CrowdStrike Review

I like the overall reports of this solution. They are crisp, and to the point.


What is our primary use case?

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

How has it helped my organization?

First, it is a production from known and unknown interests. Second, it has an extremely low footprint, so it has minimal impact on the user endpoints in terms of CPU and memory usage. The tamper protection of the CrowdStrike agent is extremely good even if the user is having admin rights and he tries to disable these CrowdStrike services. The CrowdStrike service will respawn itself. It is practically impossible to tamper with these services. If I managed to craft some malware that would shut down the services, CrowdStrike will respond itself, and it will still to protect my endpoint.

In addition, it reduces the overall containment timing, and quickly isolates the endpoints to quickly mediate the issues. 

What is most valuable?

The EDR feature of CrowdStrike is fantastic. Also, in comparison to other solutions, it can connect remotely, so our security analysts can get into the system directly and do manual analysis as well. 

I also like the overall reports. They are crisp and to the point.

What needs improvement?

There are a couple of issues with the compatibility to some of the operating systems. But, I see that there are a lot of things in the pipeline. They have a roadmap, and continuously are improving. Within the last three months I have seen lot of new features in the overall CrowdStrike suite.

A couple of things were on the cosmetic part. CrowdStrike needed some improvements on the report functionalities, specifically the dashboard functionalities. Technically there a lot of things also coming from a visual perspective. There are a couple of things they still need to work out like the dashboards. The dashboard does not have the facility to export the reports in a PDF format, which I can quickly share with internal stakeholders. These are minor things, but they are in the pipeline.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The product is quite stable. 

What do I think about the scalability of the solution?

It is very scalable. It can be used for 10,000 endpoint users. So, it is very scalable in terms of volume.

How is customer service and technical support?

Tech support is helpful, but they need a little bit of improvement. The response time is good. This was not a "show-stopper" for us.

How was the initial setup?

Initial setup was pretty straightforward. It has cloud-based hosting, so you can just get your installation agent, install it, authenticate the agent with your cloud instance and start managing the agent.

What was our ROI?

CrowdStrike has helped us in terms of manpower and cost savings. I work with a team of less than 10 people, and I have worked in other organizations where I used to handle more than 20 to 25 people for the same things.

What's my experience with pricing, setup cost, and licensing?

The pricing will depend upon your volume of usage.

Which other solutions did I evaluate?

I have prior experience with Cylance and Dell Data Security Agent powered by Cylnace, which I would not say is a complete EDR. I also have prior work knowledge of SECDO, which has been acquired by Palo Alto.

What other advice do I have?

It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
NachiketSathayeReal UserTOP 5

Crowdstrike has recently announced the EDR platform support to iOS and Android devices as well. So now Security teams can provide better security for external and roaming user devices.

05 March 19
Guest
Sign Up with Email