CrowdStrike Falcon Reviews

I'm a tax lawyer, so the IRS requires me to have a security program. 

Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down. It couldn't be less painful, and it couldn't be more reassuring. I never need to do anything with it. I don't tweak it or update it. 

You place a sensor on your computers that requires a very small amount of memory. It's about 39k or so to run the sensor. It's not like other programs that slow down the computer. CrowdStrike is constantly scanning your computer from the cloud and responds in a millisecond when it detects anything. 

The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies. 

I have used CrowdStrike Falcon for three or four years. 

I rate CrowdStrike support 10 out of 10. It's an email-based procedure. You create a case, and they notify you when it's assigned. You get an email from the technician, and you correspond back and forth. I usually request a phone call. They respond quickly. It's usually within half an hour to an hour. The tech support is perfectly adequate and certainly helps with whatever you want. They're nice, and the people seem intelligent.

Positive

Setting up CrowdStrike Falcon is easy. They give you this enormous knowledge base. I almost never use it, but it covers absolutely everything. They also do a lot of handholding for the installation. You can get somebody to call you and tell you that everything is in the right place and it's doing all the right stuff. You can also do it by yourself, and you'll get an email message saying your sensor has been installed on this endpoint.

It took me about half an hour to an hour to download and install the sensor, but I also think it was influenced by the level at which I use CrowdStrike. I am their most basic user. A more complicated environment like the Defense Department might take more time.

CrowdStrike Falcon offers a great value. I'm the smallest kind of customer they had. It's a big step up. I had a more robust subscription, but I found I didn't use any of it ever, so I just cut back to the same thing that I had to begin with. You hardly notice any difference.

Crowdstrike Falcon is relatively cheap. 

We also considered Palo Alto. It had a device, but once you got it, you had some technical issues to deal with. I don't know if Palo Alto's requirements were more or less onerous than CrowdStrike's, but it seemed a little more complicated. 

The two products had similar pricing. Palo Alto was about $750 for the device and a small amount for maintenance and whatnot. The other one is $500 a shot. The fact that you can get some other form of security software for a tenth of that price doesn't matter. It's just not even worth thinking about.

I rate CrowdStrike Falcon 10 out of 10. It's extraordinarily easy to implement and use. You can do some advanced things that require some expertise, but those levels of security would be more appropriate for larger enterprises.

We rely on CrowdStrike Falcon for comprehensive threat detection, prevention, and valuable insights. This robust solution also offers identity protection features. Our dedicated team of six professionals effectively manages the platform, ensuring its effectiveness across multiple locations, including our data centers and core facility.

CrowdStrike's advanced detection and prevention capabilities offer a superior level of protection against potential threats. Its unique feature of automated rules is designed to effectively confine threats at the device level. This automatic confinement of high alerts ensures that the device is secured immediately, buying crucial time for the dedicated response team to identify and neutralize the threat. This proactive strategy not only minimizes the potential impact of threats but also guarantees a rapid and efficient response to any security incidents, thereby enhancing the overall security posture.

We appreciate Falcon's network visibility feature as it allows us to monitor the evolution of threats on PCs and within the company network. The solution's real-time incident response is notably swift. Initially, we encountered numerous false positives during the project initiation phase. However, we managed to resolve most of them independently or with assistance from CrowdStrike support. Consequently, our security levels were significantly improved, and we elevated all parameters to their maximum. Currently, we seldom encounter false positives. Most of these were low-level alerts, while the high-level alerts were automatically quarantined.

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

We have been using CrowdStrike Falcon for nearly five years already.

Crowdstrike Falcon demonstrates exceptional stability once it has been properly configured with the appropriate settings. While there may be a period of adaptation and configuration required to ensure optimal performance, once the solution is in place, it operates with remarkable stability. Users can rely on Crowdstrike Falcon to consistently deliver reliable and secure protection without significant disruptions or instability.

I would rate Crowdstrike Falcon a nine out of 10 for scalability. It offers seamless scalability, allowing easy expansion of the sensor deployment to accommodate growing needs. However, it's worth noting that the primary limitation one may encounter is the cost associated with deploying additional sensors.

I rate CrowdStrike support nine out of 10. It's fantastic. 

Positive

We made the switch from Symantec to Falcon because we required a solution that offered greater speed, reliability, and the ability to effectively handle the wide range of advanced threats present in the wild.

The initial setup of Crowdstrike Falcon was straightforward and efficient. The cloud-based deployment process was seamless for most components, with the exception of the sensors. Deploying the sensors to PCs was automated and hassle-free, requiring just a few minutes per device. However, to ensure the highest level of protection and customization, we opted to manually install the sensors on our servers. This hands-on approach allowed us to have greater control and assurance over the server deployment, ensuring the best possible protection for our critical infrastructure.

We've seen an ROI in terms of time saved. It's probably around 5 percent. 

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

Of course but I can't disclose this information.

I rate Crowdstrike Falcon nine out of 10. 

We use CrowdStrike Falcon as a managed SOC for intrusion detection on our endpoints.

Being a cloud-native solution, CrowdStrike Falcon provides flexibility and always-on protection. This is extremely important to have the best protection available.

It is a fully managed service, so they provide all the necessary updates for us which is helpful.

While CrowdStrike Falcon provides us with better peace of mind in terms of protection, it also generates alerts for potential threats, requiring our investigation. However, the platform further alleviates our anxiety by automatically reviewing unaddressed alerts, offering an additional layer of security. This coverage fosters a heightened sense of security.

CrowdStrike Falcon has been instrumental in preventing breaches, allowing us to operate with significantly increased security compared to the past. This has provided us with much greater peace of mind. While no security solution is foolproof, Falcon has brought us remarkably close. 

The anomaly detection is the most valuable feature.

The portal can be clunky to navigate at times and has room for improvement.

I have been using CrowdStrike Falcon for two years.

I would rate the stability of CrowdStrike Falcon a nine out of ten. The only issue I have had is with an old version of the endpoint that was installed and has proven to be problematic. 

CrowdStrike Falcon is scalable.

The technical support is good and they provide prompt responses to all of our questions.

Positive

We implemented CrowdStrike Falcon in response to a security incident. It was the first endpoint detection and response service we had ever used, and we've been utilizing it since 2021.

Deploying the sensors to our endpoints is straightforward. We do have a manual process for deploying the sensors to our endpoints. There are also options to do it through a group policy. It doesn't seem overly complex.

We rolled the solution out to our entire estate which took just over one week. We had up to 300 endpoints and required a team of five people to complete the deployment.

CrowdStrike Falcon enables us to save on resources which in turn provides a 20 percent return on investment.

CrowdStrike Falcon offers excellent value for the money for our organization, particularly given our lean IT team. We lack the resources to replicate the full security services they provide without hiring additional personnel. The cost of Falcon is likely comparable to, or even less than, the salary and benefits we'd need for an extra employee. Furthermore, their on-call experts have more expertise, further enhancing the value proposition.

After a year, we reevaluated our endpoint security solution. We considered several options, including Arctic Wolf, SentinelOne, and Darktrace, alongside our existing Fortinet solutions. We participated in demos and ultimately determined that CrowdStrike's offering, both current and future, remained the best fit. While we hadn't initially explored other options before choosing CrowdStrike, external factors subsequently forced our hand. However, after a year of use and further evaluation, we reaffirmed our decision, concluding that CrowdStrike was still the most suitable solution for our needs.

I would rate CrowdStrike Falcon a nine out of ten.

We have around 300 endpoints and three people who have access to the solution.

Three people are required for maintenance.

CrowdStrike Falcon was recommended by our head office in Germany.

I recommend CrowdStrike Falcon. 

I use it for cloud workload protection and threat detection in AWS environments.

The pay-as-you-go model enabled me to deploy quickly from the AWS Marketplace management account.

It scaled protection for workloads without upfront commitments and reduced the initial operational overhead.

It provides real-time visibility into cloud threats, helping stop breaches faster in dynamic AWS setups.

I find the seamless AWS integration and single lightweight agent to have minimal performance impact.

The cloud-native SIEM and runtime security leverages threat intelligence for proactive detection.

Flexible billing through AWS is ideal for startups testing security without long-term locks.

I believe that AI-powered SOAR workflow suggestions could streamline incident response.

I have been using it for 1 month.

We are a new startup, so we did not use any previous solutions.

The pay-as-you-go model excels for startups with variable AWS workloads, avoiding large upfront costs and scaling with usage.

I evaluated Prisma Cloud, Wiz, and Orca Security alongside native AWS options.

CrowdStrike Falcon for AWS (pay-as-you-go) delivers strong cloud-native protection via AWS Marketplace, which is ideal for startups scaling workloads.

I deal with endpoint security, firewall, and XDR solutions. I use Sangfor and work with Trend Micro and CrowdStrike. I use CrowdStrike Falcon for enterprise companies, which is what I typically recommend.

CrowdStrike Falcon has helped my customers predict and prevent potential breaches because of its proactive approach.

The most valuable features in CrowdStrike Falcon are its AI capabilities. The lightweight agent has a positive impact on system performance and visibility through ease of use. I utilize its Threat Graph for threat hunting.

To improve my recommendation to a perfect score, I would focus on better selling skills and improved integration with different vendors.

I have been working with CrowdStrike Falcon for approximately five years.

I have previously worked with a Total Information Management Corporation solution.

I work with competitors as well, and there is good competition to Sangfor at the moment.

I have experience with these products from prior use. I work with security vendors and some of my customers use Trend Micro and CrowdStrike as well. My experience has been positive and I have been satisfied. The pricing might be a little expensive, but I find it cost-effective. I do not find CrowdStrike Falcon to be the most expensive when comparing pricing with competitors. I would rate this solution an 8 out of 10.

It gives an overview and insights into my AD accounts. It shows if any identity, like an AD user, is compromised, has a weak password, or is logging in from an unusual system. Any anomalies.

I like the insights and detailed view of my AD structure. How protected it is, or is there any loophole or an area that needs more protection. 

Another feature I like is that it gives insights into all my domain controllers and ADCs. The configuration is also really easy.

The real-time monitoring feature is good. For example, a user account is hacked. It alerts me that it's been hacked and prompts me to look into it or have the user change their password. I can then log in to my AD, change the password, or notify the user that their account has been compromised and ask them to change their password.

AI capabilities of CrowdStrike are also good. 

When I use Identity Protection, I want the full stack, like going for XDR. If anything happens, like a laptop being compromised using a password, it gives me the entire attack flow. For example, the attack came from a particular user, like an IT admin. If their identity is hacked and they log into multiple systems, and those systems are affected, we can see those details and provide good support or recovery for customers and partners.

I'm concerned about the recent issue in July 2024. It involved a faulty content configuration update. What if another update causes the same problem again?

I have been using it for two years.

Stability, I would rate it as a seven out of ten. There are a few instances where our customers have complained about the digital signatures it uses. Sometimes, even if you create a policy, it still tends to block it. A few applications get flagged as malicious even though the customer trusts them. Even if you create an exception rule, it might still block it after a few weeks. Also, there's the recent issue we faced with CrowdStrike and Windows. So, based on that, I'd give it a seven out of ten.

There is room for improvement. They need to conduct more thorough R&D before releasing updates. I think they didn't do that this time, but it was just a one-time issue. However, what if it happens again? That's a concern.

Scalability-wise, I would give it a ten out of ten. It's simple because it's a SaaS solution. For example, this month, I have 50 users. Next month, I have 50 additional users. I just need to buy more licenses and add those systems to CrowdStrike. If I need to put them in certain groups with specific policies, that's easy too.

We work with all types of businesses, including small, medium, and enterprise businesses. Scalability is simple. I don't even need to install it on my laptop. One more good thing is that it offers an XDR view where I can add other components, like the email security solution Proofpoint. I can integrate it, so I'll get my emails and everything will be in a single pane of glass.  

We have a Technical Account Manager (TAM). We can directly call them and raise a ticket. Initially, it was a six or even a five because we had to send an email, and it would take three to four days for them to reply. Now, with the TAM, we can get issues resolved faster.

Positive

I have experience with CrowdStrike, apart from their Cloud Security offering, which is on GCP. I've worked with CrowdStrike Identity Protection, Device Control, Device Control, EDR, XDR - basically everything except their cloud solution.

The initial setup is straightforward. I don't need to install an agent in my AD, and I can get alerts from my read-only domain controller, which is also good.

I would rate my experience with the initial setup a ten out of ten, with ten being easy and one being difficult. 

It's not required to deploy on-premises. It's a SaaS solution. I just need to download the agent and install it on each of my devices, whether they're VMs or my laptop. 

One more good thing is that I don't need to be in my office network for it to keep protecting me. I can take the system home, and it will still be protected.

The deployment itself takes about a day to install everything if it's user-based. But for CrowdStrike to learn what to block and what not to block in your specific environment, it will take easily about two weeks. There will be some applications that it might consider a threat because it's a next-gen AV that uses AI. 

So, some applications the customer uses might be flagged. I can whitelist them or create a policy to allow them. That's also a very good feature of CrowdStrike. 

So, for the initial setup takes two weeks. For it to get to know your environment and work smoothly, just to install agents and set up the dashboard, policies, and all that, it takes about one day.

It offers seamless integration with the existing security infrastructure. We haven't faced any challenges because our customers use CrowdStrike only for endpoint and server security. They haven't gone to the XDR level yet. However, many other OEMs I've spoken to, like Zerto, have said that the CrowdStrike and Zerto integration is very seamless. So, if anything happens on my server end, I'll know when it happened and what the issue is from CrowdStrike. Or, for example a ransomware attack happens, I can restore from my Zerto application.

The benefit I've seen is their backend, which powers the EDR, XDR, and NGAV. It's really good because it can detect anything due to the wide range of customers they have. 

For example, one customer has a vulnerability because of a zero-day attack. All the other customers will benefit because it propagates to the cloud and analyzes if other customers are on the same version of the drivers or any other Windows patch. If they are, it will tell us that there's an issue and provide remediation steps. Many of our customers find this very helpful. It's called the CrowdStrike community.

I would rate it a seven out of ten, where one is cheap, and ten is expensive because it's a bit on the costlier side. Compared to Symantec or Trend Micro, CrowdStrike is more expensive.

Overall, I would rate the product an eight out of ten because of one recent issue that happened. 

I'm concerned about the recent issue that happened. What if another update causes the same problem again? Is it really as good as it seems? Even our customers have given very good feedback, they get more insights into what's happening, what they should do, and what remediation steps to take. So, in that way, it's very good.

I would recommend it, especially if you're going for endpoint security. I'd definitely recommend CrowdStrike first because it's more mature than SentinelOne and other EDR solutions in the APAC region.

We use CrowdStrike Falcon to investigate security detections for malicious activities in our environment.

CrowdStrike utilizes machine learning algorithms and detection rules to generate alerts for suspicious activity within our environment. We then investigate these detections individually, analyzing the details of each event.

In addition to automated detection, CrowdStrike allows for custom queries. For instance, if we need to investigate a specific host, we can leverage a cloud security language to examine its activity. Similarly, we can use CrowdStrike to search for activity related to particular users or hosts.

CrowdStrike Falcon provides significant additional value. It excels at identifying suspicious activity the moment an application appears in the environment, immediately bringing these incidents to the attention of our response team. Upon receiving an alert, our team can investigate and take appropriate action if anything malicious is found. In essence, CrowdStrike Falcon acts as a strong barrier against attackers.

In the past 3 years, we have encountered many scenarios where CrowdStrike Falcon has helped mitigate potential security breaches.

The detection and response console is the most valuable feature.

We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike. In these cases, the access disable process can be quite slow.

I'm using CrowdStrike Query Language, and I've noticed an issue with event backups. Searches exceeding a certain event threshold aren't capturing all results. For instance, if I run a search that returns 10,000 events in a single day, only 2,000 events are backed up. This limitation with CrowdStrike Query Language needs to be investigated.

I have been using CrowdStrike Falcon for over 3 years.

CrowdStrike Falcon is generally stable, although event searches may occasionally experience slow performance.

CrowdStrike Falcon's scalability is dependent on the license acquired.

The technical support live chat can experience long wait times. Submitting a ticket may result in a quicker response.

The company was using Carbon Black before I joined. When I came on board, they decided to switch to CrowdStrike.

I would rate CrowdStrike Falcon 9 out of 10.

CrowdStrike Falcon is deployed across multiple end-user systems and locations.

I recommend CrowdStrike Falcon. It's a wonderful security platform that's easy to use and requires minimal effort to maintain.

A lot of customers face ransomware and malware attacks. The solution helps protect endpoints and servers from ransomware and malware attacks.

The solution has multiple layers of security, including web security. We can monitor endpoints, conduct root cause analysis, and find geolocations. If the tool finds any suspicious activity, it blocks and remediates it.

The solution makes our security operations easier. After an incident, we get complete reports and insights. The product provides good monitoring features. The product also has teams that help customers find suspicious activities. The team calls and asks us to check the updates and remediate issues. If the system can remediate it, the team does it through the system. The detection and response are in real-time. There are no security breaches. Resolving issues doesn’t take much time.

The tool is more expensive than other products in the market.

I have been using the solution for more than 3 years.

I did not have any stability issues.

It is easy to scale up. We just need to add the licenses. The product is suitable for small, medium, and large businesses. We must buy a minimum of 50 licenses.

The support is excellent. We rarely need support.

Positive

The initial setup is pretty simple and clear. The time taken for deployment depends on the endpoints. It's a cloud solution. We can use Active Directory or the group policies to deploy it.

The product has a lot of use cases. There are companies that need to run their operations 24/7. It will be a big challenge if their server or infrastructure goes down. They cannot afford downtime. They need to choose the right solution for their needs.

The price depends on the kind of service we need. If we need excellent service, we must pay a reasonable price. We can choose any pricing model if we do not want excellent service. The product is excellent. We need to pay a premium price for the tool.

Microsoft Defender Threat Intelligence, IBM, and Cisco are some competitors. CrowdStrike entered the market with a USP to protect endpoint servers. It has a different approach. Malwarebytes has a similar setup. I prefer CrowdStrike, though.

I will recommend the tool to others depending on their budget. If customers have a good budget and need a premium product, they can choose CrowdStrike. No product is perfect. Overall, I rate the tool an 8 out of 10.