CrowdStrike Falcon Reviews

In my cybersecurity strategy, I use CrowdStrike Falcon mainly as an EDR solution for us. Currently, we are using it as an EDR. We are also in discussion along with the CrowdStrike team where we can have a managed SOC integrated.

In the online industry, we are using CrowdStrike Falcon, specifically in online classified, which you could call e-commerce.

For threat detection, the most effective feature I find in CrowdStrike Falcon is 24/7 managed monitoring, which is basically a next-gen antivirus and next-gen endpoint detection and response. In endpoint detection and response, the best part is 24/7 365 continuous monitoring to the endpoint for identifying any suspicious activity.

CrowdStrike Falcon serves as a next-gen AV, which basically does AI-based behavioral analysis to detect and act on malware or ransomware.

The automated response capabilities in CrowdStrike Falcon handle incidents based on the behavior of the activity, performing analysis in case it finds more objectionable content. If there is blocking or breaking any of your site map or something of that sort, it is an untraditional way. If the traffic behaves suspiciously, it triggers an automated response to block it. Additionally, if it detects a file which might have an extension of MIME type of maybe a document whereas it is self-replicating, that sends a suspicious activity alert. In such cases, the detection happens automatically. Because in case it's a zero-day, many times such files automatically get put in a sandbox to extract it and see why it is identified as malware. It offers automated threat detection as well, not only automated response.

Falcon's integration capabilities with other tools enhance my security posture because it has a very lightweight agent, and having a unified console gives us complete visibility, including endpoints, servers, containers, cloud workloads, everything.

To make CrowdStrike Falcon better for the next release, I recommend that they should have a model where it works as agentless. In terms of everything which the agent pushes to the server or to the single console, having a feature where you can have another port, which is SNMP or your network devices or OT devices, which you can specifically monitor, would be great.

I have been using CrowdStrike Falcon for more than two years now.

CrowdStrike Falcon is fairly easy to set up, according to my experience and our team's experience. Since we have a heterogeneous environment, for Windows it is very straightforward and easy, but for Linux it is a bit complex since you need to automate it. If you have a bulk force, then you have to use some CMF or something similar. Overall, it is still fairly easy.

For deployment, it takes approximately a couple of minutes.

During these two years with CrowdStrike Falcon, I certainly faced some problems, including the known CrowdStrike outage, which was quite pinching and brought many of the Windows-related services to a halt just because of one bad configuration push from CrowdStrike tracks.

Except for the incident mentioned above, I have not seen any recent issues with stability.

CrowdStrike Falcon is easy to scale for my company's needs.

I have contacted CrowdStrike for issues, and the response was poor. That particular experience was pretty bad, with people not knowing what was happening, how to mitigate, or what to do. We were in a bad situation, but after a couple of hours, their communication started flowing fine, and things gradually started improving. For that particular instance, I would rate it less than four.

Before working with CrowdStrike Falcon, I evaluated options such as Carbon Black and SentinelOne.

CrowdStrike Falcon is fairly easy to set up, according to my experience and our team's experience. Since we have a heterogeneous environment, for Windows it is very straightforward and easy, but for Linux it is a bit complex since you need to automate it. If you have a bulk force, then you have to use some CMF or something similar. Overall, it is still fairly easy.

For deployment, it takes approximately a couple of minutes.

As for return on investment after implementing CrowdStrike Falcon, I would say if it is protecting my environment, that itself meets my expectations so far.

CrowdStrike Falcon is pretty expensive.

I do not see a lot of advantages in CrowdStrike Falcon; however, because of one particular problem, we had to give away SentinelOne. Otherwise, all three products are quite comparable.

For those who would like to use CrowdStrike Falcon, I recommend negotiating hard on commercial terms because it is not an easy or affordable solution. From a commercial standpoint, you should negotiate hard, but technically, it is not very difficult.

CrowdStrike Falcon is a user-friendly tool.

On a scale of one to ten, I rate CrowdStrike Falcon an eight.

The typical use case for CrowdStrike Falcon depends on what kind of service the customer is looking for. Most customers look for antivirus, endpoint detection and response, or possibly managed detection and response, which leads them to reach out to us.

When we speak to the customer, they usually tell us that they're looking for antivirus or endpoint detection and response, and we then introduce CrowdStrike Falcon.

CrowdStrike Falcon has many valuable features. The solution is used for multiple functions, including MDR, XDR, and CNA solution. It depends on which category you're looking for, and you have to customize the customer's equation accordingly.

CrowdStrike Falcon can be deployed both on-premise and in the cloud, and it's an on-call solution that can be deployed anywhere by simply deploying the agent on the end devices.

Certain areas of CrowdStrike Falcon have room for improvement, but it depends on the specific services being discussed. CrowdStrike offers multiple services, and most of the product comes in the Falcon service, so it's important to be specific regarding whether the discussion is about ADR, antivirus, XDR, or MDR, as it's one of the best solutions in the market.

I believe nothing can be done to make CrowdStrike Falcon a ten out of ten, as I think it's one of the best solutions in the market. However, rating it a ten overall would imply there's no scope for improvement, but to survive in the market, changes must be made every day. Every customer and solution has tendencies for improvement, which is why I'm not giving a perfect score.

I have more than two years of experience working with CrowdStrike Falcon.

I find nothing to miss in terms of stability; there are no glitches, and the solution is stable.

I would rate the scalability of CrowdStrike Falcon highly because it only depends on the customer's infrastructure and what kind of scalable environment they have. There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.

I would rate the technical support from CrowdStrike as good, actually more than good.

Positive

CrowdStrike Falcon can be deployed both on-premise and in the cloud, and it's an on-call solution that can be deployed anywhere by simply deploying the agent on the end devices.

The return on investment from CrowdStrike EDR depends on each company's circumstances and how they are utilizing the solution.

The price of CrowdStrike Falcon depends on which product we are discussing, as pricing can vary significantly based on the customer's profile and budget.

We are part two of CrowdStrike. The time it takes to deploy CrowdStrike Falcon depends on the customer setup.

My clients vary in size, as we can reach all types of businesses, whether small, medium, or enterprise.

Based on my experience, I would recommend CrowdStrike Falcon solutions to other people. I rate the solution an eight out of ten.

I am using CrowdStrike Falcon for laptop, desktop, our server, and VM, including Linux, Windows server, and Linux server.

The most beneficial features of CrowdStrike Falcon are that it is easy to install, easy to manage, lightweight, and it can stop breaches.

The impact of CrowdStrike Falcon lightweight agents on system performance and visibility is good, with only one agent required.

Speaking about the utilization of Falcon threat graph for threat hunting, it helps my security team to predict and prevent potential breaches.

Considering that CrowdStrike Falcon is a cloud-native architecture, the elimination of on-premises infrastructure makes cybersecurity maintenance cost and complexity minimal, because we only need to install it and then monitor from the dashboard.

In Indonesia for SMB companies, the price is higher than other solutions.

For SMB organizations, the price may be higher than others, which means they have to think twice about it, but for enterprise companies, the cost is not a concern.

I have been using it for about six years and do not have any problems. The pricing is the only issue.

I have been using CrowdStrike Falcon since 2019, before the pandemic.

In terms of deployment of CrowdStrike Falcon, it is quite easy and there are no challenges with deployment.

As for stability, I would rate it around eight because last year they faced some downtime with around eight thousand computers, but it will improve.

For scalability, I would rate it a nine because they can scale efficiently with many users.

Technical support from CrowdStrike Falcon is good because usually in Indonesia we have a partner, and if the partner cannot address the issue, we discuss with CrowdStrike directly.

I would rate technical support a nine out of ten.

Positive

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.

I am not sure about the exact percentage of money it saves, as I have to calculate the risks, but we are satisfied because CrowdStrike Falcon has stopped breaches and prevented hackers.

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

My rating for CrowdStrike Falcon would be eight points because there are many antivirus competitors. For those who want to use CrowdStrike Falcon, they should be mindful of the higher price compared to others.

Public Cloud

Other

For our use cases, we are using it to collect IOCs, and we also are using EDR, with injection integrated with our SIM solution to create some use cases.

What I find beneficial about CrowdStrike Falcon is that it performs effectively. We are focusing only on EDR and creating use cases regarding user processes or endpoints, particularly user behavior analytics.

The CrowdStrike Falcon has enhanced our cybersecurity posture in our organization by providing full visibility for each endpoint.

The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.

The integration capabilities of CrowdStrike are excellent; we can integrate it with many SIM solutions and SOAR, and we have already integrated with different platforms. While integrating it with other platforms, I do not remember facing any issues, as we have a very good team for custom connectors, and the integration is smooth without any challenges.

We do not leverage AI within the CrowdStrike Falcon, as we are using different products LLM, and I am unsure if CrowdStrike has the capability to integrate it with local LLM or if I need to use commercial LLM such as OpenAI.

I am currently investigating SOAR in CrowdStrike because I have seen some articles about it, but I am uncertain if it is operational now or still in development.

I do not have any specific features I would want to see included in CrowdStrike.

I have been working with the CrowdStrike Falcon for almost three years.

I find CrowdStrike to be stable; there are no issues, although there was one instance when we had an outage for updating the Falcon Agent, but since then, it has been stable without any issues.

In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it. CrowdStrike covers around 2,800 endpoints for us.

Regarding maintenance, the service is excellent; if we face any issues, we open a ticket with the CrowdStrike support team.

I would evaluate CrowdStrike tech support as excellent because they have a very fast response.

On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.

Positive

Before CrowdStrike, I worked with other solutions for EDR and XDR, specifically Trend Micro and Microsoft Defender's Endpoint, as we are working in MSSP.

The main differences between CrowdStrike and Trend Micro or Microsoft solutions are that CrowdStrike gives me more visibility, while with Defender, I have to run queries which are not easy to use. Even network telemetry for CrowdStrike is very simple and easy to read, allowing for faster understanding compared to Defender where creating rules requires more tuning. Regarding disadvantages of CrowdStrike in comparison to Defender or Trend Micro, I do not see any.

I was not involved in the implementation part of CrowdStrike in my environment because I arrived after it was already installed, so I did not start from scratch.

Currently, I do not see any tangible benefits from CrowdStrike regarding incident improvement time, response time, or cost saving.

Based on my experience, I would recommend CrowdStrike to others because it is user-friendly and easy to manage, unlike other solutions that require experienced personnel; CrowdStrike's documentation is also very clear.

I would recommend it to other users because it is a perfect product.

It is an easy solution that anyone can manage, providing many benefits for endpoint visibility and allowing for the creation of many custom use cases without the need for much fine-tuning to get true positive alerts.

On a scale of one to ten, I would rate CrowdStrike Falcon as a product and solution as an eight.

On-premises

As a security analyst, I primarily focus on creating rules, conducting investigations, and integrating new devices with our CrowdStrike system. After these integrations, I also check the status to ensure everything is functioning properly.

For threat detection, CrowdStrike provides queries and searches. If I need to find any IOCs, I would say that is my best option. During a cyber war, once we gather some IOCs, we can ingest them into CrowdStrike. This ensures that if we encounter an attack using those IOCs in the future, we receive alerts, allowing us to investigate further. Also, the detection capability of CrowdStrike is quite real-time. If we enforce a policy preventing users from inserting USBs into the PC and it triggers, it happens in real-time without delay.

Currently, users manually input IOCs, and it would be beneficial if IOCs released by major companies were automatically integrated into CrowdStrike. We retrieve files from vendors, which incurs costs. Automating this process could be cost-effective and time-saving.

I think I have been using it for around seven and a half years.

There is no maintenance required because I, as a user of CrowdStrike, am part of the security team. I mainly configure new threat detections or explore new dashboards.

The stability is quite impressive, and I am enjoying it.

It is stable, and I haven't encountered any issues. It is manageable and comfortable.

I am a security analyst, and CrowdStrike is utilized as part of EDR. For websites, other attacks, and banking systems, we have used QRadar, ELK, Sentinel, and some locally built detection systems.

For me, as a security analyst, it doesn't require months or days. Many tasks can be completed in hours. With experience, even critical tasks can be done in minutes.

Whenever our company hires a new employee, they provide him with credentials. He installs the agent and inputs the credentials. The process is entirely console-based.

It depends on the size of the company and the tasks we undertake.

I don't have much information about the setup costs, but it was manageable. CrowdStrike offers three or four packages depending on the company's size, and we purchased the most expensive one for better operations.

I would recommend that if you need a quick response against real-time attackers, you should consider purchasing CrowdStrike. Windows Defender doesn't match up, so configuring it on EC2 instances is better for small and large-scale companies as well. Overall rating: nine out of ten.

Hybrid Cloud

We use the solution for Windows and non-Windows infrastructure. We have Falcon clients on all our machines.

We integrate with CyberArk, which includes DNA reporting, particularly for identifying old and ticket-based attacks. We’ve implemented this integration to receive risk-based scoring. Our strategy focuses on preventing privilege escalation, as our last major incident, NotPetya, resulted from this vulnerability. To address this, we’ve implemented measures through CyberArk and CrowdStrike.

When we encounter phishing attacks via email, we sandbox any reported items. Whenever a suspicious email is reported, we conduct sandboxing in CrowdStrike and block emails, domains, and IPs based on the resulting threat intelligence.

The most critical aspect is preventing privilege escalation, particularly for domain admins with the highest credentials. With our integration of CyberArk, passwords are never transmitted to the endpoint. Instead, a secure RDP file is created, and Falcon is used to prevent privilege escalation attempts.

As customers, we always update our systems whenever a new release is available, with clients connecting directly to the Internet for these updates. We have an agent who manages these updates on the clients, but as an organization, we don’t have control over them. CrowdStrike should assess the impact on endpoints before releasing such updates.

Our organization now seeks AI-based stock monitoring to prioritize thousands of alerts generated across various platforms. The AI integration is still in its early stages, so we would like to see Falcon develop tools that can integrate with multiple platforms and help identify the highest-priority alerts.

I have been using CrowdStrike Falcon Threat Intelligence since 2017. We are using the latest version of the solution.

I rate the solution’s stability a nine out of ten.

The integration part is very good. CrowdStrike collaborates with most security vendors, so it's very easy to get one platform for our risk factors across the enterprise.

40 thousand devices are using this solution. We get many alerts from Falcon, sometimes from end users and sometimes from Internet-facing servers.

I rate the solution's scalability a nine out of ten.

We struggle to get specialized resources from CrowdStrike in a few cases.

Neutral

CrowdStrike Falcon Black is an on-premise solution that was very complicated, so we faced performance issues. The main reason for the switch is the performance issues reported by multiple application owners.

Initially, we faced many challenges because we had to open ports from each of our subnets to Falcon, as it’s a SaaS solution. Each client needs to communicate with Falcon servers for threat intelligence. Due to the complexity of our network, we had to carefully consider all security aspects when opening the external communication ports to Falcon.

It took 25 to 30 days to deploy it completely.

We began with our Tier 0 servers, which had the most critical and highest privileges. After securing those, we moved on to Tier 1 and Tier 2 as we continued deployment. Our approach was to first address the highest risk factors across the enterprise and then gradually move on to securing endpoints like user desktops and laptops.

I rate the initial setup as seven out of ten, where one is difficult, and ten is easy.

We took professional services from CrowdStrike, so it was done in-house with only two people: one from the execution team and one from the cybersecurity team.

When we track the annual priority cases, especially the security incidents, we have made many improvements. That is ROI in terms of tracking security incidents.

I rate the product’s pricing a six out of ten, where one is cheap and ten is expensive.

Most customer requirements focus on email security, so we’ve implemented Mimecast. CrowdStrike Falcon integrates with Mimecast, allowing us to provide advanced security beyond Office 365’s capabilities. With DMARC in place, Falcon helps us identify domains that pose a risk to the organization.

I advise you to look for customer feedback, and then they should also look for Gartner and other industry leaders so you get the ranking.

Overall, I rate the solution a seven out of ten.

Public Cloud

CrowdStrike Falcon is used as an endpoint detection and response platform. It's basically an antivirus solution. It is deployed on all the endpoints, including workstation servers, et cetera.

We previously had another solution. However, it was a combination of signature-based and anomaly-based detection methods. When we implemented CrowdStrike in our organization, it helped us minimize the critical gap where, in some cases, we could not identify malicious behavior.

CrowdStrike is behavioral-based; therefore, it has a behavioral-based detection method. It's not a signature-based tool. It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints.

They have a service called Overwatch. It's an incident response feature, which CrowdStrike usually provides for most of the customer's premium customers. They will be looking for particular instances. If anything really suspicious or malicious happens, they will inform us. That is one kind of feature that is really great as compared to other tools.

The ransomware protection and behavior-based detection are the best features. 

The solution has effective prevention policies. They help prevent cyber attacks or any other malicious activity.

The real-time response capability supported our incident response efforts. Whenever there is a case of any critical incident or any security breach, at the time of security breach, we can utilize RTR (real-time response) features to know what process is running. Then, we can kill the process. We can get to know, for example, what active connections are. Also, in case of quarantine, if we quarantine a particular machine with CrowdStrike, we still have access to that machine with the real-time response feature. That's quite useful.

File integrity monitoring could be improved. They need to have more clarity on the policies and how we can apply them to get the file modification details. In terms of vulnerability management, CrowdStrike doesn't have the network scanning feature, which other competitors have.

We sometimes get false positives. We have had to create some exceptions. However, we have been able to minimize the noise. 

I have been using CrowdStrike for more than 3 years.

This is a very stable solution. I'd rate the solution 9 out of 10. 

We have a single instance across multiple locations. People in the company work from different locations, and we have agents installed to workstations, et cetera. We have around 8,000 workstations and around 5,000 servers. Then, we have about 20 people working on it directly regularly.

The solution is absolutely scalable, and companies can scale it as needed. I'd rate the solution 9 out of 10 in terms of scalability. 

I'm absolutely satisfied with CrowdStrike's support. They have a robust support team that is always there to help.

Positive

We were previously using Symantec. CrowdStrike has a wider range of features and has been the market leader in its category. After a quick POC, we decided to move to it. 

The initial setup was straightforward. There were no major hiccups in implementing it. We were clearly guided by the CrowdStrike team. We just followed the steps provided. It took 45 to 60 days to implement.

CrowdStrike is a cloud-based solution. We don't have to deploy any instance on-premises or cloud. CrowdStrike provides us access to their instance. We simply have to install the agents on our systems. Those agents will communicate to the CrowdStrike Falcon cloud. It will all be managed by CrowdStrike, and we will have access to the console. On the console, we have all the features and all the different options we need to manage the platform. There is no maintenance required.

We had 3 people participating in the deployment. From the system side, there are multiple teams involved from the deployment point of view. That said, 90% of the work was done by the security platform team.

I'd rate the ease of deployment 4.5 out of 5. 

We have witnessed an ROI. It's been the first line of defense for us. It has saved us on costs. However, those are hard to quantify as we haven't faced a breach.

The solution is expensive, however, if you look at the features, it's worth the cost.

I'm a customer and end-user.

I would absolutely recommend this product to any organization with a prior POC under its belt. A company needs to test it in their environment. That said, I would highly recommend anyone to test it out.

I'd rate the solution 9 out of 10. 

Public Cloud

I am using it for endpoint protection.

The features I appreciate the most are numerous; the overall product is very good, actually.

This is an advanced tool in terms of AI which is implemented and integrated. CrowdStrike Falcon has a ransom detection time of less than 50 seconds. Detection and taking down violations and breaches takes a minimum time of 59 seconds. Intelligence is very good, as AI is integrated with this solution. The integration capabilities in CrowdStrike Falcon are very good.

If tomorrow is the next release of the product, new features would be helpful, but at the moment, the product is very good. Nothing specific comes to mind about what new features they can add.

For further improvements, I can only think of one example because this is very important for us; they could reduce the price. Then it would deserve a rating of seven.

We have been using it for three to four years and have not encountered any issues.

Regarding challenges or problems with the product, I haven't noticed any current drawbacks. The challenge occurred last year in July when there was some patch update failure, which caused many issues. However, we have overcome that situation.

The stability is good.

We have been using it for three to four years and have not encountered any issues. More experience with this product might come with increased usage.

The technical support from CrowdStrike Falcon is good.

I would rate the support an eight.

Positive

The installation and deployment are straightforward. It is very good and can be integrated with the management engine.

The Return On Investment saves around 30%.

The licensing cost and setup costs are affordable.

I am a computer engineer by profession.

The maintenance is automatic.

I would rate CrowdStrike Falcon as nine overall.

Hybrid Cloud

Other

I'm a tax lawyer, so the IRS requires me to have a security program. 

Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down. It couldn't be less painful, and it couldn't be more reassuring. I never need to do anything with it. I don't tweak it or update it. 

You place a sensor on your computers that requires a very small amount of memory. It's about 39k or so to run the sensor. It's not like other programs that slow down the computer. CrowdStrike is constantly scanning your computer from the cloud and responds in a millisecond when it detects anything. 

The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies. 

I have used CrowdStrike Falcon for three or four years. 

I rate CrowdStrike support 10 out of 10. It's an email-based procedure. You create a case, and they notify you when it's assigned. You get an email from the technician, and you correspond back and forth. I usually request a phone call. They respond quickly. It's usually within half an hour to an hour. The tech support is perfectly adequate and certainly helps with whatever you want. They're nice, and the people seem intelligent.

Positive

Setting up CrowdStrike Falcon is easy. They give you this enormous knowledge base. I almost never use it, but it covers absolutely everything. They also do a lot of handholding for the installation. You can get somebody to call you and tell you that everything is in the right place and it's doing all the right stuff. You can also do it by yourself, and you'll get an email message saying your sensor has been installed on this endpoint.

It took me about half an hour to an hour to download and install the sensor, but I also think it was influenced by the level at which I use CrowdStrike. I am their most basic user. A more complicated environment like the Defense Department might take more time.

CrowdStrike Falcon offers a great value. I'm the smallest kind of customer they had. It's a big step up. I had a more robust subscription, but I found I didn't use any of it ever, so I just cut back to the same thing that I had to begin with. You hardly notice any difference.

Crowdstrike Falcon is relatively cheap. 

We also considered Palo Alto. It had a device, but once you got it, you had some technical issues to deal with. I don't know if Palo Alto's requirements were more or less onerous than CrowdStrike's, but it seemed a little more complicated. 

The two products had similar pricing. Palo Alto was about $750 for the device and a small amount for maintenance and whatnot. The other one is $500 a shot. The fact that you can get some other form of security software for a tenth of that price doesn't matter. It's just not even worth thinking about.

I rate CrowdStrike Falcon 10 out of 10. It's extraordinarily easy to implement and use. You can do some advanced things that require some expertise, but those levels of security would be more appropriate for larger enterprises.

We use CrowdStrike Falcon as a managed SOC for intrusion detection on our endpoints.

Being a cloud-native solution, CrowdStrike Falcon provides flexibility and always-on protection. This is extremely important to have the best protection available.

It is a fully managed service, so they provide all the necessary updates for us which is helpful.

While CrowdStrike Falcon provides us with better peace of mind in terms of protection, it also generates alerts for potential threats, requiring our investigation. However, the platform further alleviates our anxiety by automatically reviewing unaddressed alerts, offering an additional layer of security. This coverage fosters a heightened sense of security.

CrowdStrike Falcon has been instrumental in preventing breaches, allowing us to operate with significantly increased security compared to the past. This has provided us with much greater peace of mind. While no security solution is foolproof, Falcon has brought us remarkably close. 

The anomaly detection is the most valuable feature.

The portal can be clunky to navigate at times and has room for improvement.

I have been using CrowdStrike Falcon for two years.

I would rate the stability of CrowdStrike Falcon a nine out of ten. The only issue I have had is with an old version of the endpoint that was installed and has proven to be problematic. 

CrowdStrike Falcon is scalable.

The technical support is good and they provide prompt responses to all of our questions.

Positive

We implemented CrowdStrike Falcon in response to a security incident. It was the first endpoint detection and response service we had ever used, and we've been utilizing it since 2021.

Deploying the sensors to our endpoints is straightforward. We do have a manual process for deploying the sensors to our endpoints. There are also options to do it through a group policy. It doesn't seem overly complex.

We rolled the solution out to our entire estate which took just over one week. We had up to 300 endpoints and required a team of five people to complete the deployment.

CrowdStrike Falcon enables us to save on resources which in turn provides a 20 percent return on investment.

CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team. We lack the resources to replicate the full security services they provide without hiring additional personnel. The cost of Falcon is likely comparable to, or even less than, the salary and benefits we'd need for an extra employee. Furthermore, their on-call experts have more expertise, further enhancing the value proposition.

After a year, we reevaluated our endpoint security solution. We considered several options, including Arctic Wolf, SentinelOne, and Darktrace, alongside our existing Fortinet solutions. We participated in demos and ultimately determined that CrowdStrike's offering, both current and future, remained the best fit. While we hadn't initially explored other options before choosing CrowdStrike, external factors subsequently forced our hand. However, after a year of use and further evaluation, we reaffirmed our decision, concluding that CrowdStrike was still the most suitable solution for our needs.

I would rate CrowdStrike Falcon a nine out of ten.

We have around 300 endpoints and three people who have access to the solution.

Three people are required for maintenance.

CrowdStrike Falcon was recommended by our head office in Germany.

I recommend CrowdStrike Falcon.