Excellence in Workflow Automation and Asset Management
What do you like best about the product?
The most useful features of CrowdStrike are its workflow automation, host containment, and asset management capabilities. CrowdStrike’s most valuable features include workflow management, host containment, and asset management.workflow automation, host containment, and asset management
What do you dislike about the product?
We are using the most user-friendly option, and I don't think anyone would dislike it.
What problems is the product solving and how is that benefiting you?
We are working on security features focused on host blocking, threat monitoring, IOA analysis, workflow integration, and automated script execution. Our work focuses on enhancing security through host blocking, threat monitoring, IOA detection, workflow integration, and script automation. We are developing advanced security features, including host containment, real-time threat monitoring, IOA-based detection, workflow automation, and script execution capabilities.
Crowdstike Falcon EDR: A SOC Analyst 's Hands-On review
What do you like best about the product?
As a SOC Analyst, I really value CrowdStrike Falcon’s real-time threat detection and visibility. The threat graph and behavioral analytics make it easier to investigate incidents and correlate activities quickly. I also like how lightweight the agent is—it doesn’t slow down endpoints, and updates are seamless. The dashboard is intuitive, and the detailed telemetry gives deep insights for hunting and responding to threats.
What do you dislike about the product?
The main drawback is the steep learning curve for new analysts, especially when diving into advanced hunting queries. Some of the alerts can be very noisy, requiring fine-tuning to avoid false positives. The pricing is also on the higher side compared to other EDR solutions, which might be challenging for smaller organizations.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon helps us detect and respond to endpoint threats in real-time. It provides detailed telemetry and behavioral analytics that improve our investigation speed and reduce dwell time. The cloud-based architecture ensures scalability and seamless updates. Overall, it has strengthened our SOC capabilities by giving us better visibility, faster containment, and reduced risk of data breaches.
State-of-Art solution that provides Visibility, Threat Analysis and Response
What do you like best about the product?
Falcon offers visibility, detection and response, and integration within a single agent. It is easy to deploy across different platforms and brings everything together in a unique central management console for threat analysis and orchestration. This setup allows for the creation of automatic and proactive responses to adversaries and other threats.
What do you dislike about the product?
Falcon Crowdstrike Marketplace apps are not updated regularly, which can be frustrating when trying to get a response from vendor integration during a proof of concept. The lack of timely updates sometimes makes the process more challenging than it should be.
What problems is the product solving and how is that benefiting you?
Visibility, integration, and protection are among the key benefits of using FALCON. These features enhance the way threat hunting, data analysis, and extended response are carried out within IT Security Architecture, offering solutions for every layer of security.
CS deployment is very straight forward, they are not only an endpoint but also a top security firm
What do you like best about the product?
The ease of implementation stood out. Deployment was fast with minimal disruption. The interface is intuitive, and the lightweight agent doesn’t impact system performance. Its broad feature set (threat detection, EDR, vulnerability management) is robust, and the frequency of use is daily since it runs seamlessly in the background. Customer support has been responsive and knowledgeable, and integration with other security tools has been straightforward.
What do you dislike about the product?
The cost can be somewhat concerning, particularly when considering the price of additional modules such as IAM and SOAR. I hope they will consider offering free access for at least 50 to 100 devices to allow users to test their features, as this could encourage customers like me to take their product more seriously. Overall, I like their product and believe it is worth the investment.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon addresses the challenge of advanced endpoint protection by detecting and stopping threats that traditional antivirus solutions often overlook. It gives us real-time visibility into attacks, suspicious activities, and vulnerabilities across all our endpoints, whether on-premises or remote.
This has led to a noticeable reduction in security incidents, less downtime, and better compliance with internal and regulatory security standards. Since it is cloud-native, we avoid the need to maintain heavy infrastructure, and updates are applied seamlessly. As a result, our IT and security teams now spend less time responding to incidents and can focus more on proactive defense.
Protect your enterprise network with CrowdStrike Falcon
What do you like best about the product?
Deploying CrowdStrike Falcon Endpoint Protection Platform agents across all computers in the network was easy and fast. CrowdStrike provide end point protection for your devices and ensure no malware gets access to your network.
Integration with Active directory is easy, and you can manage access and users. implementing on new devices with only agents to be installed,
As for the customer support if you have any issue, you can raise ticket with customer support, and they will sort out your issues with top technician.
What do you dislike about the product?
CrowdStrike utilize your device resources, so you need devices with high specs to avoid slowness and unusual performance for the computers.
What problems is the product solving and how is that benefiting you?
CrowdStrike helped our environment by protecting or end users' devices, and it control the access of end points such as USB and CD from Uknown sources.
Single-agent architecture enhances security while minimizing complexity and costs
What is our primary use case?
The main use cases for CrowdStrike Falcon from my customers are the lightweight agent, which is very easy to use, and it will protect the complete environment in a single dashboard.
A specific use case from my customers for CrowdStrike Falcon is that the SaaS-based single agent can protect all the platforms.
What is most valuable?
The best features of CrowdStrike Falcon are the single agent and the fact that there is no daily signature update.
There is no daily signature update because it operates as a signatureless solution.
Regarding the lightweight agent, all other solutions have multiple agents, which degrade system performance; however, this single agent has multiple features that increase system performance.
The elimination of on-prem infrastructure through CrowdStrike Falcon's cloud-native architecture has impacted my customers by reducing both cost and complexity, as they are now using the cloud-native solution.
What needs improvement?
I recommend that some deep-dive trainings are required for the NG SIEM, specifically for their next-generation SIEM module, as they need some basic trainings for that.
To clarify, deep-dive trainings are required specifically for the NG SIEM or next-gen SIEM.
For how long have I used the solution?
I have been working with CrowdStrike Falcon for six years.
How are customer service and support?
For technical support, I would rate it as a nine out of ten.
There are no complaints about the support.
How would you rate customer service and support?
How was the initial setup?
It is easy to set up CrowdStrike Falcon.
What was our ROI?
My customers have seen a return on investment with CrowdStrike Falcon.
While I do not have specific details currently available, those who purchased are very happy with the solution.
What's my experience with pricing, setup cost, and licensing?
The price is reasonable when comparing it to other tools.
The license cost is typically per device.
Based on the modules customers purchase, the cost will increase, as they have more than 28 to 32 modules.
What other advice do I have?
The feature called Threat Graph for threat hunting helps in terms of security to predict and prevent breaches by showing how threats are evolving and how we can protect the customer environment, which helps us build better security.
I have integrated CrowdStrike Falcon with existing SIEM solutions and security frameworks.
It helps to streamline incident response processes because it is very easy to integrate with SIEM solutions like IBM QRadar and HPE ArcSight; for the incident response, it helps us correlate with other solutions.
My customers using CrowdStrike Falcon are mainly from all industries, including ITES, finance, marketing, manufacturing, and health.
I recommend that those planning to use CrowdStrike Falcon should migrate from their old traditional antivirus to next-gen antivirus, which will help them protect their environment.
The biggest advantage of this solution for my customers is that it is a single solution that fulfills most of their security concerns while being easy to manage.
I rate CrowdStrike Falcon ten out of ten.
Which deployment model are you using for this solution?
CrowdStrike Falcon Endpoint Protection : Security and Features ( EDR)
What do you like best about the product?
We have been using Crowstrike's Falcon Platform for over 5 years now. It is great at what is does and while the Falcon Platform itself can be pricey (though about on par for the competition), additional tools are included or very affordable (SIEM/Log Collector or CSPM for example). It's very easy to deploy, especially in a modern setting. The functionality within the tool is exactly what our team is looking for - EDR, isolation, remote response, and more. Charlotte AI helps detection and response with autonomous reasoning and action.
What do you dislike about the product?
Good Product for security point of view but TAC support can be much better.
Also, Cost is very High.
What problems is the product solving and how is that benefiting you?
Real-Time Detection - Uses advanced behavioral analytics to identify and stop attacks quickly. Lightweight Cloud-Native Agent - Minimal impact on endpoint performance with easy deployment and updates. Intuitive User Interface - Clean, user-friendly dashboard that simplifies monitoring and incident response.
Highly Recommended for Enterprise-Grade Endpoint Protection
What do you like best about the product?
What I like best is the combination of lightweight performance and powerful threat detection capabilities.
CrowdStrike Falcon provides real-time visibility into endpoint activity without impacting system performance (it happen one a time in absolutely). Its cloud-native architecture enables fast deployment and scalability, while the Threat Graph delivers rich contextual intelligence for advanced threat hunting and rapid incident response. The platform's integration with other tools (SIEM, SOAR) also makes it highly versatile in complex environments.
What do you dislike about the product?
some advanced features may require separate licensing tiers, which can add to overall cost and complexity.
What problems is the product solving and how is that benefiting you?
faster incident response, reduced dwell time, improved threat hunting, and increased confidence in our overall endpoint security posture. Its cloud-native architecture also ensures scalability and ease of management across large environments.
Best XDR Tool
What do you like best about the product?
Crowdstrike Falcon is best XDR tool for threat protection. It maintains a database of all the systems that is monitors in the network. Crowd strike Falcon Endpoint Protection Platform is highly regarded for its lightweight, cloud-native architecture, real-time threat intelligence, and AI-powered detection and response capabilities. It comes as one platform for all workloads.
What do you dislike about the product?
There is nothing dislike point in this product.
What problems is the product solving and how is that benefiting you?
Crowdstrike stops breaches and simplifies endpoint protection. Lightweight agent and smoothly deployment.
Today's market best XDR
What do you like best about the product?
The deployments features, the compatibility, the insights threats, the custom reports
What do you dislike about the product?
I don't have dislikes so far, the product cover all my needs
What problems is the product solving and how is that benefiting you?
Crowdstrike is my first line of defense, both at endpoint and server layer
