What is our primary use case?
We use this solution for threat protection and endpoint security.
Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school.
I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.
How has it helped my organization?
With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.
If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed.
It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.
What is most valuable?
Falcon Protect looks at processes and issues in real-time.
What needs improvement?
CrowdStrike Falcon by itself does not supply in-depth reporting.
Falcon Protect does what it does. It's endpoint security — nothing more, nothing less.
What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.
For how long have I used the solution?
I have been using CrowdStrike Falcon for the past year and a half.
What do I think about the stability of the solution?
We haven't experienced any issues regarding the stability of CrowdStrike Falcon.
What do I think about the scalability of the solution?
CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.
How are customer service and technical support?
Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.
On a scale from one to ten, I would give their customer support a rating of nine.
Which solution did I use previously and why did I switch?
We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.
We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.
How was the initial setup?
The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.
What's my experience with pricing, setup cost, and licensing?
The price of CrowdStrike Falcon is a little high, but it can be negotiated.
What other advice do I have?
If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.
On a scale from one to ten, I would give this solution a rating of nine.
The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.
Which deployment model are you using for this solution?
Get Fast and Easy Protection Against All Threats
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.