CrowdStrike Falcon Complete Reviews

My organization is a cybersecurity company using CrowdStrike Falcon for incident response and forensic analysis. Twenty-five employees are using it now

CrowdStrike has improved our operations in many ways. Three of our clients recently got hit by ransomware. Using Falcon Complete, we contained and fixed the issue and helped them get things back to normal.

I like Falcon's AI functionality and vulnerability management. That has been so helpful. Falcon Complete can manage vulnerabilities, quarantine threats, and do all kinds of forensic incident analysis. It's a lightweight solution that only uses 1% of the CPU, which is a game changer. Other EDRs have had high CPU usage.

Falcon could use more SIEM capabilities, like a central place to monitor all our clients.

We have been using CrowdStrike Falcon for nearly two years now.

I rate Falcon 10 out of 10 for stability. 

I rate CrowdStrike Falcon 10 out of 10 for scalability. 

We were using McAfee Endpoint Security, but we later partnered with CrowdStrike, so we started using Falcon. The McAfee solution was limited. CrowdStrike EDR has a good dashboard that lets us see what's happening and the processes on my machines. It has better quarantining and remediation.

Setting up Falcon was straightforward. We deploy it on the cloud and on-prem, depending on the client. You can deploy it in under five minutes with an adequate internet connection.

The number of people needed to deploy the solution varies. It only requires one person if we are using Active Directory. However, we typically do it manually with four people to do it, so it's faster for us to reach the organization's endpoints.

We evaluated Trend Micro and a few other EDRs. We found from the ratings that CrowdStrike was more effective than other EDRs. In addition, we have some solutions from other vendors like AlienVault OSSIM and Darktrace because those are the main players in our market.

Typically, we use the solution for detection, as we outsourced the response element to an MSSP. It also gives us visibility into security threats and allows us to find and eliminate them. For issues that outweigh our capacity, we escalate to our third-party MSSP.

The detection and investigation capabilities are my favorite parts of the solution. It has good threat intelligence and threat-hunting features.  

I want better integration with other security solutions; integrating with third-party apps wasn't as seamless as I expected.

I've been using the solution for one to two years. 

The solution is stable. 

I can't say because our usage remained flat; we didn't up or downscale.

On a scale of one to ten, I put the difficulty of the initial setup at five, right in the middle.

CrowdStrike offers training at an additional cost, so many organizations wouldn't want that route.

I rate the solution eight out of ten.

My advice is to be clear in the negotiation phase about your expectations, the strengths and weaknesses of the solution, and how much of the implementation CrowdStrike will be doing for you. It's good to keep in mind what the required integrations are based on existing infrastructure to understand what is and isn't feasible in the integration.

The most valuable feature is that it has a zero-day approach. It does not work with the signature itself. It looks into what is happening on an endpoint and protects you better against threats that are not yet known but are captured in a signature. It provides far better detection than when it is only signature-based. You get much quicker protection against any new threat. This is the most important feature of the CrowdStrike solution.

They have very good knowledge of how to hunt for threats. It is all about the intelligence you put into a solution for detection. It is about making sure that if you see a number of things, you can interpret them correctly and take the right action against them. They're one of the best vendors because they come from that background. 

They are doing very well in continuously improving their product. The only thing is that it is completely cloud-based, and some customers don't really like that type of approach, but you can only provide such a solution when you have cloud-based intelligence. On the other end, we know that it is sometimes a breaking point for some of the customers. They could potentially have an on-prem or hybrid solution. Any antivirus needs to have its features updated. If there could be a relay between them, it would be helpful, but that's very hard to do. So, you either accept that approach and have the benefit with this little disadvantage. 

I have been working with this solution for three years.

We don't see any specific limitations on that at the moment. 

We have large implementations, and we don't really see any issues with the scalability of the solution. It seems to be able to scale up fairly quickly within the environment.

Their support is top-notch. They're very dedicated. Their experts are online when you need them. 

It is very straightforward. It takes very limited time to set it up. People get used to it very quickly.

Being a cloud-based solution, you don't really have to do a lot of installation. They have their own cloud. It is maintaining itself. There are automatic updates. That's one of the reasons why you want to go to the cloud-based approach. It is very easy in terms of maintenance.

I would advise anyone interested in such a solution to try it out. It is very easy to try it out. 

It is an absolute requirement to get an EDR solution in place. You should go with the ones that really have the most advanced capabilities for threat hunting. It is best to go with the experts. They've had some competition from Microsoft, which is not a bad solution, but Microsoft is not a security expert. CrowdStrike knows very well how to identify threats and link them to specific behavior. That's what you really want to have in there, and that's their strength. One of the reasons why they're still leading is that they are the only ones who can say, "We manage your network, and we would give you money back if we could not detect the issues upfront." That's one of their strong points.

If they don't do any specific scanning, they will adapt themselves to that. If it is a new system, they would need to learn that. If there is something new in there, it could be harder for them to detect it because they don't yet know the behavior, and they have to learn about it. That's the only negative element I see in it. 

They're doing quite a bit of work in improving it. They are doing a good job in evolving the product. I don't see any specific needs at this given moment on that. You could ask a lot, but in the end, you still need to make sure that the core is functioning well. They should stick with what they do best. Evolve that but not start doing everything. That's because it will not work. I'd rather have them stick to their niche.

I would rate it a nine out of 10.

We provide service to our customers based on their XDR requirements, such as multi-platform solutions or whatever they have. We use the solution to provide security for those integrated solutions and service their XDR platforms.

CrowdStrike Falcon Complete will reduce the cost of an IT team. You just download the agent and install the license. It's as simple as that.

Also, because of the prevention the solution provides, our clients can see the threats and they can prevent them at the initial stage.

The XDR features are the most valuable in the solution.

And it is very easy to manage the licenses centrally because these are cloud licenses. There is no need for manual data reports. If the internet is connected, the updates and everything can be automatically downloaded, and they can just click and monitor things.

I would like to see them introduce DLP.

We are a partner for this solution and we have been working with it for more than four years.

The stability is fine. We haven't seen any issues.

We used to use McAfee and Kaspersky. We switched because CrowdStrike has very user-friendly licensing for both the customer and the partner.

We haven't seen any challenges at the time of deployment. It is a cloud solution and is deployed per our customer's requirements. For example, if the customer has an Azure environment, we deploy it for Azure. And if they have on-prem services, we deploy it for those services.

Most of the time it is a remote implementation.

We have not seen any challenges regarding its maintenance.

Our clients definitely see return on investment from CrowdStrike.

The pricing is a little bit higher than other OEM competitors in the market, like SentinelOne and Trend Micro. In the Indian market, it is 10 percent higher.

Instead of maintaining on-prem licenses, we suggest CrowdStrike for better performance and better prevention of threats.

CrowdStrike Falcon Complete is used for endpoint protection, which includes anti-malware, and some MDR capabilities, such as threat hunting.

The most valuable feature of CrowdStrike Falcon Complete is the overall endpoint protection.

CrowdStrike Falcon Complete could improve the threat visibility and have remediated vulnerabilities that they find.

I have been using CrowdStrike Falcon Complete for approximately four years.

We have not had any problems with the solution.

I rate the stability CrowdStrike Falcon Complete a nine out of ten.

The scalability is good.

We have approximately 20,000 users that are using this solution.

I rate the scalability CrowdStrike Falcon Complete an eight out of ten.

I have not used the support.

We are looking to move to SentinelOne because of the lack of threat visibility.

My advice to others is to take the full package of the solution to determine what are the most useful features and then adjust the package later.

I rate CrowdStrike Falcon Complete an eight out of ten.

We have been testing CrowdStrike Falcon Complete but we have not implemented it in our production at this time. However, we have found useful features in CrowdStrike.

CrowdStrike Falcon Complete has a very lightweight agent that provides signatureless detection protection from known and unknown malware or ransomware which is very useful.

The vulnerability assessment feature is a great benefit that provides detailed assessments of vulnerability. There are plenty of visualization of the threat; if any attack happens they explain in a visualization how the attack happens, how much the system has been affected, and what is the source. This information has allowed us to make the appropriate action.

CrowdStrike Falcon Complete is not providing application control. This is a very useful feature in any endpoint security because if you want to block any malicious activity of any particular application, you can not block it in this solution. However, you are able to block hashes, but not executable files or processes. Additionally, this solution does not provide a user risk score. These are two areas that CrowdStrike Falcon Complete can improve on in the future.

I have been using CrowdStrike Falcon Complete for a short period of time.

The solution is scalable.

Our customers are mostly large organizations. A recent customer has approximately 15,000 endpoints.

We only raised one case with the technical support and they solved the issue very quickly. Since we only had this one occasion we dealt with the support we are not aware of the consistency of their support.

I have previously used Trend Micro Apex One with Trend Micro Managed XDR.

The initial setup was straightforward. It is easy to install for an end-user system from a third-party application. For a single installation, it can be done with a few clicks of the mouse, it is not complicated, anyone can install it.

We have a team of approximately three that can manage CrowdStrike Falcon Complete from System Center Configuration Manager (SCCM). We do not need to go to every system and install it, all of it can be done through the SCCM.

I would recommend CrowdStrike Falcon Complete to others.

I rate CrowdStrike Falcon Complete an eight out of ten.

We use the solution for protecting the endpoints.

The solution simplified our structure.

The Falcon Spotlight is a most valuable feature.

While the pricing does not bother us, it is a bit on the high side. It could be lower.

An MDM, Mobile Device Manager, should be added in the next release. 

We just started implementing CrowdStrike Falcon Complete a couple of weeks ago. 

We have only recently started to implement the solution, so I am not in a position to comment on its stability. 

We have not had occasion to contact technical support. 

We did not use a different solution in the past. 

The initial setup was easy.

We handled the initial setup on our own. We make use of CrowdStrike's help.

The pricing could be lower. The solution is a bit expensive. 

In addition to CrowdStrike Falcon Complete, we also looked at FireEye from Palo Alto and at other solutions from Symantec. We decided to go with CrowdStrike Falcon Complete.

I rate CrowdStrike Falcon Complete as an eight out of ten.

I primarily use Falcon Complete to protect against threats.

Falcon Complete's user interface isn't very user-friendly, especially for writing rules.

I've been working with Falcon Complete for one year.

Falcon Complete is stable.

Falcon Complete is scalable.

CrowdStrike's technical support is good, I haven't heard any complaints about it.

The initial setup is easy because Falcon Complete is on-cloud, and it takes around a week to deploy.

Falcon Complete isn't too pricy, and its licensing is available on a yearly basis.

I would recommend Falcon Complete for anyone looking for a cheaper alternative that's almost the same quality as Cortex. I would give Falcon Complete a rating of seven out of ten.