The main use cases for CrowdStrike Falcon from my customers are the lightweight agent, which is very easy to use, and it will protect the complete environment in a single dashboard.

A specific use case from my customers for CrowdStrike Falcon is that the SaaS-based single agent can protect all the platforms.

The best features of CrowdStrike Falcon are the single agent and the fact that there is no daily signature update.

There is no daily signature update because it operates as a signatureless solution.

Regarding the lightweight agent, all other solutions have multiple agents, which degrade system performance; however, this single agent has multiple features that increase system performance.

The elimination of on-prem infrastructure through CrowdStrike Falcon's cloud-native architecture has impacted my customers by reducing both cost and complexity, as they are now using the cloud-native solution.

I recommend that some deep-dive trainings are required for the NG SIEM, specifically for their next-generation SIEM module, as they need some basic trainings for that.

To clarify, deep-dive trainings are required specifically for the NG SIEM or next-gen SIEM.

For technical support, I would rate it as a nine out of ten.

There are no complaints about the support.

My customers have seen a return on investment with CrowdStrike Falcon.

While I do not have specific details currently available, those who purchased are very happy with the solution.

The price is reasonable when comparing it to other tools.

The license cost is typically per device.

Based on the modules customers purchase, the cost will increase, as they have more than 28 to 32 modules.

The feature called Threat Graph for threat hunting helps in terms of security to predict and prevent breaches by showing how threats are evolving and how we can protect the customer environment, which helps us build better security.

I have integrated CrowdStrike Falcon with existing SIEM solutions and security frameworks.

It helps to streamline incident response processes because it is very easy to integrate with SIEM solutions like IBM QRadar and HPE ArcSight; for the incident response, it helps us correlate with other solutions.

My customers using CrowdStrike Falcon are mainly from all industries, including ITES, finance, marketing, manufacturing, and health.

I recommend that those planning to use CrowdStrike Falcon should migrate from their old traditional antivirus to next-gen antivirus, which will help them protect their environment.

The biggest advantage of this solution for my customers is that it is a single solution that fulfills most of their security concerns while being easy to manage.

I rate CrowdStrike Falcon ten out of ten.

CrowdStrike Falcon is used for incident response.

It is very easy to hunt a threat in the organization. It keeps logs, making it very easy to investigate any kind of incident using CrowdStrike by looking at the processes that are running on a machine. There's more visibility over the endpoint through CrowdStrike.

The ability to remote into other devices for investigation and the way it presents a graphical representation of the detection, like the parent-child process, are valuable features.

The new interface, the UI, seems a bit messy. The previous one was quite clear. It might be because of my adaptation to it. That's what I see as needing improvement.

I have been using CrowdStrike Falcon for more than three years, around three and a half years.

It is quite stable. I would rate it eight or nine out of ten.

I would rate customer service and support a ten. I am very satisfied with the support.

I have used antiviruses like Symantec before. Compared to all of that, I found CrowdStrike quite striking. Even compared to Defender, I find CrowdStrike more appealing.

On the terms of investigating, I find it's quite easy to investigate an event and have a broader look at the event using CrowdStrike. I would rate the time saved around eight, nine, or even ten out of ten. Compared to Defender, it makes it faster to investigate.

I think the pricing is quite reasonable with the services they provide.

For an incident investigator, it's quite easy to use, and it provides great visibility over the processes.

I'd rate the solution ten out of ten.

We use Falcon to investigate threats and reduce risks in our environment. It covers multiple departments within the same building and company. All units are attached to one controller, so we can manage them from one point.

We can implement different kinds of policies on sensitive data for various departments. For example, I can limit how data can be changed if I'm dealing with financial data. It's the same for production or logistics. We can set rules for data sharing and access because some departments need to share data with customers.

CrowdStrike's AI-driven analytics have improved our security considerably. It's sharing information from across the infrastructure and applying machine learning to prevent issues. This is a powerful, proactive approach to cybersecurity. It takes action in time to prevent the problem, so we don't need to remedy it after the fact. Sometimes, by the time you take action, it's already too late.

Before deploying Falcon, I would avoid taking action due to potential risks. With CrowdStrike, I don't worry about recovering data, so I can focus on preventing situations. In two years, I have never had that problem. When I look at the platform, I can see all the notifications and the actions taken. I can see how potential attacks can possibly reach the server and create a significant incident. Thus, I can directly measure the quality of the service.

Falcon is easy to integrate with our infrastructure because we can control the entire network through our fiber router and switch. CrowdStrike can interface with all devices easily and provide integrated security. Falcon gives you greater control without any problems.

The agent will recognize issues immediately, and we can follow up to create a plan for if this problem reappears or is still present on the infrastructure. Falcon enables instant remediation. It doesn't take two or three days. It's in real-time.

Falcon has the capacity to identify potential problems quickly. The administrator can deploy the agent, and the users cannot change it. This assures you that the agent remains on this device. Also, the agent can act preemptively to provide alerts about potential problems.

When there's a problem, you can follow the rules. For example, you can put a file that might be infected into quarantine or lock the device, preventing it from propagating the threat to other devices or networks. The agents are collecting information and feeding that back into the CrowdStrike platform, so you have 24/7 control and visibility.

Falcon's deep learning capabilities are flexible and work across multiple operating systems. You can control everything from the same place, whether you're dealing with a Windows, Linux, or Mac device. You can define your policies precisely and decide how you want the platform to respond in any situation.

CrowdStrike's AI approach is interesting because it improves the capacity to correlate information based on all the deployments on devices worldwide. It analyzes this data to identify something anomalous that could potentially be a problem in your environment. Falcon can isolate the issue to determine if it's a real threat. You will get an email saying the platform has identified a potential problem they are investigating.

Falcon explains the steps they are taking. After the issue has been resolved, you will get another message showing CrowdStrike's analysis and evidence that the problem is now under control. I get about 20 emails from CrowdStrike daily.

I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time.

We have used Falcon for two years.

I rate CrowdStrike support 10 out of 10. They have one of the best teams that I've worked with. They're very fast and professional, with a high level of skill and knowledge.

I previously used Sophos. It's a good solution that works well with other Sophos infrastructure, like firewalls, etc. For example, if the firewall is from Sophos, it can interact with the software to identify a problem. However, CrowdStrike is more powerful when using hardware from different vendors. It doesn't rely on specific hardware because it works with an agent, so you're more flexible and less constrained.

Overall, Falcon is more powerful than other solutions. It is light on resource consumption. It has a minimal effect on the client when you have installed the system because everything is controlled by our cloud platform where you can see the portfolio of devices.

The installation was quite easy. The platform is based in the cloud, but you need to download agents based on your operating system. After you install the agents, you only need to configure the various devices on the cloud platform. CrowdStrike's platform is managed by the vendor. You can log in and manage your portfolio of devices and define your policy or apply profiles to groups of users and devices.

We feel like Falcon is worth what we pay. The cost of the solution is minimal compared to restoring data from a potential attack.

Falcon's price is accessible, and it's a good value for the level of quality we get. We don't have any objections based on the cost, and we understand that you will pay more for an enterprise solution. There is no objection to the cost. It's appropriately priced for the service that we receive.

I rate CrowdStrike Falcon 10 out of 10.

We provide a service for our clients with CrowdStrike Falcon. Alerts come into the CrowdStrike Falcon dashboard, and we investigate them based on the process tree and commands running. We check everything for any infections in the host or internal connections. If a threat is confirmed, we place it into the containment section inside Falcon.

CrowdStrike improves our detection capabilities. We use multiple tools like Symantec and this one. CrowdStrike reports on the processes and services, allowing us to investigate forensically. We can conduct a deep analysis and identify the threat at the memory level. We can do more investigation of the process to see where it started and where it is going. We can see the commands running on the backend, CPU utilization, and memory consumption. All of that information is helpful.

CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools.

It's integrated with multiple threat intelligence sources, such as the AbuseIPDB. That integration helps because we can easily cross-check between CrowdStrike and other solutions like an MDR or Azure AD. Hybrid analysis is integrated with CrowdStrike in our environment. There's also sandbox analysis. It's more informative. We perform a routine activity in our test environment where we simulate the process and file.

CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization.

I have used Falcon for more than two years.

CrowdStrike Falcon is a stable solution.

CrowdStrike is scalable. We can query large amounts of data, and the solution responds well, whereas Splunk takes a longer time to perform a search operation.

I rate CrowdStrike support 10 out of 10. They respond quickly and don't take much time to resolve all our issues.

I have used Symantec and Rapid7.

Falcon was already deployed when I started working. It requires some maintenance. We need to make some adjustments for some use cases, or we might need to implement upgrades that require downtime.

CrowdStrike Falcon is expensive because it's based on the number of services.

I rate CrowdStrike Falcon 10 out of 10. It has delivered some good results.

I'm a security analyst. We get alerts on the cloud side that appear in the CrowdStrike console and also in our email. We can consolidate them on the console and check the process tree. You can see the hostname, user details, and all the information on the right side. On the file part, we can see whether the malicious file has been executed and decode it to see where the hash appears.

I worked with an event-tracking tool before I started working at this company, and any insights that were triggered in that tool would be noted in the infrastructure certificate tool. The information we gather from CrowdStrike will be updated in Azure, so all the information, resolutions, etc. will be added to Azure. We can check the activity and whether the malicious file is being blocked, quarantined, or allowed.

I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution. We determine the root cause of an alert and contact the end user via our Slack channel if necessary to gather additional information to determine whether they know about the activity. We can download and investigate the malicious file in the sandbox to see what's happening. We check to see if it has been executed. We can easily delete it in the CrowdStrike console if it hasn't.

I have used CrowdStrike for two years.

I rate CrowdStrike Falcon ten out of ten for stability.

I rate CrowdStrike Falcon ten out of ten for scalability.

I rate CrowdStrike support eight out of ten. They respond quickly on weekdays, but the weekend response times are slower.

I'm working on two projects. One is using CrowdStrike Falcon and the other is using Crowdstrike XDR, which is the advanced version.

Falcon is a cloud-based platform so deployment is easy. You only need to deploy the agent to the endpoints, but the data is stored in CrowdStrike.

I rate CrowdStrike Falcon ten out of ten. I would recommend Falcon to others.

We rely on CrowdStrike Falcon for comprehensive threat detection, prevention, and valuable insights. This robust solution also offers identity protection features. Our dedicated team of six professionals effectively manages the platform, ensuring its effectiveness across multiple locations, including our data centers and core facility.

CrowdStrike's advanced detection and prevention capabilities offer a superior level of protection against potential threats. Its unique feature of automated rules is designed to effectively confine threats at the device level. This automatic confinement of high alerts ensures that the device is secured immediately, buying crucial time for the dedicated response team to identify and neutralize the threat. This proactive strategy not only minimizes the potential impact of threats but also guarantees a rapid and efficient response to any security incidents, thereby enhancing the overall security posture.

We appreciate Falcon's network visibility feature as it allows us to monitor the evolution of threats on PCs and within the company network. The solution's real-time incident response is notably swift. Initially, we encountered numerous false positives during the project initiation phase. However, we managed to resolve most of them independently or with assistance from CrowdStrike support. Consequently, our security levels were significantly improved, and we elevated all parameters to their maximum. Currently, we seldom encounter false positives. Most of these were low-level alerts, while the high-level alerts were automatically quarantined.

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

We have been using CrowdStrike Falcon for nearly five years already.

Crowdstrike Falcon demonstrates exceptional stability once it has been properly configured with the appropriate settings. While there may be a period of adaptation and configuration required to ensure optimal performance, once the solution is in place, it operates with remarkable stability. Users can rely on Crowdstrike Falcon to consistently deliver reliable and secure protection without significant disruptions or instability.

I would rate Crowdstrike Falcon a nine out of 10 for scalability. It offers seamless scalability, allowing easy expansion of the sensor deployment to accommodate growing needs. However, it's worth noting that the primary limitation one may encounter is the cost associated with deploying additional sensors.

I rate CrowdStrike support nine out of 10. It's fantastic.

We made the switch from Symantec to Falcon because we required a solution that offered greater speed, reliability, and the ability to effectively handle the wide range of advanced threats present in the wild.

The initial setup of Crowdstrike Falcon was straightforward and efficient. The cloud-based deployment process was seamless for most components, with the exception of the sensors. Deploying the sensors to PCs was automated and hassle-free, requiring just a few minutes per device. However, to ensure the highest level of protection and customization, we opted to manually install the sensors on our servers. This hands-on approach allowed us to have greater control and assurance over the server deployment, ensuring the best possible protection for our critical infrastructure.

We've seen an ROI in terms of time saved. It's probably around 5 percent.

While Falcon's advanced capabilities offer robust security solutions, it's worth noting that some of these features may come at a higher cost. This could potentially make it a less economical option for small to medium-sized businesses operating on tighter budgets. It's important for such companies to weigh the benefits of Falcon's comprehensive protection against their financial constraints to make an informed decision.

Of course but I can't disclose this information.

I rate Crowdstrike Falcon nine out of 10.

I'm a tax lawyer, so the IRS requires me to have a security program.

Everything is automatic. I install the sensor and renew the service. Periodically, I get a notice that they've shut something down. It couldn't be less painful, and it couldn't be more reassuring. I never need to do anything with it. I don't tweak it or update it.

You place a sensor on your computers that requires a very small amount of memory. It's about 39k or so to run the sensor. It's not like other programs that slow down the computer. CrowdStrike is constantly scanning your computer from the cloud and responds in a millisecond when it detects anything.

The content-filtering features for children could be improved. We have young grandchildren aged 12 and 8. My daughter, their mother, wants to keep them from getting in trouble on the net. She looked at all these other solutions from Google, Microsoft, etc., and she couldn't figure out how to make any of those work. I told her that I bet CrowdStrike could handle this. Sure enough, CrowdStrike can do exactly that. It's the same solution that the Defense Department gets. It works, but it's a little complicated to implement. It could be simpler to set the policies.

I have used CrowdStrike Falcon for three or four years.

I rate CrowdStrike support 10 out of 10. It's an email-based procedure. You create a case, and they notify you when it's assigned. You get an email from the technician, and you correspond back and forth. I usually request a phone call. They respond quickly. It's usually within half an hour to an hour. The tech support is perfectly adequate and certainly helps with whatever you want. They're nice, and the people seem intelligent.

Setting up CrowdStrike Falcon is easy. They give you this enormous knowledge base. I almost never use it, but it covers absolutely everything. They also do a lot of handholding for the installation. You can get somebody to call you and tell you that everything is in the right place and it's doing all the right stuff. You can also do it by yourself, and you'll get an email message saying your sensor has been installed on this endpoint.

It took me about half an hour to an hour to download and install the sensor, but I also think it was influenced by the level at which I use CrowdStrike. I am their most basic user. A more complicated environment like the Defense Department might take more time.

CrowdStrike Falcon offers a great value. I'm the smallest kind of customer they had. It's a big step up. I had a more robust subscription, but I found I didn't use any of it ever, so I just cut back to the same thing that I had to begin with. You hardly notice any difference.

Crowdstrike Falcon is relatively cheap.

We also considered Palo Alto. It had a device, but once you got it, you had some technical issues to deal with. I don't know if Palo Alto's requirements were more or less onerous than CrowdStrike's, but it seemed a little more complicated.

The two products had similar pricing. Palo Alto was about $750 for the device and a small amount for maintenance and whatnot. The other one is $500 a shot. The fact that you can get some other form of security software for a tenth of that price doesn't matter. It's just not even worth thinking about.

I rate CrowdStrike Falcon 10 out of 10. It's extraordinarily easy to implement and use. You can do some advanced things that require some expertise, but those levels of security would be more appropriate for larger enterprises.