We just raised a $30M Series A: Read our story
DB
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
Provides instant visibility and protection across an organization

Pros and Cons

  • "It's given me a level of confidence that my network is secure."
  • "CrowdStrike Falcon by itself does not supply in-depth reporting."

What is our primary use case?

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

How has it helped my organization?

With the addition of Overwatch and the Insight tool, the reporting has gotten better and I've gained some quality insight that helps me remedy compliance issues and maintain security posture; however, in a year and a half, we haven't had an actual positive detection across a hundred endpoints. The reason for that is mostly due to our employee training and the way that our complete security stack is configured. I hope that the way that I've got it configured right now is the sole reason that we literally aren't letting things in.

If the solution sees some issues, it reports them. Even though they're false positives, in a different scenario, what it's reporting could be a threat. Usually, they're just executables that were downloaded and installed by me. That's to be fully expected and maybe they came from a vendor, but it wasn't signed. 

It's given me a level of confidence that my network is secure — the fact that it's not finding anything; however, I am not experiencing the issues that competitors are saying I should be experiencing. I literally have to test it manually to know it's working.

What is most valuable?

Falcon Protect looks at processes and issues in real-time.

What needs improvement?

CrowdStrike Falcon by itself does not supply in-depth reporting. 

Falcon Protect does what it does. It's endpoint security — nothing more, nothing less. 

What it does, It does well. However, if you need more information on what it found and how it got there (including board reporting and compliance reporting), that's not there. Some of the other solutions that are available give you that, right out of the box.

For how long have I used the solution?

I have been using CrowdStrike Falcon for the past year and a half.

What do I think about the stability of the solution?

We haven't experienced any issues regarding the stability of CrowdStrike Falcon.

What do I think about the scalability of the solution?

CrowdStrike Falcon is scalable. I've only got one hundred endpoints and I know companies that are hundreds of times bigger who use it.

How are customer service and technical support?

Trying to get somebody on the phone might not always be the easiest thing, but they usually respond in a fairly timely manner. I haven't had any issues where I've needed them to immediately fix things.

On a scale from one to ten, I would give their customer support a rating of nine.

Which solution did I use previously and why did I switch?

We had a Vipre solution, but it was an On-Prem solution. The server was aging out and the software was up for renewal. It wasn't working well with our remote workers; they're not literally connected to my network so updating them was always a pain-point without a cloud-based solution.

We were going to transition to "cloud" and Vipre just wasn't really up to the level of CrowdStrike at the time.

How was the initial setup?

The deployment literally took about 15 minutes across the wide area network. Regarding configuration, we took a look at it with their tech support and Implementation team. There's literally maybe a dozen settings and we basically maxed them out.

What's my experience with pricing, setup cost, and licensing?

The price of CrowdStrike Falcon is a little high, but it can be negotiated.

What other advice do I have?

If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price.

On a scale from one to ten, I would give this solution a rating of nine.

The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Garnett Kirk
Information Security, Sr. Analyst at a wholesaler/distributor with 10,001+ employees
Real User
Top 20
Good support, activity dashboard provides a holistic view from a security standpoint

Pros and Cons

  • "The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint."
  • "We would like to be able to perform on-demand scanning, rather than relying on the scheduler."

What is our primary use case?

We use CrowdStrike Falcon as our EDR solution, including antivirus.

How has it helped my organization?

As Symantec ended its endpoint protection, we were able to roll out CrowdStrike.

It is important to us that CrowdStrike is cloud-based because the way I understand it, that's their main engine for their next-gen EDR solution. The fact that it's cloud-native, flexible, and offers always-on protection is important because we want to have 24-hour monitoring of our environment. It is important to us that we don't have to worry about upgrades.

This product has worked flawlessly to prevent breaches, and then it has allowed us to prevent any downtime.

It has minimized our footprint because having the ability to implement the prevention policies has allowed us to focus on other projects. The prevention policies are working for us.

What is most valuable?

The most valuable feature is the activity dashboard because it gives you a holistic view of your environment from a security standpoint.

What needs improvement?

We would like to be able to perform on-demand scanning, rather than relying on the scheduler. Right now, CrowdStrike does not have an on-demand scanner. They have the always-on, but we have found instances where artifacts are being blocked from running, but they're not being removed. With an on-demand scanner, we would have the ability to remove those artifacts from an end user's machine.

I would like to see the multi-site environment functionality added in the next release. Currently, we are working under a single-site environment, and on the roadmap, they mentioned having the ability to have a multi-site environment.

For how long have I used the solution?

We have been using CrowdStrike Falcon for approximately eight months.

What do I think about the stability of the solution?

Stability-wise, they are very advanced in the next-gen antivirus game. CrowdStrike Falcon is always available.

What do I think about the scalability of the solution?

We have approximately 5,000 machines that are being managed. As time moves on, this number will grow, but we don't expect it to get larger in the near future.

How are customer service and technical support?

I would rate the technical support that we received during the deployment, as well as post-deployment, very well. They were very knowledgeable and gave us all of the tools we needed to have a successful deployment.

Which solution did I use previously and why did I switch?

Prior to Falcon, we were using Symantec antivirus. It was out of date, which is why we replaced it.

How was the initial setup?

It is very easy to deploy the solution's sensor to our endpoints. We use an automated process. 

Our deployment took between two and three months, with paperwork, communication, and roll-out timeframes. Our implementation strategy included using IBM's BigFix application to push to Windows machines, and then we used a solution for the Mac to push it out remotely as well.

What about the implementation team?

Our IT Services team deployed this solution, and they leveraged consultants from CrowdStirke to get the proper packages for the process.

I'm sure that there is administration and upgrades to do, as sensors need to be updated or policies need to be adjusted. We have a group of approximately five people who are security engineers, IT Services, and directors who use it.

What's my experience with pricing, setup cost, and licensing?

With respect to pricing, my suggestion to others is to evaluate the environment and purchase what you need.

Which other solutions did I evaluate?

We looked at different options, such as Carbon Black, as we were replacing Symantec as our EDR solution, and CrowdStrike was the top winner. CrowdStrike is always on, 24 hours. Analysis, with the prevention and the detection policies, as well as the USB policies, are all very beneficial. The one thing that CrowdStrike did not have is the on-demand scanner.

What other advice do I have?

My advice for anybody who is interested in implementing CrowdStrike Falcon is to review and evaluate your environment and compare their EDR solutions.

I would rate this solution a ten out of ten.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,407 professionals have used our research since 2012.
DB
Director Of Information Technology at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
Offers a cloud-based option and has good stability

Pros and Cons

  • "The stability is good; we haven't experienced any glitches or bugs."
  • "The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."

What is most valuable?

I like that it's cloud-based instead of on-premise.

What needs improvement?

I miss a feature for the USB control that they have as an add-on. I haven't gotten to the point where I want to pay for it, but the features that I miss are available.

The biggest issue with Falcon as a standalone product is it doesn't have very much reporting.
Out of the box, the only weakness is the level of reporting.

All the analytics and the telemetry are there, it's just a matter of getting to it. Other vendors offer some of that stuff right out of the box.

CrowdStrike Falcon has been very low maintenance. There are features on it that I haven't touched yet. I've got a SIEM that I haven't really had time to explore fully. I have a patch management system that does what it does. I have a firewall and IDS that do what they do, and I have an endpoint security system that does what it does.

MSPs keep asking how one person can keep up to the different solutions and alerting, if you don't have any problems, then it's pretty easy to keep up. Everything does what it does.  I don't experience any of the issues that apparently a lot of people have on their network. How can I tell you what to improve if it's doing what it's supposed to do? 

For how long have I used the solution?

I have been using CrowdStrike Falcon since June of 2019. 

What do I think about the stability of the solution?

The stability is good; we haven't experienced any glitches or bugs.

What do I think about the scalability of the solution?

We're a small company so the scalability is fine for us.

How are customer service and technical support?

I don't have to talk to their technical support often. When I need help, I contact them by email.  Sometimes it takes a little while to get through to them, but otherwise, when they respond the issue is resolved. Not a real concern. 

Which solution did I use previously and why did I switch?

We had Vipre business on-premise, the product was being discontinued and I wanted to move away from an on-premise solution.  At the time Vipre did not seem to be quite as mature as other options.  I understand that they have improved quite a bit since I looked at them last.

How was the initial setup?

The initial setup was straightforward. Initial agent deployment took roughly 15 minutes.  SIEM integration required some coordination between vendors, but was relatively uneventful when support teams were involved.

What's my experience with pricing, setup cost, and licensing?

Licensing cost is negotiable. There are no additional costs.

On a scale from one to ten, I would give this solution a rating of nine. I'm sure there's always something that can be improved.

Which other solutions did I evaluate?

We evaluated Vipre, Carbon Black, and a few others.

What other advice do I have?

There are half a dozen players out there that are the best of the breed. Pick one.

When it came to CrowdStrike versus Carbon Black, configuration and setup were deciding, driving factors. CrowdStrike was much easier to configure, but overall, is it better or worse? I can't make that judgment call.

All I know is what I've been told by other vendors that are trying to get my business. They tell me about issues that I've never encountered with the products that I have. In summary, take what a vendor says about another vendor's product with a grain of salt.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MW
Chief Information Security Officer at a hospitality company with 5,001-10,000 employees
Real User
Stable and easy to set up, and has reduced our need to re-image machines

Pros and Cons

  • "The most valuable feature is that we don't need to re-image machines as much as we had to."
  • "They need to strengthen the forensic capabilities of this product, for e-discovery."

What is our primary use case?

We have various use cases. We are protecting servers and endpoints that are utilizing this product to focus on advanced, persistent threats, with the goal of reducing the overhead on the endpoint for early detection.

Right now, we have not put enforcement, and we're moving to the next level of detection.

How has it helped my organization?

Using this solution has reduced my need for imaging. We can mitigate the issue and address it immediately, for people both on and off of the network.

What is most valuable?

The most valuable feature is that we don't need to re-image machines as much as we had to.

What needs improvement?

They need to strengthen the forensic capabilities of this product, for e-discovery.

For how long have I used the solution?

We started testing and deploying CrowdStrike Falcon about a year and a half ago, in the early part of 2019.

What do I think about the stability of the solution?

In terms of stability, it's a great tool.

What do I think about the scalability of the solution?

At this time, we have between 5,000 and 6,000 endpoints.

How are customer service and technical support?

We have been in touch with CrowdStrike technical support and they have been very supportive.

Which solution did I use previously and why did I switch?

Prior to CrowdSrike, we used a signature-based solution from Symantec.

How was the initial setup?

The initial setup was very straightforward and very easy. We've been bringing stuff into the SWOT platform and getting that data. It has been pretty good.

What about the implementation team?

The implementation was done in-house. We had, in part, help from a strategic partner, EY.

Which other solutions did I evaluate?

CrowdStrike is what we did for the time and for the moment. It is number two when you look at the magic quadrant, and we have implemented that for the time being. When we selected it, that was right for us to get away from a Symantec signature-based environment for endpoint detection response.

We have moved over to CrowdStrike for now. When you look at the quadrant, the number one is Microsoft. With Defender built into the operating system, there is less overhead on the endpoint. We will eventually, most likely, migrate to that.

I have experience with Cylance, as well. They gave that the advanced persistent threat leader title, at one point in the market. I implemented that for one client and now, being in this CISO role, I went with CrowdStrike over Cyberreason and Cylance/Blackberry. The main reason for CrowdStrike is the Falcon technologies and what they do with their strategy.

We're moving to Office 365, and it will make sense for me to adopt Microsoft Defender because it's integrated into the platform. One of the differences between Defender versus CrowdStrike or any other of them is that they have to sit outside. Microsoft Defender can go deep down into the kernel, and that's a good thing for the endpoint. You can do a lot and detect a lot, which makes it far safer against advanced persistent threats.

What other advice do I have?

Overall, this product has been pretty good and I recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Saifuddin Ebrahim
Senior System Engineer at a computer software company with 1,001-5,000 employees
Real User
Top 20
Good threat intelligence with fair pricing and good stability

Pros and Cons

  • "The solution can scale easily."
  • "Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."

What is our primary use case?

We primarily use the solution for threat intelligence.

What is most valuable?

The threat intelligence on offer is the solution's most valuable aspect.

The solution is very stable.

The solution can scale easily.

The pricing is very competitive.

What needs improvement?

The solution overall is a good product, and we don't see too much room for improvement.

Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply.

The solution could use better device control.

For how long have I used the solution?

I believe I've been using the solution for the past three years.

What do I think about the stability of the solution?

The solution is very stable. We don't find there are any bugs or glitches. We haven't had it crash or freeze on us. It's quite reliable.

What do I think about the scalability of the solution?

The scalability of the solution is good. If a company needs to expand out, they can do so easily with this solution.

In our organization, we have about 2,500 people using the solution. We already use the solution at 100% capacity, meaning everyone in the company uses it. If new employees are onboarded, they also use the solution. Chances are, we will increase usage int he future.

How are customer service and technical support?

Technical support could move a bit faster. We find that it takes time - at least a day - to reach support and then get a response. Therefore, we're not completely satisfied with the level of service provided to us. It's an area that could be improved upon for sure.

Which solution did I use previously and why did I switch?

We used to use Carbon Black. We switched due to the fact that this solution offered us better partnership offers.

How was the initial setup?

The initial setup is not complex. It's very, very easy.

You can set up and deploy the product in 30 to 40 minutes. It's straightforward.

You only need a few people to handle deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The price is very reasonable and quite competitive in the market.

Which other solutions did I evaluate?

Before choosing this solution, and switching from Carbon Black, we looked at Endgame and Kaspersky.

What other advice do I have?

We are working with all the versions for the most part, due to the fact that we are partners of CrowdStrike and we position CrowdStrike to our customers. We also use the solution for our company.

I'd recommend the solution to others, however, I would advise that they try it first as a POC so that they can first see the value of the product.

Overall, I'd rate the solution eight out of ten. If technical support could be faster and there was more device control, I would rate the solution higher.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
John Seaver
Director Of Information Technology at DLZ Construction Svs.
Real User
Top 20
Very good for endpoint security; we've remained infection free without any downtime

Pros and Cons

  • "We haven't had any infections or down time."
  • "Too many false positives."

What is our primary use case?

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

What is most valuable?

We rely on our environmental security and we haven't had any infections so that's valuable for us. It means we haven't lost any time due to the system being down from ransomware or anything like that, so it's quite positive. 

What needs improvement?

Improvement could be made in the number of false positives we get, there are more than there needs to be. Typical Windows functions sometimes get stopped by CrowdStrike. In general, I'd rather err on the side of safety but some of these are really straightforward functions that should get through.

For the future, I think they need to keep building on their extensibility, the capability to be extended, so that it's not lost and we can utilize the knowledge that we're gaining from the endpoints. 

For how long have I used the solution?

I've been using this solution for a little over a year. 

What do I think about the stability of the solution?

This is a stable solution, I'm unaware of any failures. 

What do I think about the scalability of the solution?

Scalability is expensive but it works. We've installed it on more than 900 machines in the corporation and it covers every role from civil engineers, architects, HR people, office workers and the server. Maintenance takes the equivalent of one full-time position but it's a shared responsibility among the IT team. 

How are customer service and technical support?

The technical support do a good job. 

How was the initial setup?

The initial setup occurred before I began working here although I believe it is quite straightforward. The install process for machines is pretty good. If we want to de-install it's not so great, but overall it's tolerable.

What's my experience with pricing, setup cost, and licensing?

I believe that we pay about US$ 65,000 annually which covers 900 machines in the company. There are no other costs but there are additional features that can be purchased but we haven't done that. 

What other advice do I have?

CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side.

I would rate this solution an eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
MH
Sr Network Administrator at a construction company with 501-1,000 employees
Real User
Offers good insights when it has a detection

Pros and Cons

  • "It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
  • "I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement."

What is our primary use case?

Our primary use case is for endpoint protection.

How has it helped my organization?

When we have detections, I get insight into the top-down view of where it thinks it saw the problem and what triggered the detection. This allows us to have insight into what it thinks it is compared to what could have we have really been doing.

What is most valuable?

It seems to do a pretty good job of protecting the host. Gives good insights when it has a detection. It's pretty incredible.

For how long have I used the solution?

I have been using CrowdStrike Falcon for six months.

What do I think about the stability of the solution?

So far, it's been 100% stable. Besides the very lightweight agent, it's all Cloud-based, so I haven't had any downtime.

What do I think about the scalability of the solution?

Scalability is super easy. The deployment was easy. It's all price based. Money is the biggest challenge, not deploying it. It requires one system engineer. 

We have around 400 users. There are five of us who manage it, including the help desk, system engineers, and the director.

How are customer service and technical support?

We haven't needed to contact support yet. 

Which solution did I use previously and why did I switch?

We previously used Cylance. We switched because they weren't innovative. It was the same product that we bought three years ago. They were a great product and they had a job and they did it well. They just didn't ever innovate and they never improved. It's the same products we bought for the same three years. CrowdStrike was more innovative and it seemed to be a better long-term product. They seem to be improving constantly.

How was the initial setup?

The initial setup was very easy. The deployment took about 60 days. We had a few methods of deployment. We did a push method. We had an agent tell all the machines that we were able to script it and push the apps to that.

What about the implementation team?

We used the project management of CrowdStrike's themselves for the deployment. They were really good. 

What was our ROI?

We haven't had any outages based on malware or ransomware. I can't put numbers to it, but not having that kind of an outbreak definitely has an ROI attached to it.

Which other solutions did I evaluate?

We looked at a few other solutions but the main competitor was Carbon Black. 

What other advice do I have?

I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
NS
Technical Architect at a consultancy with 10,001+ employees
Real User
Top 20
An easy to navigate interface and it maintains itself, but the detection capability needs improvement

Pros and Cons

  • "At this point what is most valuable is the interface, which is easy to navigate."
  • "In the six months that I have been using CrowdStrike, it has not been able to detect anything."

What is our primary use case?

The primary use case of this solution is as endpoint detection and response.

What is most valuable?

At this point what is most valuable is the interface, which is easy to navigate.

What needs improvement?

In the six months that I have been using CrowdStrike, it has not been able to detect anything. We have been using Trend Micro and it has detected some malicious activities.

We have CrowdStrike conduct some inner forensic investigations in hopes that it will be more advanced and detect things that may have been missed by Trend Micro.

It would be helpful to have some prebuilt search queries based on the top ten queries in the industry for detection.

For how long have I used the solution?

I have been using CrowdStrike for six months.

It's a SaaS-based solution that maintains itself. It updates automatically so that we are always using the latest version.

It is not like an on-premises solution where you maintain and upgrade the version to get the newest release. It's a cloud service that is maintained by the vendor.

What do I think about the scalability of the solution?

From my understanding, CrowdStrike is scalable as it's a cloud solution. 

This is not an area that we have fully explored as we have less than 20 end-points.

How are customer service and technical support?

There has not been any contact with technical support or community support. I have been able to do what I needed through the documentation provided.

Which solution did I use previously and why did I switch?

We are currently using CrowdStrike, and also running another AV because CrowdStike is not detecting any malicious activities and the other AV is. We are giving it some more time to see if anything happens.

We decided to start using CrowdStrike for our external facing servers because it is the market leader in EDRs. While Trend Micro has an EDR, they call it XPR it is still new to the market.

How was the initial setup?

The initial setup is straightforward, it is easy to install and only took a few minutes.

We have deployed it on our external facing servers.

What's my experience with pricing, setup cost, and licensing?

The pricing could be reduced. If it was more reasonable that would be great.

What other advice do I have?

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free CrowdStrike Falcon Report and get advice and tips from experienced pros sharing their opinions.