CrowdStrike Falcon Reviews

Our primary use case is as an endpoint protection service. 

We get a notification when there are some malicious activities on our PC whenever we have a detection. The other administrator and I can log in to check the exact details of what happened, what was running, and what caused the detection. We know exactly what was happening on the end user's PC and we can tell if it's something that we actually need or something that's malicious.

When something is detected you can log into the GUI and you can get very specific details about what happened. It's very helpful for investigating incidents and this sort of thing.

The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed. 

When I change the policies for some users, I would like to have an option to apply that policy immediately. Right now, I have to wait for the users to connect to the cloud to take the new policy. I would like for them to develop the ability to have an option to apply the post the policy immediately.

It's very stable, we haven't had any issues so far.

We haven't had any issues when it comes to scalability. We have thirty to forty users.

We haven't had to use their technical support. 

The initial setup was very straightforward. You just download the agent and install it; that's it. The deployment took two to three hours. We have two admins. One of us logs in and sees what happened.

I would advise someone considering this solution to just read the documentation. You should start with the documentation, it's very clear and very simple. Anything you need is in the documentation.

I would rate it a nine out of ten. 

The primary use case is threat protection.

It improves a lot of our security operations for threat management. It provides a lot for our day-to-day operations too.

The most valuable feature is its threat analysis.

I would like CrowdStrike to provide some correlation in the threat analysis, so we can visualize things better.

It is quite stable. However, whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing.

We have not put that much stress on it, about 20 percent.

Scalability is good. We have had no issues with it.

Currently, we have about 4800 resources in the cloud.

Their technical support is good and helpful.

The AWS integration is good, and its configuration is straightforward.

We have seen ROI.

Purchasing the product through the AWS Marketplace is just a click away. Since we were using the on-premise version of the product, we continued on the cloud by purchasing it through the AWS Marketplace.

I would like them to further reduce the price, because it is quite pricey at the moment.

I would recommend CrowdStrike as a first option product, but to look at others as well.

The new features that they have released were not bad.

AWS is better than the on-premise version because it can support cloud resources.

Primary use is for endpoint investigations.

It allows us to determine root cause, do the analysis, a lot quicker.

Visibility into the endpoint rate. Understanding what processes are running on the system, what registry keys have been enabled. Pretty much understanding the whole frantic side of the endpoint.

It would be nice if we could extrapolate indicators of compromise and write them within sandboxes.

It's fairly stable. We haven't been having too many issues with that.

It scales quite well because it's cloud-based and subscription-based. It can scale pretty quickly.

I would say technical support is fairly good. They understand the technology quite well so they are able to support us a lot better.

The most important criteria when selecting a vendor come down to the capability of the technology, the cost, the support, how it fits into our overall architecture strategy, and the stability of the company. For instance, if it's a small company and they go under, you might as well have not invested in it.

I would rate this solution an eight out of 10 because it has all the features that we need. It's within our budget, and it fits into our overall architecture strategy. There are a few features that could be added, as mentioned.

I would recommend this technology.

CrowdStrike Falcon is an EDR and we use it to protect our developers. They have a lot of risks that come from cloud services, such as AWS.

Without CrowdStrike, our environment is risky for the developers. As it is now, we have not had any security issues for two years.

The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it.

CrowdStrike should add support for ransomware protection.

Additional antivirus functionality should be included. However, this is not a big problem.

I have been working with CrowdStrike Falcon for approximately two years.

We have not faced any problems with the product.

We have support from the CrowdStrike team in Japan and we haven't had any problems with them.

We have installed CrowdStrike on both Mac and Windows PCs, and we haven't had any problem.

Our engineer was responsible for the installation.

I would rate this solution an eight out of ten.

We use CrowdStrike Falcon to secure the endpoints and servers that we have on-premise.

The detection is very reliable. Also, OverWatch is a great feature.

The reporting part is basic. It's not that intuitive and you cannot go further backward in terms of historical information.

The Integration with tools, SOC tools, could be better. 

I have been using CrowdStrike Falcon for two years, more or less.

The stability is good, it's compatible with most of our platform. The agent upgrade could be better, but it's more or less aligned with the platforms. We also use Mac OS on some endpoints. Mac is not always the reflection of the agent that is the latest.

We haven't experienced any issues relating to scalability.

Their customer support is good. I've always gotten the answers that I needed timely and with the content I needed.

The initial setup was a bit complex, but that was due to our environment. In the beginning, we used the outdated VDI infrastructure of Citrix, but we have since evolved along the way and now it's straightforward; however, in the beginning, it was a bit difficult to get the CDI working properly, deploying the agents. 

Deployment time varies, but for most endpoints, it only takes a few minutes.

The price is too high. When we are reaching a new renewal, management always asks what's going on in the market.

For the purpose of starting, yes, it's a very good solution, but you need to take two things into consideration: proper alignment with the infrastructure and the price. The price negatively affects the adoption of this solution.

On a scale from one to ten, I would give this solution a rating of eight — because of the price and reporting.

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.

In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues. 

The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well. 

I also like the overall reports. They are crisp and to the point.

There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.

A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.

The product is quite stable. 

It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.

Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.

Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.

CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.

The pricing will depend upon your volume of usage.

I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.

It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.

I am using CrowdStrike Falcon for network protection. We have government customers.

I have found the connection to search the hosts for detections very useful in CrowdStrike Falcon.

The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need.

In the next release, it would be beneficial to have a DLP or CASB solution.

I have been using CrowdStrike Falcon for approximately one year.

The stability of CrowdStrike Falcon is very good. We have never had an issue.

CrowdStrike Falcon is scalable. We were able to deploy it in a 5,000 hosts environment it is easy to scale.

We plan to increase usage in the future. We are always looking for new clients.

The technical support is very good, it is perfect.

The setup is simple, it took approximately one week.

We deploy the solution with two people.

We are on an annual subscription for the solution. There are not any additional costs.

My advice for others is to purchase the solution it is simple to use and effective.

I rate CrowdStrike Falcon a ten out of ten.

We primarily use this solution for AV, next-gen AV, EDR or XDR.

I find most of the features to be very generic.

The solution is very good but tighter integration around XDR could be included. There are a lot of open integrations, but they are external factors that cause dependencies on the integrator, not really on CrowdStrike, so it's a bit of a challenge as there is no comprehensive solution. Additionally, the solution is dependent on Windows technical support.

We have been using CrowdStrike Falcon for approximately three years.

The solution is stable.

The solution is scalable, but price and support are a bit of a challenge.

We previously used different solutions, and the primary differentiating factor was marketing.

The initial setup was straightforward.

The price is high in comparison to similar brands.

I rate the solution a seven out of ten. I advise new users first to understand their use case, its vulnerability and its importance.