External reviews
External reviews are not included in the AWS star rating for the product.
Crowdstrike Falcon - A lightweight agent with superb EDR capabilities and easy management
What do you like best about the product?
The agent is extremely lightweight and it never takes huge resources on the system. Management is extremely easy with easy dashboard. The alerts are extremely well detailed, so any L2 system administrator can understand them and take appropriate actions starting from marking them as malicious or false positive, quarantining the alert to network containing the host. If you are still on conventional AV, switch to Crowdstrike EDR for the best secured experience. It is also one of the leaders in Gartner magic quadrant.
What do you dislike about the product?
The threat advisory part is a little hard to understand for the L2 administrators. So it can be simplified into different attacks and their hashes and ioc which can be blocked easily across the organisation. Its again not a part to dislike but still something which can be improved or modified based on my personal choice.
What problems is the product solving and how is that benefiting you?
Endpoint and host security real time device level log analysis and threat behaviour with seamless machine learning analysis. These capabilities lacked in a conventional antivirus product which was entirely dependent on virus definition signature. With crowdstrike edr, each amd every system event is being analyzed which prevents in the origin of a malicious event.
Recommendations to others considering the product:
Switch to Crowdstrike edr for seamless security and event monitoring. It is a single pane of glass to manage host security instead of depending on a range of products like threat prevention, web filter, firewall etc. which takes up unnecessary resources on system.
- Leave a Comment |
- Mark review as helpful
Great Tool for Endpoint Protection
What do you like best about the product?
How efficiently and effectively it captures the process details and changes made in the endpoint. It captures detctions and co-relate them though time and presents the detection and a very details graph as well as provides details process tree. Also it is really easy and simple to deploy through out the network. Writing custom rules and blacklisting and whitelisting is fairly simple as well.. It proivdes great protection from zero-day attacks as well as know APT groups. Integration with log collection tools like SIEM & UEBA tools is fairly simple and effective. The Overwatch detection functionality support is also a gem.
What do you dislike about the product?
The crowdstrike console looks a bit congested. A lot of information is put on a single screen. Another reason for someone to opt for other EDR solution would be the price, Crowdstrike as a solution is little bit on the expensive side
What problems is the product solving and how is that benefiting you?
We are utilizing EDR for real-time detections and protections. Also we are utilizing for threat management, zero-day covergae. Also it also help in Asset Management. Threat Hunting can also be performed very effectively using Crowdstrike.
Recommendations to others considering the product:
If we are looking for andy EDR solution, crowdstrike should defenitely be an option because it can not only be an EDR piece but can remove the requirement for a seperate AV solution all together. The Threat detection and the Thret Hunting module really adds up a lot value to the overall security controls in the environment.
The next gen cloud based AV that works
What do you like best about the product?
We have been pleased with the capabilities of the product as well as the ease of installation of the agents that does not require a reboot affecting production. Support has been great and the analytics from the product provides great insights. Policies and groups are easily managed. The control and insights you get from your endpoint is great! The sandboxing feature is also a favorite feature to talk about. The ability to hunt, search, and monitor malware as well as tracing the instrusion makes this product stand out alot. Since Crowdstrike analyzes and stops similar threats from all customer's devices, it builds a big repository to harden security and prevention. The graphs and charts makes it easy to understand and to see where the trends are for Indicators of Attacks.
What do you dislike about the product?
All the modules are not free and that's understandable. Each module does a specific task and requirement based on your needs.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection helped us gain better visibility in our network and helps us with the intrusion through the ML prevention methods and expert review of our metadata for recommendations of prevention. The sandboxing capability as well as the malware hunt is great.
Recommendations to others considering the product:
Ask for a demo and test it out to see if it's suitable for your environment.
About Crowdstrike
What do you like best about the product?
Its a very secure and advanced technology to protect system in all threating like malware protection, can work as an AV, even system got non compliance it can block network also to prevent unauthorised access which os very good
What do you dislike about the product?
Sometimes its got more challenging to work on web as its blocks many websites to access
What problems is the product solving and how is that benefiting you?
If system not updated properly it will block network which is good even ot can work as AV, DLP endpoint with latest cloud based through a single lightweight agent
Best NextGen Antivirus I used
What do you like best about the product?
Install and forget about it. 90% of the tasks prevent anything malicious. Hats off to the developers on studying the patterns and implementing such machine learning algorithms.
What do you dislike about the product?
With CrowdStrike I don't have the ability to scan the system on demand.
What problems is the product solving and how is that benefiting you?
Prevention even before the Virus enters the system.
Mandatory solution to monitor and protect endpoints.
What do you like best about the product?
Amazing detection, easy to use interface and timely support.
What do you dislike about the product?
Sometimes the web portal searches are slow. Also no native support for multitenancy.
What problems is the product solving and how is that benefiting you?
Endpoint protection is quite a challenging task as the malware can reside for years once it bypasses perimeter level protection. Crowdstrike helps doscover and detect abnormalities for corrective action.
A great AV for small and large businesses alike
What do you like best about the product?
For our purposes since we do not have a NOC team, I like the relatively hands-off approach you can take with this. It does require an initial setup, and as the central Falcon page updates with more features, and/or if your configuration of Crowdstrike's recommended settings doesn't match what you have set, they'll send you emails about what to turn on and off, or raise or lower how aggressive the AV is acting or reporting. They'll even call you and remote share your screen so they can give you tips about the UI and what to look for. There is some self-management involved; you need to be able to make sure your sensors are up to date and keep an eye out for malicious activity, and if you have EDR, investigate the root cause.
What do you dislike about the product?
I dislike the UI to be honest. I think navigating to some of the pages isn't intuitive and needs to be cleaner and easier to get to. There are some elements that make little sense as far as where you need to go to look up a certain report, and when they told me I needed to go to Legacy dashboards to find something they wanted me to frequent, I thought that was odd. Also, it has a dark theme but it only works on the main page--once you start going into sub-navigation it returns white.
What problems is the product solving and how is that benefiting you?
we're solving the problem of not having to be too hands on with making sure agents are up to date (not having to worry about signature updates failing on a lot of computers, for example). Sometimes agent sensors don't update properly but there is a good report for seeing which ones haven't updated and rectifying it is easy. The benefit is it gives us a better sense of security so we can focus on other tasks without having to invest too much time into micromanaging devices.
CrowdStrike Falcon Review
What do you like best about the product?
CrowdStrike ability to move into the NextGen AV & Malware Detection.
What do you dislike about the product?
I would like to see a remediation scanner added to CS falcon to have the ability to clean up leftover art facts that get left behind .
What problems is the product solving and how is that benefiting you?
The CS Falcon has become a full replacement for the EOL Symantec SEP console.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
Recommendations to others considering the product:
They are moving in the right directions for the NextGen EDR solutions..
Exceptional threat protection with turnkey service.
What do you like best about the product?
As a customer of CrowdStrike's Falcon Complete, our endpoint protection is fully managed from detection to remediation. It's great peace of mind having CrowdStrike's team monitoring things around the clock, especially for a security team with limited resources such as ours. We all sleep better at night knowing we have CrowdStrike acting as an extension of our team keeping us protected against threats. The protection is superb and the level of false positives even with security settings tuned to the higher end are few and far between and easy to whitelist if needed. Falcon is very lightweight compared to other clients we have run in the past as well which is a nice bonus. The solution logs to our QRadar SIEM with minimal setup which is also great, just a quick API key generation and installation of the apps within QRadar and you're up and running.
What do you dislike about the product?
We do have some legacy systems within our environment that for one reason or another we're required to keep around. Falcon won't run on these which is completely understandable but this really is the only thing I could really include as a dislike. However, CrowdStrike does have a partner network of other solutions which can integrate to the console and provide additional security where CrowdStrike Falcon cannot run. For some of our legacy systems we utilize Airlock Digital to lockdown these legacy systems with application whitelisting. Some endpoint protection suites are still offered with limited legacy support, it would be nice to see some more modern platforms offering a level of protection for these markets but as I said - I understand the need to focus on the main userbase. The UI is a little over loaded but it's not difficult to manage overall - just feels like it could be laid out a bit better.
What problems is the product solving and how is that benefiting you?
One of our most significant challenges we faced when using more legacy endpoint protection products was the lack of EDR capabilities and being limited to the availability and capabilities of our staff. With traditional endpoint protection, without EDR, infections could run rampant on the network before one could get a handle on them even with well trained staff at the wheel. In addition to this, staffing limitations were also a problem with our legacy solution. We simply didn't have the budget to have experts operating around the clock and had to resort to best effort capabilities by help desk staff to escalate when it was needed - wasting precious time in the IR process. CrowdStrike Falcon complete gives us both a quality product with EDR capabilities and excellent detection capabilities along with a team of experts monitoring and available to remediate threats around the clock.
Recommendations to others considering the product:
If you are in need of quality endpoint protection to help sleep easier at night, CrowdStrike Falcon is certainly a good direction to go with. As with most cutting edge endpoint protection platforms, you will pay a small price premium but endpoint protection isn't something to cut corners with. The threat actor only needs to be successful once to make your life miserable and cost your organizations a significant amount of money.
Are you sure it's working? It was!
What do you like best about the product?
This is the second organization where I've used CrowdStrike Falcon. I really appreciate how configurable it is. That allows our small IT organization to tweak the settings to prevent false alarms and alert overload. We simply don't have time to be wading through alerts. When we first deployed it, I was a little worried that it wasn't working since we weren't getting any alerts. With a little tweaking, we were able to turn up the sensitivity to give us just the alerts we need to see and not any of the false positives or minor issues that everyone sees. I love the fact that it is a next-generation product so that it looks for malware-like behavior rather than relying on a database of already known malware.
What do you dislike about the product?
I dislike how tough it is to get their annual threat actor calendars. I love the calendar, but it always takes a couple of months for it to get here. There are times that I wish the email alert feature would let you get alerts on minor issues. I know that's the opposite of what I like about it, but for that initial period when we weren't seeing any alerts, it would have been nice to be able to crank up the email alerts when those first couple of issues came in so I knew things were working correctly.
What problems is the product solving and how is that benefiting you?
We were using Windows Defender before Falcon. As the IT Director, I wasn't comfortable that it was giving our users the protection they needed, particularly in this COVID-19 work from home world that we're in. With Falcon installed, I know that we'll find out if our users get attacked or compromised so that we can deal with it right away.
showing 181 - 190