If you were talking to someone whose organization is considering CrowdStrike Falcon, what would you say?
How would you rate it and why? Any other tips or advice?
My advice for anybody who is considering CrowdStrike is definitely to start with a PoC, and then definitely to subscribe to OverWatch. I think that OverWatch is the main benefit to it. The biggest lesson that I have learned from CrowdStrike is about the different threats that are out there. They have a nice dashboard with information about threats, and you can read it and learn from it. I would rate this solution a seven out of ten.
My advice for anybody who is interested in implementing CrowdStrike Falcon is to review and evaluate your environment and compare their EDR solutions. I would rate this solution a ten out of ten.
My advice for anybody who is looking into implementing this product is that every organization is slightly different in its needs, and CrowdStrike may or may not be the right solution. Once you can do a trial and a bake-off of multiple options, you'll find if CrowdStrike is the right solution or not. I would rate this solution a nine out of ten.
Do it. It is a great product. I seriously think it is worth considering. We have been completely happy with the solution that we have been running on for years now and have never regretted our decision. I highly recommend it. We plan on possibly looking into the added features that they offer to see if there is something there that can increase our incident response or add value to our business. It is our primary EDR, so we are using it 100 percent for that and plan on using it for other avenues. We found Discover can help us with the inventory for applications. So, I am looking for other business opportunities there to help us, which will be our goal in the future. It has given us some insight into how threat actors work. The biggest thing for us has been threat actor education. They give you intel which helps you identify what attackers you would more likely be targeted by. A lot of this comes with our OverWatch protection. Their threat intel has probably been the biggest thing for us. Overall, I hate to give a perfect score, but it is probably a 10 out of 10. It is a really great product.
My advice for anybody who is looking into implementing CrowdStrike is to go ahead and do it. There is nothing to worry about and they deliver as promised. I would rate this solution a nine out of ten.
Overall, this product has been pretty good and I recommend it. I would rate this solution a nine out of ten.
I would rate it an eight out of ten. It does what it needs to do but there's always room for improvement.
For the purpose of starting, yes, it's a very good solution, but you need to take two things into consideration: proper alignment with the infrastructure and the price. The price negatively affects the adoption of this solution. On a scale from one to ten, I would give this solution a rating of eight — because of the price and reporting.
If you're thinking about implementing this solution, I would suggest getting Overwatch and Insight along with it. Also, don't be afraid to try and negotiate for a better price. On a scale from one to ten, I would give this solution a rating of nine. The reporting is part of the Overwatch and Insight combination. It's doing what we want it to do and it's not causing a lot of overhead. Like I said earlier, maybe we're an anomaly. We don't have a lot of issues on our network.
There are half a dozen players out there that are the best of the breed. Pick one. When it came to CrowdStrike versus Carbon Black, configuration and setup were deciding, driving factors. CrowdStrike was much easier to configure, but overall, is it better or worse? I can't make that judgment call. All I know is what I've been told by other vendors that are trying to get my business. They tell me about issues that I've never encountered with the products that I have. In summary, take what a vendor says about another vendor's product with a grain of salt.
As I came into this organization, they were moving away from CrowdStrike. They upgraded their license to E5 with the security bundle from Microsoft. The goal is to start to move things. They are paying twice for things right now, but that will be expiring. CrowdStrike comes up for renewal next year, and they want to be off of it by then. I haven't gone into critiquing it. Since they've already made the decision and made the investment to go to defender ATP. I'm more concerned with, are we losing anything? Do we have parity when we go from one platform to another? And if any gaps emerge, what needs to be filled? When we did go into it and walked through it with one of the security engineers, it was snappy, and it had a nice UI. I had never been inside the product. I think I got a demo years ago in my CSO role, but I had never delved into a practical use case. The practical use case looked pretty cool. For anyone who is interested in implementing this solution, I would say don't look for the cost compared to smaller applications. Look at what you're trying to do, and what you're trying to accomplish. The typical first cardinal sin of IT is buying a product and then figuring out how to use it as opposed to having a set of requirements, placing a value on that set of requirements, and then pursuing a solution that covers them the best. I think they probably said we've got a gap here because something bad happened to my CrowdStrike. It's an industry leader. Three years after the issue that they were treating was over, and the pain was gone, suddenly, it seems really expensive. That is an IT 101 mistake that I've found in organizations, where it's a means to an end and then it turns this to just an eyesore on the balance sheet. I would rate this solution an eight out of ten.
My advice for anybody who is implementing CrowdStrike Falcon is to get in touch with the vendor and then follow best practices. They have a lot of documentation and everything is there. For the most part, I would suggest looking at the technical support documentation first and then contacting a representative at the vendor to continue the process. Most companies have it integrated with the SIEM and with their ticketing system, although I did not use it in that capacity because it costs more money. Most of the time, you're not going to have to lay a finger. Once it finds an infected file, you might have to reboot the computer if it can't immediately remove it, or other such minor stuff. In general, however, it's never given me any issues and it's never given me a headache. Overall, it's very straightforward and just one tool out of the whole. I would rate this solution a nine out of ten.
We are working with all the versions for the most part, due to the fact that we are partners of CrowdStrike and we position CrowdStrike to our customers. We also use the solution for our company. I'd recommend the solution to others, however, I would advise that they try it first as a POC so that they can first see the value of the product. Overall, I'd rate the solution eight out of ten. If technical support could be faster and there was more device control, I would rate the solution higher.
I'm unsure which version of the solution we are using. I'm currently practicing my skills on this EDR solution. I have worked with this software and I've already collaborated with my seniors who are currently experts on this particular product. I'm getting pretty good help. Most of our clients have their own infrastructure which is mostly on the cloud. They have their own solid, robust infrastructure. When it comes to small environments that are currently adapting to the cloud, CrowdStrike could be a great opportunity. The solution, for example, doesn't require a minimum installation. It can work well for very small companies as well as larger organizations. If a company has the financial means, we tend to recommend this product. There are great security features on offer that are much better than other options in India at this time. I'd advise companies considering this solution to check their resources. They have to choose the option between being on-premise and the cloud option. They need to try and run it before adopting any solution. It's important also to consider security and monitoring for threats. Overall, I'd recommend companies study their environment and check and compile an e-solutions calendar. There's a lot of them. Microsoft has provided a 99GB advanced dataset collection and it is on the cloud. I'd rate this product seven out of ten overall. While I've never had any problems with it, there are just so many other options on the market.
I would rate this solution a seven out of ten.
We're a customer. We don't have a business partnership with this solution. I'm not sure which version of the solution we're using right now. It is the latest, as far as I know. We're currently running a POC with it. In today's environment, it's very crucial to protect a company from ransomware, and malware. We focus mainly on avoiding these types of attacks. We're always interested in the latest tools that have the latest techniques and are effective in our environment. On top of that. we've noticed during the pandemic, there are even more threats happening. We need to focus most of our energy on the endpoints which are basically connected to an unprotected network. The focus on the endpoints has to be increased at this point in time to ensure we have maximum protection. We prefer to have a cloud-based product rather than an on-premise-based product to protect our data and our endpoints. Therefore, we may need to move to a cloud-based protection suite. Other companies should also consider this. Whether they choose a product like CrowdStrike, Cortex, or Cylance is up to them. I'd rate the solution eight out of ten.
This is a product that I absolutely recommend. I would rate this solution a nine out of ten.
We're just customers. We don't have a business relationship with the company. I'm not sure which version of the solution we're using. The last time I checked, it was version 5.6. It is up-to-date, however. I get a report every so often saying, we've updated the sensors, or current version, etc. It's an auto-update and it does that. Whenever it's missing something or it couldn't reach an endpoint, the company will send me a report of that, saying these endpoints are not updated because we couldn't detect it on the network any longer. The only advice I would say to others considering the solution is, if they have an unsupported operating system or legacy application, to look closely at CrowdStrike to see if the solution actually makes sense for them. This is due to the fact that they're not going to be able to support it. If they have thousands of servers and 20% of them are legacy applications, they may not want to think about CrowdStrike because the solution doesn't support legacy products. Other than that, I fully recommend CrowdStrike. The advanced threat protection they have has always been great. I'd rate the solution a solid nine out of ten.
We're just a customer. We don't have a special relationship with CrowdStrike. We're using the most up to date version of the solution right now. So far, I've had good luck with this solution. That said, it hasn't hit anything. I won't get a true test until I actually get somebody that sends up malware. In the meantime, no news is good news. I would rate the solution nine out of ten right now. They're pretty good. I haven't done anything super-advanced or to spec. There's a lot there to work with if I want to, however, I keep it pretty basic. I only have a couple of policies. It's not a huge company, so it's not real hard.
CrowdStrike do their job well and can be compared to other solutions on the market such as SentinelOne and Huntress. They do need to be more extensible because right now they don't play well with others and it's a bit of a challenge on the management side. I would rate this solution an eight out of 10.
My advice for anybody implementing this solution is to understand the requirements. Look at their vision, and understand how the technology is changing in the market in order to meet the threat of cyber attack. They need to follow the latest standards. I would rate this solution a ten out of ten.
I would advise someone considering this solution to just read the documentation. You should start with the documentation, it's very clear and very simple. Anything you need is in the documentation. I would rate it a nine out of ten.
It does everything that it claims, making our life significantly easier. Definitely consider CrowdStrike. It will probably save you from a lot of threats that other products wouldn't catch. Our security program is relatively immature, but this product has definitely been one of the keystones of our program.
It comes with various modules, so you can choose the module that you need on the basis of the costing it comes with. This is definitely not cheap; it comes with a cost which may depend on the organization if they need it.
I would anyone to look at this product based on our company's experience so far. We have both the on-premise and AWS versions of the product.
Do a thorough PoC. Don't go ever go by the sales team unless you have tested it and know it works for your environment, because every environment is unique. The sales guy will promise you the moon. Only unless you have tested, you know it delivers. The product has met its purpose for us. We use both the on-premise and AWS versions. They are both good products and very simple to move, install, and configure.
I would recommend CrowdStrike as a first option product, but to look at others as well. The new features that they have released were not bad. AWS is better than the on-premise version because it can support cloud resources.
It is a complete cloud-based solution, so they will have to factor in the compliance requirements as well. Not everyone is comfortable sending the data to the cloud, especially considering the privacy requirements. CrowdStrike needs to think of local and regulatory requirements. But, one thing is for sure, CrowdStrike will not take your personal data to the cloud, it only takes your metadata from the endpoint. But, if the company's having some stringency regulations, it will definitely be harder for them to keep the data in the cloud.
The most important criteria when selecting a vendor come down to the capability of the technology, the cost, the support, how it fits into our overall architecture strategy, and the stability of the company. For instance, if it's a small company and they go under, you might as well have not invested in it. I would rate this solution an eight out of 10 because it has all the features that we need. It's within our budget, and it fits into our overall architecture strategy. There are a few features that could be added, as mentioned. I would recommend this technology.
Which is better and why?
What is the best for ransomware infection?