I use it for cloud workload protection and threat detection in AWS environments.
CrowdStrike Falcon Endpoint Protection
CrowdStrikeExternal reviews
422 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Deep Endpoint Visibility, Powerful CQL, and Exceptional CrowdStrike Support
What do you like best about the product?
One of the standout features of CrowdStrike Falcon is its versatility as a data source, providing deep visibility into endpoint activity and threat telemetry. The platform’s CrowdStrike Query Language (CQL) is intuitive yet powerful, enabling security teams to perform complex queries without requiring extensive training. This makes investigations and threat hunting highly efficient.
Additionally, the ability to create dashboards quickly and customize them to specific operational needs is a major advantage for monitoring and reporting. The integration with CrowdStrike’s Next-Gen SIEM capabilities further enhances the platform’s value by centralizing and correlating data across multiple sources, improving detection and response times.
Another aspect I truly appreciate is that the CrowdStrike team is constantly improving the platform and actively listens to customer feedback. They are highly engaged and will not hesitate to address issues or implement enhancements—especially when you meet them at Fal.Con, where collaboration and innovation are clearly prioritized.
Finally, CrowdStrike’s support team is exceptional—fast, knowledgeable, and proactive in resolving issues, which significantly reduces downtime and ensures smooth operations.
Additionally, the ability to create dashboards quickly and customize them to specific operational needs is a major advantage for monitoring and reporting. The integration with CrowdStrike’s Next-Gen SIEM capabilities further enhances the platform’s value by centralizing and correlating data across multiple sources, improving detection and response times.
Another aspect I truly appreciate is that the CrowdStrike team is constantly improving the platform and actively listens to customer feedback. They are highly engaged and will not hesitate to address issues or implement enhancements—especially when you meet them at Fal.Con, where collaboration and innovation are clearly prioritized.
Finally, CrowdStrike’s support team is exceptional—fast, knowledgeable, and proactive in resolving issues, which significantly reduces downtime and ensures smooth operations.
What do you dislike about the product?
Limited dashboard sharing options – Currently, dashboards cannot be shared outside of the CrowdStrike environment, which makes collaboration with external stakeholders or reporting to non-platform users more challenging.
Lack of built-in conditional access features – The platform does not provide native functionality for location-based access control or alerting. This would be a valuable addition for organizations looking to enforce granular security policies based on geolocation.
User interface complexity – Although feature-rich, the interface can sometimes feel cluttered and unintuitive, especially for new users. Streamlining navigation and improving UI consistency would enhance the overall user experience.
Lack of built-in conditional access features – The platform does not provide native functionality for location-based access control or alerting. This would be a valuable addition for organizations looking to enforce granular security policies based on geolocation.
User interface complexity – Although feature-rich, the interface can sometimes feel cluttered and unintuitive, especially for new users. Streamlining navigation and improving UI consistency would enhance the overall user experience.
What problems is the product solving and how is that benefiting you?
Rapid threat detection and response – The platform enables us to identify malicious actions almost immediately, significantly reducing dwell time and improving incident response. Combined with the CrowdStrike SOC’s 24/7 monitoring, we have continuous protection and expert oversight, which strengthens our overall security posture.
Enhanced device visibility – Falcon provides comprehensive visibility into endpoints across our infrastructure, including systems that would otherwise remain unnoticed. This capability is essential for maintaining an accurate asset inventory and ensuring that all devices are properly monitored and protected.
Operational flexibility – While primarily designed for endpoint protection, we have successfully leveraged the platform to automate software deployments, even though it was not originally built for this purpose. This demonstrates the versatility and adaptability of the solution within our environment.
Enhanced device visibility – Falcon provides comprehensive visibility into endpoints across our infrastructure, including systems that would otherwise remain unnoticed. This capability is essential for maintaining an accurate asset inventory and ensuring that all devices are properly monitored and protected.
Operational flexibility – While primarily designed for endpoint protection, we have successfully leveraged the platform to automate software deployments, even though it was not originally built for this purpose. This demonstrates the versatility and adaptability of the solution within our environment.
Best-in-Class EDR with a Complete Ecosystem and Strong Enterprise Support
What do you like best about the product?
Best in class EDR. Full ecosystem and products. Falcon Complete services behind it. Strong enterprise support model and team
What do you dislike about the product?
Platform getting a bit bloated. Too many features and getting complex
What problems is the product solving and how is that benefiting you?
Multiple problems. It is a core element of our security program for EDR, Identity, cloud, SIEM, etc. Integrations and automation workflow also enable secops needs. Falcon Complete enables sec operations
Simple, Powerful, Hassle-Free Endpoint Protection with CrowdStrike Falcon
What do you like best about the product?
CrowdStrike Falcon is a simple yet powerful, cloud-based cybersecurity solution that protects computers and devices without slowing them down. It uses smart AI and behavior tracking to stop hackers and malware in real time. It also brings together next-generation antivirus, endpoint detection and response (EDR), and threat hunting in one easy-to-use platform. Deployment is quick, with no on-site servers needed, and it provides excellent protection and visibility—making it one of the most effective and hassle-free security tools available today.
What do you dislike about the product?
The least helpful aspects of CrowdStrike Falcon are its high cost, which can be difficult for smaller businesses, and its complex licensing, since advanced features often require additional add-ons. Because it’s cloud-based, it may not work as well without a reliable internet connection, and some companies can struggle to integrate it with older systems. There’s also a learning curve to fully use all of its features, and depending on the cloud can raise data compliance concerns for organizations in regulated industries.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon addresses challenges such as advanced cyberattacks, ransomware, and slow detection through AI-driven protection and real-time monitoring. It provides comprehensive visibility across all endpoints, helps reduce response times, and streamlines security operations by relying on a single, lightweight agent. For organizations, this translates into preventing breaches, accelerating incident response, reducing operational complexity, and strengthening compliance—while still delivering strong ROI and a modern, scalable security solution.
Powerful Cloud-Based Endpoint Security with AI-Driven Threat Detection
What do you like best about the product?
This platform delivers strong endpoint security through a cloud-based architecture that helps minimize the impact on system performance. It leverages advanced methods such as behavioral analysis, artificial intelligence, and real-time threat intelligence to detect and stop attacks, including zero-day threats and fileless malware. The centralized management console offers clear visibility into endpoint activity, which makes day-to-day monitoring and incident investigation more efficient. With its scalability and quick deployment, it’s a good fit for organizations supporting a large or distributed workforce.
What do you dislike about the product?
Although this tool has many advantages, it isn’t positioned as a comprehensive website or content-filtering solution, since its web-blocking features mainly target malicious or explicitly defined domains. It’s also an expensive platform, especially for smaller organizations or for teams that need capabilities available only in higher-tier licenses. In addition, getting full value from the depth of alerts and investigation data depends heavily on experienced security personnel. Finally, because it relies on cloud connectivity, it can be less effective in environments with unstable internet access.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform addresses the challenge of sophisticated, constantly evolving cyber threats that many traditional antivirus solutions may fail to detect. By using cloud intelligence, behavioral techniques, and continuous monitoring, CrowdStrike helps protect against malware, ransomware, and zero-day attacks before damage occurs. As a result, it helps reduce the risk of system compromise, data loss, and security breaches.
Efficient Enterprise Management That Works Smoothly
What do you like best about the product?
This is an efficient tool for managing an enterprise environment, and it also works very efficiently.
What do you dislike about the product?
The sync time needs to be reduced to allow USB syncing or other exclusions.
What problems is the product solving and how is that benefiting you?
It resolves multiple problems on a daily basis by identifying threats and malicious issues.
Excellent Cloud-Native Threat Detection with a User-Friendly, Lightweight Falcon Agent
What do you like best about the product?
The features that i like about Falcon CrowdStrike are:
1. Advanced Threat Detection and Prevention.
2. USB Device control.
3. Cloud-Native Architecture.
4. Lightweight agent which doesn't impact user device performance.
5. Crowdstrike Falcon is easy to implement in the environment and has a user-friendly dashboard interface.
1. Advanced Threat Detection and Prevention.
2. USB Device control.
3. Cloud-Native Architecture.
4. Lightweight agent which doesn't impact user device performance.
5. Crowdstrike Falcon is easy to implement in the environment and has a user-friendly dashboard interface.
What do you dislike about the product?
The dislikes are:
1. Complex Integrations for Non-CrowdStrike Products.
2.Learning curve for new users.
3. Customer support is taking a little bit delay.
1. Complex Integrations for Non-CrowdStrike Products.
2.Learning curve for new users.
3. Customer support is taking a little bit delay.
What problems is the product solving and how is that benefiting you?
My overall experience with CrowdStrike Falcon Endpoint Protection has been highly positive. The platform uses a lightweight agent that has minimal impact on endpoint performance, enabling large-scale deployment without causing disruptions or noticeable impact to end users.
For example, during a rollout to remote employee laptops, Falcon successfully detected a script-based malware attack that our previous security solution failed to identify. The alert was immediately visible in the central dashboard, allowing the security team to quickly isolate the affected device, analyze the threat behavior, and remediate the issue within an hour.
On a daily basis, the Falcon console delivers comprehensive endpoint visibility and streamlined incident investigation, significantly reducing response times and manual effort for the security team. Overall, CrowdStrike Falcon has proven to be a reliable and efficient solution for protecting endpoints and minimizing security risks.
For example, during a rollout to remote employee laptops, Falcon successfully detected a script-based malware attack that our previous security solution failed to identify. The alert was immediately visible in the central dashboard, allowing the security team to quickly isolate the affected device, analyze the threat behavior, and remediate the issue within an hour.
On a daily basis, the Falcon console delivers comprehensive endpoint visibility and streamlined incident investigation, significantly reducing response times and manual effort for the security team. Overall, CrowdStrike Falcon has proven to be a reliable and efficient solution for protecting endpoints and minimizing security risks.
Cloud-Native Protection with AI-Driven Detection and Real-Time Response
What do you like best about the product?
CrowdStrike falcon endpoint protection platform is its cloud-native design string AI-driven threat detection real time response capabilities and minimal impact on endpoint performance while providing excellent visibility
What do you dislike about the product?
CrowdStrike falcon endpoint protection platform is that its advance features can be expensive the licensing and tuning the platform properly requires significant time and expertise
What problems is the product solving and how is that benefiting you?
CrowdStrike falcon protects endpoints from malware ransomware and advanced threats it improves security visibility enables fast threat detection and response reduces operational workloads and help maintain compliance benefiting IT teams and overall security.
CrowdStrike Falcon: Protecting Endpoints with Intelligence
What do you like best about the product?
1. Cloud-Native Architecture
2. AI-Driven Threat Detection
3. Centralized Visibility and Response
4. Rapid Incident Response
5. Scalable for Any Environment
6. Continuous Threat Intelligence
CrowdStrike Falcon is its powerful, proactive threat detection and response, delivered through a lightweight, scalable, cloud-native platform that gives security teams deep visibility and control.
2. AI-Driven Threat Detection
3. Centralized Visibility and Response
4. Rapid Incident Response
5. Scalable for Any Environment
6. Continuous Threat Intelligence
CrowdStrike Falcon is its powerful, proactive threat detection and response, delivered through a lightweight, scalable, cloud-native platform that gives security teams deep visibility and control.
What do you dislike about the product?
Cost, Learning Curve, Alert Volume, Custom Integrations
What problems is the product solving and how is that benefiting you?
1. Advanced Threat Protection
2. Real-Time Endpoint Visibility
3. Rapid Incident Response
4. Proactive Threat Hunting
5. Simplified Management at Scale
CrowdStrike Falcon solves challenges around malware, ransomware, visibility, incident response, and threat hunting, benefiting us by enhancing security, reducing risks, and improving operational efficiency across all endpoints.
2. Real-Time Endpoint Visibility
3. Rapid Incident Response
4. Proactive Threat Hunting
5. Simplified Management at Scale
CrowdStrike Falcon solves challenges around malware, ransomware, visibility, incident response, and threat hunting, benefiting us by enhancing security, reducing risks, and improving operational efficiency across all endpoints.
Cloud threat visibility has improved and now supports flexible, low-overhead protection for startups
What is our primary use case?
How has it helped my organization?
The pay-as-you-go model enabled me to deploy quickly from the AWS Marketplace management account.
It scaled protection for workloads without upfront commitments and reduced the initial operational overhead.
It provides real-time visibility into cloud threats, helping stop breaches faster in dynamic AWS setups.
What is most valuable?
I find the seamless AWS integration and single lightweight agent to have minimal performance impact.
The cloud-native SIEM and runtime security leverages threat intelligence for proactive detection.
Flexible billing through AWS is ideal for startups testing security without long-term locks.
What needs improvement?
I believe that AI-powered SOAR workflow suggestions could streamline incident response.
For how long have I used the solution?
I have been using it for 1 month.
Which solution did I use previously and why did I switch?
We are a new startup, so we did not use any previous solutions.
What's my experience with pricing, setup cost, and licensing?
The pay-as-you-go model excels for startups with variable AWS workloads, avoiding large upfront costs and scaling with usage.
Which other solutions did I evaluate?
I evaluated Prisma Cloud, Wiz, and Orca Security alongside native AWS options.
What other advice do I have?
CrowdStrike Falcon for AWS (pay-as-you-go) delivers strong cloud-native protection via AWS Marketplace, which is ideal for startups scaling workloads.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Effortless Deployment and Powerful Real-Time Protection
What do you like best about the product?
What I like best about CrowdStrike Falcon is its lightweight agent and cloud-native architecture, which makes deployment and management extremely easy without impacting system performance. The real-time threat detection powered by AI and behavioral analytics is impressive, as it helps identify and stop advanced attacks proactively. I also appreciate the centralized dashboard and visibility across endpoints, which simplifies incident response and reduces investigation time significantly.
What do you dislike about the product?
While CrowdStrike Falcon is a powerful solution, one area that could be improved is its cost structure—it can be expensive for smaller organizations. Additionally, some advanced features require separate licensing, which adds complexity. The initial learning curve for navigating all the modules can also be a bit steep for new users.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon helps solve the challenge of detecting and preventing advanced threats like ransomware, malware, and zero-day attacks in real time. Its cloud-native architecture and AI-driven analytics provide continuous monitoring and proactive threat hunting, which significantly reduces the risk of breaches. For us, this means faster incident response, improved visibility across all endpoints, and less time spent on manual investigations—ultimately strengthening our overall security posture and reducing operational overhead.
You can tailor this based on your SOC perspective:
Problem solved: Lack of visibility across endpoints → Benefit: Centralized dashboard and real-time alerts.
Problem solved: Slow detection and response → Benefit: Automated containment and forensic capabilities.
Problem solved: Resource-heavy traditional solutions → Benefit: Lightweight agent with minimal performance impact.
Would you like me to prepare 3 versions of this answer:
Technical SOC-focused,
Business impact-focused,
Short and crisp for surveys?
Provide your feedback on BizChatMake it SOC-focusedFocus on business benefits
You can tailor this based on your SOC perspective:
Problem solved: Lack of visibility across endpoints → Benefit: Centralized dashboard and real-time alerts.
Problem solved: Slow detection and response → Benefit: Automated containment and forensic capabilities.
Problem solved: Resource-heavy traditional solutions → Benefit: Lightweight agent with minimal performance impact.
Would you like me to prepare 3 versions of this answer:
Technical SOC-focused,
Business impact-focused,
Short and crisp for surveys?
Provide your feedback on BizChatMake it SOC-focusedFocus on business benefits
showing 11 - 20