great stability. I have faced no issues with the tool.

There are 5,000 users using the solution.

I only contacted technical support to ask a few questions, and they helped me out.

The solution's initial setup process was easy. The deployment process took only 10 hours for 5,000 clients.

The tool is a little bit expensive compared to other products, but I think it's okay owing to its quality.

Protection has been good in the solution. I got only one false positive in a year and a half, which is great.

There is no suggestion to provide because it is easy to implement, and there are no exclusions or testing required. If you plan to try it, it should work well without any issues.

Overall, I rate the product a nine point seven out of ten.

We use Falcon to protect around 500 endpoints.

The detection is very effective.

I have been using Falcon for two years.

I'm happy with CrowdStrike technical support. I rate CrowdStrike support 10 out of 10. 

Positive

CrowdStrike is very easy to set up. We upgrade it once annually. 

We pay an annual license. CrowdStrike costs a little more than its competitors. However, it's the best solution available, so we are fine with the price.

I rate CrowdStrike Falcon 10 out of 10.