CrowdStrike Falcon Primary Use Case

JS
Director of IT at a tech services company with 51-200 employees

We use this product for endpoint security and threat remediation.

View full review »
Syed Ubaid Ali Jafri - PeerSpot reviewer
Head of Cyber Defense & Offensive Security at Habib Bank Limited

The following is a list of use cases that were tested and evaluated against Crowd Strike along with different competitors.

1 - Execution of Fileless Ransomware - The test was conducted using PowerShell script execution, the script was executed using privileges rights and it was successful. Although all the preventive controls were enabled in the CS falcon dashboard, CS falcon had raised a red flag regarding fileless execution, however, the moment it let us know our system got encrypted.

2 - Uploading large volume of Data over the cloud - Using customized script in the USB, a test was conducted to copy (.docx, .xlsx, .pptx, .png, .jpg, .pdf, .txt, .rtf) files from the system. It performs a copy operation from the whole disk and creates a password-protected .zip file in APPDATA of the complete files, once the protected file is created it then checks the internet connectivity. As soon as the script finds connectivity with 8.8.8.8, 8.8.4.4. it starts sending the protected .ZIP file over its CnC cloud.

3 - Disabling of CS Falcon Agent - I have conducted a test to disable the Falcon agent from the Windows-based OS. The agent was successfully disabled by booting up another OS and renaming of agent files from the system.

4 - Perform Privilege Task in Crowd strike - CS roles have some additional privileges. While performing host containment, it has the ability to perform the following operations without informing the user: 

* Host Containment 
* Isolating the host from the network;
* Copying data from the host machine into the CS cloud;

Considering the above situation it may cause a breach of user privacy due to which user can file a complaint against InfoSec team.

View full review »
JA
Security Analyst II at a healthcare company with 10,001+ employees

It is currently our antivirus and EDR platform that we use to export incidents to our SIEM and automation platform, SOAR. We use Demisto for our SOAR.

The solution is fully deployed in our organization. We are primarily Windows. There are four major hospital sites with a couple thousand endpoints each. We probably have 600 remote workers due to COVID-19. I would probably say there are 7,000 VDIs inside of Citrix. Then, the rest are probably small clinical sites with no more than 50 to 80 people at each one. They make up the bulk of the rest, and probably 99 percent of that is Windows or server-based. We only have maybe 30 Macintoshes in the whole system and about as many Linuxen.

We are using Windows agent 618.

View full review »
Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
AK
Senior Data Hosting and Security Special at Two aquate

We're installing the solution on some of our external servers. It has a cloud portal, and we can control everything through the cloud. It's good for remote sites.

View full review »
Robert S. Balter - PeerSpot reviewer
Owner at RSBPC

I'm a tax lawyer, so the IRS requires me to have a security program. 

View full review »
EH
Chief Information Security Officer at a real estate/law firm with 10,001+ employees

Our main use case was looking for an endpoint solution that was able to follow our users anywhere. We have over 52,000 employees, and a majority of our people work in various places. Many employees are not in an office every day: They are at a client's sites, some work at home, some are traveling, etc. We really needed something that would give us visibility no matter where and when an employee was working.

View full review »
JT
Director - IT Security Operations at a manufacturing company with 10,001+ employees

It blocks all the stuff bad actors are trying to do to our users.

All our end user systems and servers are on-prem and cloud workstations desktops everywhere.

We are using the latest version minus one release (N-1).

View full review »
Naveen Nelavigi - PeerSpot reviewer
Senior Security Analyst at Ernst & Young

I'm a security analyst. We get alerts on the cloud side that appear in the CrowdStrike console and also in our email. We can consolidate them on the console and check the process tree. You can see the hostname, user details, and all the information on the right side.  On the file part, we can see whether the malicious file has been executed and decode it to see where the hash appears.

View full review »
Marcelino Bocanegra - PeerSpot reviewer
Cybersecurity solution architect Individual Contributor at IQSEC SA

Falcon helps my client improve productivity. About 5,000 users at the client company are using the product. 

View full review »
CK
IT Network Infrastructure Manager at HENSOLDT

We use CrowdStrike Falcon as a managed SOC for intrusion detection on our endpoints.

View full review »
Jordan Swanson - PeerSpot reviewer
Information Security Assurance Engineer at School District of Lee County

We integrate the data from this solution with ExtraHop, which is an NDR. Being able to move between both platforms and have network-level data and transactions over the network feed into XDR CrowdStrike is really powerful. It helps us make better decisions, it makes better decisions without human intervention, and it hones the analytics a little bit. The EDR aspect of it works almost exactly the same as the regular Falcon product. I will say that it's probably a lot better at scale than what we're using it for. I work at a school district, so for the individual schools, it's nice to see and isolate issues and have reports built by individual school locations rather than just everything looking like a whole hodgepodge of computers.

View full review »
Ali Minissi - PeerSpot reviewer
Group IT Director - Technical Operations at a construction company with 10,001+ employees

We use CrowdStrike Falcon for both our server and endpoint security, including our users' laptops and PCs.

View full review »
AT
Chief Security Officer at a financial services firm with 201-500 employees

We have several use cases including threat management, EDR, AV, and a SOC with 24x7 monitoring.

View full review »
SH
Director, IT & Systems Security at Tilson

We implemented CrowdStrike because we needed to identify a new solution to address a 100% remote workforce, both because of COVID, but in general, our workforce is very distributed around the country.

View full review »
JM
Information Security Analyst at a insurance company with 1,001-5,000 employees

We use it for our endpoint detection and response on our devices for both endpoints and servers. It has replaced our traditional antivirus. We are strictly using it now to do all our antivirus duties.

We are primarily a Windows environment, 95 percent Windows. Then, we have a little bit of Linux and Macs in there as well.

View full review »
GK
Information Security, Sr. Analyst at a wholesaler/distributor with 10,001+ employees

We use CrowdStrike Falcon as our EDR solution, including antivirus.

View full review »
KR
Cyber Security Manager at a university with 10,001+ employees

We use the EDR feature.

View full review »
Sathya Paul - PeerSpot reviewer
Director Of Information Technology at TollPlus LLC.

Our company's line of business includes financial transactions with an insurance policy that requires EDR protection. Compliance is part of our policy and agreement with customers. 

We currently have 1,100 users of the solution. 

View full review »
AS
Cyber Security Engineer at a legal firm with 501-1,000 employees

We are using it primarily for NGAV, but we also use their EDR product and Falcon OverWatch.

Most of our internal stuff is still on-prem. We do use SaaS for vendor products, but our internal environment is still mostly on-prem.

View full review »
Ganesh-Jadhav - PeerSpot reviewer
Senior Cyber Security Analyst at Securonix

We use it for threat detection and threat hunting.

View full review »
DL
Head Deputy Head of IT, Information Technology's Projects & Developments Center at a energy/utilities company with 201-500 employees

We rely on CrowdStrike Falcon for comprehensive threat detection, prevention, and valuable insights. This robust solution also offers identity protection features. Our dedicated team of six professionals effectively manages the platform, ensuring its effectiveness across multiple locations, including our data centers and core facility.

View full review »
HB
Security Officer

I mainly use CrowdStrike Falcon to prevent threats and detect indicators of attacks or compromises in the network.

View full review »
NC
IT Security Analyst at U.S. Venture, Inc.

The initial use case was for CrowdStrike to be a replacement for McAfee. We wanted to come up with something that was a lot more adaptive to emerging world threats and not just strictly signature-based. We wanted something focused a lot more on heuristic analysis and pattern analysis first, e.g., isn't just sheer signature. Additional use cases are workstation servers and as much as we can do in our OT environment.

View full review »
MK
Associate Director - Infrastructure Engineering at AFT

We primarily use the solution as advanced threat protection. It is used to protect all endpoints, servers, etc. 

View full review »
Dev Kudtharkar - PeerSpot reviewer
Director of Information Technology at Slice

Our primary use case is IPS and IDS.

View full review »
EW
Security Principal at Trifecta Cloud Security Solutions

The solution is primarily utilized for EDR and XDR capabilities, with some identity management features integrated through Falcon. In essence, it is employed like other endpoint protection platforms.

View full review »
AbhishekBirkett - PeerSpot reviewer
Senior Manager - Enterprise Accounts at Hitachi Systems, Ltd.

There are two things which customers really like about CrowdStrike. If they buy managed services from CrowdStrike, it offers them detection of security issues in one minute. If you buy their professional services, they offer insurance where you can claim up to $5 million if there's a breach. This is a huge upsell for customers. 

View full review »
AK
Lead Engg. Information Assurance at ACPL Systems Pvt Ltd

I am using CrowdStrike Falcon to protect my endpoints from new zero-day threats.

View full review »
MG
Enterprise Cybersecurity Architect at Swagelok Company

The product is inherently cloud-based.

View full review »
Khushru_Mistry - PeerSpot reviewer
CTO at GM Modular

CrowdStrike Falcon is our platform for IT security, encompassing endpoint security, cloud security, and EDR capabilities.

View full review »
Jawaria Abbas - PeerSpot reviewer
Security Engineer at a computer software company with 201-500 employees

We are using it as an EDR solution for endpoint protection. 

View full review »
Nakul Chopra - PeerSpot reviewer
Owner at IT Solution

We primarily use the product for the security of the endpoints to protect against viruses and malware. It protects our devices from infection. 

View full review »
Krishna .R - PeerSpot reviewer
Cyber Security Regional Head at a computer software company with 1,001-5,000 employees

We use this solution for next generation anti-virus protection and detection. We are a premium partner of Crowdstrike. 

View full review »
MA
Pre-Sales Engineer at EliteVAD

We primarily use the solution for antivirus and endpoint security.

View full review »
RB
IT Consultant at a comms service provider with 5,001-10,000 employees

We use CrowdStrike Falcon mostly for EDR.

View full review »
GC
Security Analyst at a insurance company with 1,001-5,000 employees

We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.

Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.

View full review »
SW
AVP of Tech at a insurance company with 201-500 employees

We use this product as an antivirus. We use it as an add-on for Arctic Wolf, which it integrates with. 

View full review »
RC
Security Systems Analyst at a retailer with 5,001-10,000 employees

CrowdStrike is a malware protection solution that is deployed on a private cloud across all areas of our organization. We have deployed the solution to 10,000 users. Roles-based it's the security team. 

We recently upgraded to a new feature that is set to roll out. CrowdStrike is a requirement, it's our standard. If you have a new OS deployed or a new server deployed, this is a required component. It has been automated as we grow and as we add more systems.

View full review »
MW
Chief Information Security Officer at a hospitality company with 5,001-10,000 employees

We have various use cases. We are protecting servers and endpoints that are utilizing this product to focus on advanced, persistent threats, with the goal of reducing the overhead on the endpoint for early detection.

Right now, we have not put enforcement, and we're moving to the next level of detection.

View full review »
JS
Director Of Information Technology at DLZ Construction Svs.

We use CrowdStrike for our endpoint security and we're about to tie it into vScaler. It's on every endpoint in the company and is used by everyone in the organization. It's anti-virus security software, so we'll continue to put it on every machine whether our company grows or shrinks.I'm the director of information technology in our company and we're a customer of CrowdStrike. 

View full review »
Neeruganti Santhosh Kumar - PeerSpot reviewer
Security Analyst at a tech services company with 501-1,000 employees

We use CrowdStrike Falcon to detect and alert us to any malware in our system. In our organization, we integrated CrowdStrike with a SIEM tool, which does the alerting. If the solution detects malware and issues an EDR alert, it notifies us and begins gathering data about the detection, including the hostname, user name, the hash value of the downloaded file, and the file's reputation. Then, we can ask the user the delete the file from the PC and drives, such as USB drives, if necessary. Following removing any malicious files, we can use CrowdStrike to run an AV scan on the affected device or devices.

View full review »
Younghoon-Youn - PeerSpot reviewer
Director of Security Solution Business at a wholesaler/distributor with 1-10 employees

We use this solution for next generation antivirus and EDR.

View full review »
RG
Cybersecurity Analyst at a computer software company with 51-200 employees

We use CrowdStrike Falcon for endpoint protection against malicious activity.

View full review »
Sandeep Sehrawat - PeerSpot reviewer
Information Technology Security Consultant at Sify Technologies

CrowdStrike Falcon is an Endpoint Detection and Response system that uses agents deployed on each endpoint. It works on mobile or wired devices. The operator provides you real-time and online protection against the latest malware and wireless attacks.

View full review »
Park Armstrong - PeerSpot reviewer
Chief Technical and Solution Architect at Vertigo Inc.

I use CrowdStrike Falcon for endpoint security and compliance auditing.

View full review »
BH
Service at Four-U Office Inc

We primarily use the solution for real-time ransomware protection.

View full review »
UG
Vice President at a financial services firm with 10,001+ employees

Our organization relies on CrowdStrike, a standalone endpoint security solution, to safeguard our bare-metal machines. CrowdStrike continuously monitors for threats on all endpoints. If it detects any suspicious activity, such as malware or malicious processes, it immediately alerts us for investigation. 

View full review »
Waleed Omar - PeerSpot reviewer
Information Security Specialist at Arab Open University

I'm currently working as a cybersecurity specialist at the Arab Open University. We are trying to create centralized station input. We have nine branches in the Middle East, so we need a cloud-based solution. Our control center is in Kuwait but all nine of our branches use CrowdStrike Falcon. Our team is located in Kuwait, which is where we handle and mitigate threats from.

View full review »
BS
Specialist, Lead Desktop Support at a energy/utilities company with 5,001-10,000 employees

We use CrowdStrike Falcon for endpoint protection.

View full review »
JM
President and CEO at a tech services company with 51-200 employees

We primarily use the solution for our Windows and Macs.

View full review »
Gogineni Venkatachowdary - PeerSpot reviewer
Cloud Operations Center Analyst at a pharma/biotech company with 10,001+ employees

The solution is for alerts. It will trigger if there is malicious traffic or some scripting attack. Any attack that is there, then it'll alert automatically.

View full review »
MJ
Server Administrator at TIR Canada

We use this solution on all of our endpoints and servers.

View full review »
AC
Head of IT Department at a pharma/biotech company with 10,001+ employees

CrowdStrike Falcon is leading the market in EDR. They are the first that to have this kind of solution against malware. They have an advantage in respect to the rest of the competitors. They offer a certain amount to protect in case of malware or cyber-attacks. They have a policy or insurance connected to the service. That's the reason why we choose CrowdStrike over other solutions.

View full review »
Dan Brunnquell - PeerSpot reviewer
Director Of Information Technology at a financial services firm with 11-50 employees

We use this solution for threat protection and endpoint security.

Recently, we added on CrowdStrike OverWatch and Insightsoftware for better reporting. OverWatch monitors East-West issues that CrowdStrike Protect doesn't see. New next-generation endpoint security doesn't scan your PC. It doesn't scan files nightly. People have to get past that, it's so old school. 

I have 50 end-users, one hundred endpoints, and workers of all types, both in-house and remote workers.

View full review »
GH
Senior Cyber Security Analyst with 1,001-5,000 employees

The primary use case is digital security investigations using the dashboard.

View full review »
DA
Sr. IT Support Executive at a hospitality company with 1,001-5,000 employees

We primarily use the product as a security solution.

View full review »
Madhawa Liyanage - PeerSpot reviewer
Cyber Security Consultant - Defensive Security at DeltaSpike Pvt Ltd

We are using CrowdStrike Falcon for the EDR mainly.

View full review »
CA
Product Manager at a comms service provider with 51-200 employees

We use the solution for security and in demonstrations to our partners.

View full review »
MK
Dy General Manager at a real estate/law firm with 501-1,000 employees

The solution is primarily being used at our endpoint, which includes roaming users with laptops. It is being used in all of our servers at our data center. Our security team can monitor everything centrally using the Falcon dashboard. If there is an incident, our team can actually go to the root cause of the incident to try to solve it there. 

View full review »
Murali Krishnan L - PeerSpot reviewer
Technical Manager (SOC Operations) at Novac Technology Solutions

We are using Crowdstrike Falcon XDR for security.

View full review »
MH
DGM IT at Union Bank of Colombo

We use CrowdStrike for endpoint protection. 

View full review »
LM
Information Security Officer at a financial services firm with 51-200 employees

CrowdStrike Falcon is working on our production servers.

View full review »
DC
Director of Cloud Architecture at a energy/utilities company with 10,001+ employees

We use it for threat management.

View full review »
GM
SOC Analyst at a financial services firm with 1,001-5,000 employees

We use CrowdStrike Falcon XDR for endpoint protection.

It is more sophisticated than a legacy antivirus. 

When compared to the legacy antivirus, it offers more features, including the ability to do analyses, halt execution, and more. It also gives you real-time notifications.

In comparison to the earlier legacy era, it is better.

View full review »
MK
Junior Security Engineer at Altron

I mainly use Falcon for endpoint protection.

View full review »
TZ
Chief Information Security Officer at a manufacturing company with 10,001+ employees

Our primary use for CrowdStrike is as an EDR system. We are protecting more then 9.000 devices.

View full review »
SE
Senior System Engineer at a computer software company with 1,001-5,000 employees

We primarily use the solution for threat intelligence.

View full review »
AJITHH G - PeerSpot reviewer
Solution Engineer at AppSmart

Our primary use case is EDR and ransomware.

View full review »
AE
Infrastructure Manager at Quaracrm

We use it to monitor everything related to the activity and to block any malicious activity. We are new in the security field in our company.

View full review »
JP
Senior Engineer at Neosecure

We use CrowdStrike Falcon for malware mitigation and hunting.

View full review »
PG
IT Manager at a consultancy with 5,001-10,000 employees

It's security-related product. A security environment based on AIML. It is not like the older stuff, which used to have signature-based updates.

View full review »
CA
Product Manager at a comms service provider with 51-200 employees

I use CrowdStrike Falcon for EDR and security purposes. Also, I am using file integrity monitoring, asset management, and patch management modules. Additionally, I'm also utilizing an identity protection module.

View full review »
MH
Cloud Solution architect at VaporVM

We primarily use CrowdStrike Falcon for malware detection, endpoints, and application behavior detection. The company has different teams, but our team handles the Windows and Mac hosts.

View full review »
JC
Solutions Architect at dsmedellin

We use Falcon to protect around 500 endpoints.

View full review »
Akash Jogbond - PeerSpot reviewer
Team Lead at Foresight Software Solutions

This is an EDR solution used for antivirus purposes. It is used for vulnerability assessments, security posture management and to safeguard a business from all kind of attacks.

View full review »
RV
Business Development Manager - Security at a computer software company with 201-500 employees

CrowdStrike Falcon is used for endpoint protection for businesses. It's used for identifying threats.

View full review »
MH
Sr Network Administrator at a construction company with 501-1,000 employees

Our primary use case is for endpoint protection.

View full review »
TS
Executive Technology Advisor at Vitso

We are using this solution for advanced threat protection, over and above any antivirus for approximately 1200 end-users, or endpoints. It is able to identify any anomalies and alert on that using the AI engine. That way, there's a small security team to make them more effective, to be able to get an alert, go in and look at what's going on. 

Since I have been here, I have been keying into when people fall for phishing attacks and they either get blocked going to a website or their credentials get compromised, and somebody logs in to their Office 365 account. We were able to forensically identify that in two of the cases. Most recently, since I've been here looking at the more active response, to be able to identify and act a little bit more quickly.

View full review »
ES
Director of Security at a insurance company with 51-200 employees

The primary use case is detection and forensics.

The product is cloud-based, so we use the latest build which is available.

View full review »
ManojKumar42 - PeerSpot reviewer
Information Security Engineer at a non-tech company with 10,001+ employees

Our organization uses CrowdStrike Falcon for a variety of security tasks, including incident response, investigations, malware analysis, and threat hunting. This comprehensive platform excels at detecting malware across various technologies and endpoints within our environment.

CrowdStrike Falcon functions as a threat detection platform. It identifies malware based on pre-defined signatures and rules. Upon detection, it triggers a response and provides a dashboard for further analysis. This allows us to assess if the malware poses a risk to our organization or if it's a false positive. For confirmed threats, we can then delve deeper for a thorough investigation to uncover any underlying malicious intent.

Our primary goal is to prevent malware-related risks proactively. By leveraging CrowdStrike Falcon, a premium endpoint detection and response tool, we can safeguard our organization from malware exploitation attempts employed by hackers.

View full review »
AV
IT Workplace Coordinator at a consumer goods company with 1-10 employees

We use CrowdStrike Falcon as an XDR to replace our old antivirus solution.

We implemented CrowdStrike Falcon for better visibility into our environment and easy online access to the policies.

View full review »
NiteshSharma - PeerSpot reviewer
Pre-Sales Architect at Network Techlab (I) Pvt. Ltd

We are a CrowdStrike partner, selling their products to our customers. We have small and medium-sized enterprise clients and clients in the government sector. Depending on customer requirements, we provide different CrowdStrike Falcon products, ranging from Spotlight to XDR.

View full review »
OA
Especialista em Segurança da Informação - DFIR at a financial services firm with 501-1,000 employees

I am using CrowdStrike Falcon for system security.

View full review »
HA
Senior Associate - IT at a financial services firm with 51-200 employees

CrowdStrike is an anti-virus solution, and we use it to protect our users from malware.

View full review »
HF
Consultant at a computer software company with 51-200 employees

It is used for stopping data breaches. 

It is totally on the cloud. It cannot be deployed on-prem. They don't have any on-prem options.

View full review »
DN
Security Analyst at a computer software company with 10,001+ employees

We use CrowdStrike Falcon on all our devices, server, and workstations for security.

View full review »
SS
Security Engineer at a tech services company with 11-50 employees

Our primary use case is as an endpoint protection service

View full review »
FI
Solution Architect at a comms service provider with 1,001-5,000 employees

The primary use case is threat protection.

View full review »
it_user871761 - PeerSpot reviewer
Senior Financial Analyst - Data Analytics at a energy/utilities company with 1,001-5,000 employees

Primary use is for endpoint investigations.

View full review »
SI
Engineering manager at a consultancy with 1,001-5,000 employees

CrowdStrike Falcon is an EDR and we use it to protect our developers. They have a lot of risks that come from cloud services, such as AWS.

View full review »
LM
Head Of Infrastructure at a insurance company with 201-500 employees

We use CrowdStrike Falcon to secure the endpoints and servers that we have on-premise.

View full review »
NS
Information Security Consultant at a tech vendor with 501-1,000 employees

We are currently using this solution as a replacement for our antivirus solution. It also helps us in terms of forensic investigation, malware analysis, endpoint detection and response. 

View full review »
AM
Analista de segurança de TI at a tech services company with 1-10 employees

I am using CrowdStrike Falcon for network protection. We have government customers.

View full review »
FB
Director & CEO at a tech services company with 1-10 employees

We primarily use this solution for AV, next-gen AV, EDR or XDR.

View full review »
KG
Security Engineer at a tech services company with 10,001+ employees

We are currently using this solution as an ERD tool to control and remediate threat from the endpoint remotely, it serves as a next-gen antivirus solution. It can also be used in a forensic investigation, threat hunting, trend analysis, malware analysis, etc.

View full review »
NS
Technical Architect at a consultancy with 10,001+ employees

The primary use case of this solution is as endpoint detection and response.

View full review »
AM
Works

It logs automatically and generates alerts. It is all automatically integrated with the cloud.

View full review »
Buyer's Guide
CrowdStrike Falcon
March 2024
Learn what your peers think about CrowdStrike Falcon. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.