CrowdStrike Falcon Endpoint Protection

What do you like best about the product?

Deploying CrowdStrike Falcon Endpoint Protection Platform agents across all computers in the network was easy and fast. CrowdStrike provide end point protection for your devices and ensure no malware gets access to your network.
Integration with Active directory is easy, and you can manage access and users. implementing on new devices with only agents to be installed,
As for the customer support if you have any issue, you can raise ticket with customer support, and they will sort out your issues with top technician.

What do you dislike about the product?

CrowdStrike utilize your device resources, so you need devices with high specs to avoid slowness and unusual performance for the computers.

What problems is the product solving and how is that benefiting you?

CrowdStrike helped our environment by protecting or end users' devices, and it control the access of end points such as USB and CD from Uknown sources.

We are using CrowdStrike Falcon  because it has very low surface impact and minimal consumption of our resources, and we mainly use it for our endpoint protection.

CrowdStrike Falcon  helps with endpoint protection by having very low memory utilization and processor usage, so it doesn't impact the computer system performance, and the computer system works very fast compared to all other endpoint protection solutions.

We find it very unique that CrowdStrike Falcon, which we deployed in many countries wherever our offices are, can be installed very quickly, maintained on a single console, single panel of console, and it's really easy to use and deploy. We primarily use it for endpoint protection.

The single panel console of CrowdStrike Falcon is very user-friendly, which is what we are looking for. Having multiple administrators between various offices with this single console gives us the ability to see all offices, branch offices, and partners, making it very useful to detect machines, identify machines, and check security risks. Everything in the single console is very useful.

CrowdStrike Falcon has positively impacted our organization in terms of efficiency because it's very lightweight, easy to deploy, easy to manage, and works very efficiently. It quickly detects issues and doesn't have a signature-based system, so it works fast and takes immediate action.

I don't think anything is missing in CrowdStrike Falcon, but if they can manage their SOC solution instead of users or the end users or customers doing that, it will be very useful, just as Sophos does.

We have been using CrowdStrike Falcon for the past seven years.

CrowdStrike Falcon is stable; I have not had any issues with reliability or downtime.

For scalability, CrowdStrike Falcon deserves a perfect score of ten out of ten.

Regarding customer support, our experience has been really positive as they are very quick to assist us.

The customer support deserves a rating of ten out of ten.

Positive

We were previously using Symantec Endpoint because we were not getting proper quotations, pricing, or support, particularly in India, which is why we wanted to switch.

In terms of return on investment, we find that CrowdStrike Falcon has ROI covered because less manpower is required. It's very easy to deploy without many IT admins, saving time, and while I cannot specify the money saved, the time saved is money in terms of manpower. This makes it very useful, quick to run, quick to install, easy to manage, and easy to deploy.

We do not find any price challenges or setup costs with CrowdStrike Falcon; everything is smooth.

We evaluated three products, which were Sophos, CrowdStrike Falcon, and Trend Micro, before choosing CrowdStrike Falcon.

In some cases, we have Excel files with VBA code inside, and CrowdStrike Falcon detects that it's a bit risky for us. When people download EXE files that are threats to our organization, it detects them very quickly. It also detects threats under ZIP files and can show us the path from where it came and where it goes, allowing us to easily see where the infection is and where it has spread.

My advice for others looking into using CrowdStrike Falcon is that as an endpoint protection solution, Falcon  is always reliable, and I can recommend that this is the product you can deploy and forget all the worries.

We are an end user customer of CrowdStrike Falcon; we are not a partner or reseller, and we are not receiving any gift card or incentive for this review. We are just sharing our experience as an end user and as an IT Manager.

I rate CrowdStrike Falcon 9 out of 10.

On-premises

I am a customer of CrowdStrike Falcon  through a consultant, and our company is headquartered in India, while our consultant is a sister company also located in India.

We use CrowdStrike Falcon  internally in our company.

I am using CrowdStrike Falcon for its purpose, which is to save the company from any attacks, viruses, or whatever threats are available.

The most useful feature of CrowdStrike Falcon is protection, though it cannot be described in one word.

Protection is the main purpose of CrowdStrike Falcon.

CrowdStrike Falcon has positively impacted my organization by providing good protection, logs, and reports, which I find very good.

One area for improvement in CrowdStrike Falcon could be the user interface and reports; it requires some improvements to be easily handled.

For the reporting in CrowdStrike Falcon, I need specific data because in most reports, some of the data is not with that importance for the collector, so the reports need to be more specific for each purpose.

I have been working with CrowdStrike Falcon for around three years.

Regarding stability and reliability, I find CrowdStrike Falcon to be stable; nothing has happened since we installed it, and there are no bugs or issues from the software.

I can say that CrowdStrike Falcon is sufficient in terms of scalability from my point of view; it is capable of working with our current infrastructure or setup, and I believe it's sufficient.

My interaction with technical support for CrowdStrike Falcon was fine; they supported me and provided a solution for my issue.

Based on my experience, I would rate the technical support for CrowdStrike Falcon an eight.

Positive

Before CrowdStrike Falcon, I used an application called Kaspersky, but not for the same purposes.

I did not evaluate other options before choosing CrowdStrike Falcon because it was a forced decision from our headquarters, from the mother company.

Currently, I do not remember exactly what version of CrowdStrike Falcon we are using because I'm managing the team, but I can check the right version later.

We are using the latest version of CrowdStrike Falcon.

CrowdStrike Falcon has not helped me predict and prevent potential breaches by itself, but with support from other applications such as Splunk and Windows Defender, it has contributed.

I integrate CrowdStrike Falcon with third-party tools.

I have to integrate CrowdStrike Falcon with other applications to get the most protection, and the integration is smooth and everything works well.

I am using the lightweight agent.

For the system performance, the lightweight agent is fine; it has not affected performance too much, and generally it's acceptable.

I rate CrowdStrike Falcon eight out of ten.

Public Cloud

Other

The main use cases for CrowdStrike Falcon  from my customers are the lightweight agent, which is very easy to use, and it will protect the complete environment in a single dashboard.

A specific use case from my customers for CrowdStrike Falcon  is that the SaaS-based single agent can protect all the platforms.

The best features of CrowdStrike Falcon are the single agent and the fact that there is no daily signature update.

There is no daily signature update because it operates as a signatureless solution.

Regarding the lightweight agent, all other solutions have multiple agents, which degrade system performance; however, this single agent has multiple features that increase system performance.

The elimination of on-prem infrastructure through CrowdStrike Falcon's cloud-native architecture has impacted my customers by reducing both cost and complexity, as they are now using the cloud-native solution.

I recommend that some deep-dive trainings are required for the NG SIEM , specifically for their next-generation SIEM  module, as they need some basic trainings for that.

To clarify, deep-dive trainings are required specifically for the NG SIEM or next-gen SIEM.

I have been working with CrowdStrike Falcon for six years.

For technical support, I would rate it as a nine out of ten.

There are no complaints about the support.

Positive

It is easy to set up CrowdStrike Falcon.

My customers have seen a return on investment with CrowdStrike Falcon.

While I do not have specific details currently available, those who purchased are very happy with the solution.

The price is reasonable when comparing it to other tools.

The license cost is typically per device.

Based on the modules customers purchase, the cost will increase, as they have more than 28 to 32 modules.

The feature called Threat Graph for threat hunting helps in terms of security to predict and prevent breaches by showing how threats are evolving and how we can protect the customer environment, which helps us build better security.

I have integrated CrowdStrike Falcon with existing SIEM solutions and security frameworks.

It helps to streamline incident response processes because it is very easy to integrate with SIEM solutions like IBM QRadar  and HPE ArcSight ; for the incident response, it helps us correlate with other solutions.

My customers using CrowdStrike Falcon are mainly from all industries, including ITES, finance, marketing, manufacturing, and health.

I recommend that those planning to use CrowdStrike Falcon should migrate from their old traditional antivirus to next-gen antivirus, which will help them protect their environment.

The biggest advantage of this solution for my customers is that it is a single solution that fulfills most of their security concerns while being easy to manage.

I rate CrowdStrike Falcon ten out of ten.

Hybrid Cloud

Other

What do you like best about the product?

Advanced threat detection and response: The platform leverages artificial intelligence and machine learning to detect sophisticated threats, including zero-day attacks and fileless malware. Its behavioral analysis is particularly effective against ransomware and advanced persistent threats.
Cloud-native architecture with lightweight agent: Single lightweight agent deployment provides rapid scalability without significant endpoint performance impact. Real-time visibility across the entire environment is exceptional, enabling quick incident response.
Integrated threat intelligence: Access to one of the industry's most comprehensive threat intelligence databases with constant updates on emerging attack campaigns and adversary tactics, techniques, and procedures (TTPs).

What do you dislike about the product?

Premium pricing structure: The platform comes with a high price point that can be prohibitive for small to medium-sized organizations, especially when considering additional modules like Falcon OverWatch or specialized industry packages.
Initial complexity and learning curve: Organizations without prior EDR experience may find the volume of alerts and configuration options overwhelming initially, requiring specialized training and potential consulting services to optimize effectiveness.
Internet connectivity dependency: Being fully cloud-based requires consistent internet connectivity for complete functionality, which can be limiting in air-gapped environments or locations with unreliable network infrastructure.

What problems is the product solving and how is that benefiting you?

Advanced Persistent Threat Detection: Falcon identifies sophisticated, multi-stage attacks that traditional antivirus solutions miss, significantly reducing our mean time to detection (MTTD) from days to minutes. This has prevented several potential data breaches.
Centralized Security Visibility: The unified console provides comprehensive visibility across all endpoints, eliminating security blind spots and reducing the complexity of managing multiple security tools. This has improved our security team's efficiency by 40%.
Automated Threat Response: Real-time automated containment and remediation capabilities have reduced our incident response time dramatically, allowing us to isolate compromised endpoints within seconds rather than hours.