Sold by: CrowdStrike
Deployed on AWS
The AI-native CrowdStrike Falcon Platform provides comprehensive protection across all areas of enterprise risk - devices, identities, data, endpoints and cloud. Powered by a single agent, crowdsourced data, expert threat intelligence, and advanced AI, the Falcon Platform simplifies security operations and stops breaches.
4.7
Overview
Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable.
The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs.
- Cloud Security - Stop breaches from code to cloud
Secure everything in the cloud - from applications and data to AI models. Falcon Cloud Security provides unified agent and agentless platform for complete code to cloud protection. https://www.crowdstrike.com/en-us/platform/cloud-security/
- Endpoint Security - Secure the endpoint, stop the breach
Stop breaches with AI-powered protection, detection, and response backed by world-class adversary intelligence. CrowdStrike Endpoint Security delivers AI-powered protection to automatically detect, investigate, and respond to threats in real-time. https://www.crowdstrike.com/en-us/platform/endpoint-security/
- Identify Protection - Identity is the front line, defend it
Protect hybrid identities with AI that adapts, defends, and outsmarts attacks in real time. Secure the full identity attack lifecycle across hybrid environments. https://www.crowdstrike.com/en-us/platform/identity-protection/
- Next-Gen SIEM - The future of SIEM, today
To defeat threats, you must transform the SOC. Harness the power of AI, automation, and blazing-fast search to outpace adversaries. https://www.crowdstrike.com/en-us/platform/next-gen-siem/
- Data Protection - Real-time data protection from endpoint to cloud
Stop unauthorized data movement and secure sensitive data across endpoints and cloud environments. Complete, real-time data protection without complexity. https://www.crowdstrike.com/en-us/platform/data-protection/
- Exposure Management - Understand risk to stop breaches
Don't just react. Take control with proactive security. Gain full attack surface visibility, assess risk exposure, prioritize threats, and automate responses to outpace adversaries. https://www.crowdstrike.com/en-us/platform/exposure-management/
- Charlotte AI - Powering the next evolution of the SOC
Unite intelligent automation with human cyber expertise to accelerate detection, investigation and response. https://www.crowdstrike.com/en-us/platform/charlotte-ai/
- AI Detection and Response - Secure AI where AI happens
Prevent data leaks, secure AI agents, apps, models, and infrastructure, and block adversarial threats - all from a single platform. https://www.crowdstrike.com/en-us/solutions/secure-your-ai/
Highlights
- Unmatched visibility and protection: CrowdStrike Falcon provides a comprehensive, modern defense across the entire enterprise environment, across endpoint, identity, cloud, data, and more, through a single platform. Unlike legacy solutions, Falcon's cloud-native architecture enables real-time threat detection and response, keeping organizations one step ahead of adversaries.
- Simplified security operations: The Falcon platform consolidates previously siloed security tools into a single, easy-to-use console, and acts as the central hub by integrating with existing tools. This streamlined approach reduces complexity, improves efficiency, and lowers overall security costs.
- AI & threat intel-driven security: Powered by real-time threat intelligence from millions of endpoints worldwide, Falcon continuously evolves to counter the latest threats. This global perspective, combined with insights from world-class threat hunters and industry-leading AI, ensures that organizations are protected against the most sophisticated attacks.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. Request a private offer to receive a custom quote. Sign in to view any offers that have been extended to you.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
You can log a support ticket for any issues directly from the Falcon Portal or by emailing the support team at awsmp@crowdstrike.com .
Basic support services such as email communications to the CrowdStrike Support team, access to the support portal and basic troubleshooting and technical assistance.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
The AI-native CrowdStrike Falcon Platform provides comprehensive protection across all areas of enterprise risk - devices, identities, data, endpoints and cloud. Powered by a single agent, crowdsourced data, expert threat intelligence, and advanced AI, the Falcon Platform simplifies security operations and stops breaches.
falcon-mcp enables seamless communication between AI agents and the CrowdStrike Falcon platform. Deployable directly onto Amazon Bedrock AgentCore, it provides programmatic access to Falcon data for agentic workflows and accelerating AI-native security automation.
Close the gap in Endpoint Detection & Response (EDR) and Next Gen AV capability by leveraging CrowdStrike's Next Gen EDR/AV solution deployed across your businesses' endpoints by Sekuro's professional services team.
More info about [CrowdStrike](https://www.crowdstrike.com/).
CrowdStrike Services helps organizations train for, react to and remediate a breach quickly and effectively — getting you back to business faster.
Customer reviews
Dhiren
Endpoint security has improved and real-time detection and response reduce false positives
Reviewed on Apr 17, 2026
Review from a verified AWS customer
What is our primary use case?
CrowdStrike Falcon 's main use case is endpoint security and threat detection, which are the primary purposes for which we are using it.
A day-to-day example of using CrowdStrike Falcon for endpoint security detection occurs when a user downloads suspicious files. The system detects this activity and triggers an alert to the administrator. CrowdStrike Falcon detects abnormal behavior of the system, and an alert is generated in a console. When I log into the console, I can see that some users are trying to access malicious files which are harmful for the organization. The security team isolates the endpoint based on this judgment. We can investigate using process trees and logs in CrowdStrike Falcon. Additionally, USB device control helps sometimes with USB blocking and data access via external storage.
What is most valuable?
The best features CrowdStrike Falcon offers are endpoint detection and response, cloud-native lightweight agent, AI-powered threat detection, threat hunting, and Falcon Overwatch.
The feature I use the most is endpoint detection and response, which you can call EDR. EDR makes the difference in this case because it provides real-time alerts for suspicious activity and full process tree visibility showing what ran, what spawned, and what is happening inside the LAN on the endpoint. It allows for quick investigation of endpoint logins and quick host isolation to stop the spread.
Using CrowdStrike Falcon typically leads to faster threat detection, quicker response, and better visibility across the endpoints. This means I can understand, or an administrator can understand the logs and situation, what is happening with the endpoint, and what suspicious behaviors are occurring inside the endpoints. It has reduced false positives and has a lightweight performance impact, resulting in no heavy use or heavy scans of the agent. User productivity is also increased on the endpoint side.
What needs improvement?
Regarding improvements in reports, when I try to pull a custom report, there are some mismatches, or it does not look professional. I hope CrowdStrike will improve their custom report or inbuilt report to look professional rather than appearing like just adding numbers. Based on the requirement, they should improve their custom reports.
For how long have I used the solution?
I have been using CrowdStrike Falcon for around one year.
What do I think about the stability of the solution?
CrowdStrike Falcon is very stable.
What do I think about the scalability of the solution?
The scalability of CrowdStrike Falcon is very good and very positive.
How are customer service and support?
Customer support is also appreciated as it is very good. I have raised multiple tickets with technical support, and every time I have received a good response from customer support.
Which solution did I use previously and why did I switch?
We did not use any kind of solution previously.
What was our ROI?
Before CrowdStrike Falcon, there were 40 to 50 alerts per day with many antivirus detections and time wasted validating non-issues. When we installed the CrowdStrike Falcon agent on the endpoint, there are now 10 to 15 meaningful alerts that we can work on and isolate the system. There is a 60 to 70 percent reduction in false positives, allowing us to disregard those. Additionally, higher quality behavioral detection based on pattern analysis is justified. The investigation time has been reduced from three to four hours to one to two hours, and per user, we used to take around 10 to 15 minutes, but now with the reduced false positives, we can troubleshoot or inspect users within five minutes.
What's my experience with pricing, setup cost, and licensing?
The pricing is very straightforward and negotiable. The license is thoughtful and very fruitful. The licensing is pretty simple, so it has a very good impact with the licensing, setup cost, and pricing with respect to CrowdStrike Falcon.
Money is saved because if a user is receiving spam alerts or spam emails which are damaging the organization's privacy, the number of alerts, data threatening, DLP , data extraction, and everything has been reduced. There is a big impact on the organization's security posture as well as time saved while doing troubleshooting, allowing us to monitor that alert via one single console. The positive impact is significant, and the money saved is a very good effect for the organization.
Which other solutions did I evaluate?
We have not evaluated another option before choosing CrowdStrike Falcon.
Pavan Ingaleshwar
Improved endpoint visibility has reduced incident response time and strengthens threat investigations
Reviewed on Apr 14, 2026
Review provided by PeerSpot
What is our primary use case?
I have been using CrowdStrike Falcon for the past two years. My main use case for CrowdStrike Falcon is endpoint protection, threat protection, and investigating suspicious activities on endpoints in my day-to-day work.
In one case, we received an alert about suspicious PowerShell activities detected on one of the endpoints, and CrowdStrike Falcon detected the issue and generated an alert on our SIM solution as well. We started investigating that endpoint using CrowdStrike Falcon, confirming through the process tree that there was suspicious execution, and we began isolating the endpoint device to prevent further impact. That is how we used CrowdStrike Falcon for monitoring and investigating endpoint devices.
We also use CrowdStrike Falcon for endpoint activities and for responding to malware alerts, which is a significant part of our process.
What is most valuable?
CrowdStrike Falcon offers several features that stand out to me, including a feature called Process Tree visibility, where we can see the entire attack history including how it started, how it initiated the connection, how it ended, and the intentions behind that particular incident. Additionally, it has great threat intelligence data, isolation automation, detailed process visibility, a real-time threat blocking system, and behavioral threat detection that helps in responding to incidents on endpoints. These are the best features I have ever used.
I wish more people knew about the Process Tree visibility feature because it helps to understand the full attack chain quickly, making it a very impactful feature I have ever used.
CrowdStrike Falcon has positively impacted my organization by improving endpoint security. Even if end users are doing something on their endpoints without their knowledge, such as receiving documents from vendors, the endpoints will scan attachments before delivery, and if they are malicious, it will detect them and provide notifications and alerts. It has positively impacted endpoint security and reduced the response time for incidents and alerts.
In my experience, I noticed that the Mean Time To Respond (MTTR) has reduced by around 30 to 40 percent due to faster detection and response achieved by the Falcon agents.
What needs improvement?
CrowdStrike Falcon requires experience and knowledge about tuning, as proper tuning is required. Improvement could focus on this aspect, as well as simplifying the user interface for new users and different department employees, since it sometimes generates a lot of false positives. They should concentrate on this as well.
They can work on better reporting and simplifying the interface to enhance the overall user experience.
CrowdStrike Falcon provides very good visibility into endpoint activity, including process execution and behavior. It is not only useful for the security department; it is beneficial for other departments as well. If something happens, even developers can log into CrowdStrike Falcon to check what is happening with their endpoints. Every tool should be built with this capability in mind, including CrowdStrike Falcon, which could also work on improving user interface design.
What do I think about the stability of the solution?
CrowdStrike Falcon is stable, with no major issues I have faced.
What do I think about the scalability of the solution?
CrowdStrike Falcon is highly scalable.
How are customer service and support?
The customer support is good, and I have reached out to them.
Which solution did I use previously and why did I switch?
We were previously using SentinelOne and Microsoft Defender but switched to CrowdStrike Falcon for better detection capabilities, especially for a client handling numerous attachments and endpoint activities.
What was our ROI?
I have seen a return on investment due to strong detection and faster response capabilities of CrowdStrike Falcon.
What's my experience with pricing, setup cost, and licensing?
The pricing, according to my knowledge, is subscription-based, depending on how many endpoints and modules the organization needs to use.
Which other solutions did I evaluate?
Before choosing CrowdStrike Falcon, we evaluated SentinelOne and Microsoft Defender because we needed better detection and visibility.
What other advice do I have?
My advice for others looking into using CrowdStrike Falcon is to have a clear understanding of how to properly fine-tune and monitor the system to get the full benefits. If they are good at these aspects, they can confidently purchase it and start working towards endpoint protection.
CrowdStrike Falcon is a strong solution with faster responses to endpoint-related incidents and alerts. Overall, it is a very robust solution for organizations dealing with endpoint security, and they can confidently choose CrowdStrike Falcon and make it work effectively. I would rate this product a 9 out of 10.
Consumer Goods
Crowdstrike Helps Your Technical Health, and Mental Health
Reviewed on Apr 09, 2026
Review provided by G2
What do you like best about the product?
The fact that the platform is so insanely robust and granular is an absolute lifesaver. I can make my rules ridiculously complicated if I want to, or I can set up more of a “set and forget” approach that I don’t have to think about again until something actually triggers. The detection rating feels unmatched—the platform gathers more threat intelligence than almost anyone else in the world—and that has been a complete game changer for us. No more spending all day hunting through false positives, and no more overly complex reports that don’t make sense and are frustrating to explain to management. Everything is there, it’s ready, and it’s exportable. You can do just about anything with Crowdstrike, and when I say that, I quite literally mean it.
If you want to sleep at night knowing your organization is protected with what I consider the best protection available on the market, I’d strongly suggest going with Crowdstrike. I’m personally sleeping better at night, and members of my team are far less stressed on weekends—we’re no longer dreading a call that our infrastructure has been compromised.
We use this as our main source of protection across our entire enterprise.
If you want to sleep at night knowing your organization is protected with what I consider the best protection available on the market, I’d strongly suggest going with Crowdstrike. I’m personally sleeping better at night, and members of my team are far less stressed on weekends—we’re no longer dreading a call that our infrastructure has been compromised.
We use this as our main source of protection across our entire enterprise.
What do you dislike about the product?
It's a complex beast to master - it takes time. That's not even really a dislike, it's more of a fact. If you want to be able to fully understand the product, and use all of the features to their fullest, you need to sit down, and do some training and education. Anything worth using though, takes time to master.
What problems is the product solving and how is that benefiting you?
The ever present issue of a breach - if we are breached, we know that response and remediation will take place in minutes, not hours or days. You can do everything right, but the end user is always going to be your weakest link, and the juciest target. However, while users maybe juicy targets, Crowdstrikes Spotlight Vulnerability Mangement platform gives me the ability to patch Windows on the fly, and show me what other third programs need to be patched as well. Not only that, but the remediation time frame window reports, and the general reporting ability of Spotlight is amazing. The reports are straightforward and easy to read for non-technical members of management. They aren't focused on flashy statistics - they're focused on giving you a no frills picture of what's going on in your environment.
Daniel S.
Feature-Rich EDR
Reviewed on Apr 07, 2026
Review provided by G2
What do you like best about the product?
It has features you don't see in other technologies; it's a fantastic EDR and offers plenty of options for configuration and customization—something that's difficult to find in other technologies.
What do you dislike about the product?
The learning curve is steep, and there are many modules that change frequently
What problems is the product solving and how is that benefiting you?
Implementing better security policies to strengthen teams against potential breaches, using RTR connections to deploy scripts, and the new approach CrowdStrike is taking with SIEM help provide greater visibility into events as they occur.
Brian H.
Peace of Mind with 24/7 Threat Detection
Reviewed on Mar 25, 2026
Review provided by G2
What do you like best about the product?
I love that with CrowdStrike Falcon Endpoint Protection Platform, I don't have to worry about my endpoints. If there's a problem, they take care of it and notify me, which allows me to sleep much better at night knowing that CrowdStrike Falcon has our back. The platform is worth every penny. It's very easy to set up, and we were able to automate the deployment of the agent, making it very helpful for our team.
What do you dislike about the product?
Absolutely nothing!
What problems is the product solving and how is that benefiting you?
I use CrowdStrike Falcon Endpoint Protection Platform for threat detection, 24/7 endpoint monitoring, and remediation, allowing us to avoid hiring a round-the-clock internal staff.