External reviews
External reviews are not included in the AWS star rating for the product.
NGAV Crowdstrike Review
What do you like best about the product?
Falcon Complete gives you the peace of mind in terms of the new attacks in the market. Customer does not have to worry about the management of their NGAV. Everything is managed by Crowdstrike which gives you time to focus on other areas.
What do you dislike about the product?
Cost- Crowdstrike is too costly in comparision to others
What problems is the product solving and how is that benefiting you?
Scanless detection and Prevention
Recommendations to others considering the product:
Please go for the Crowdstrike, this will give you peace of mind.
- Leave a Comment |
- Mark review as helpful
CrowdStrike NGAV is complete enterprise solution. I like it more rather then any other SIEM solution
What do you like best about the product?
It is integrated with solutions against adversaries like MITRE and kill chain are really useful to prevent against any known or unknown malware or threat. and the best part is , I do not need to rely on signatures even if it's disconnected. and also investigation graph for deeper analysis.
What do you dislike about the product?
It does not comes with demo environment. they do not provide you any demo environment for lab training or something. neither it is paid or free. crowdstrike should provide free or paid demo console access to everyone not only on organization level like microsoft or aws.
What problems is the product solving and how is that benefiting you?
as a admin, it helps with real time response, sensor updates, keeping eye on dashboard for recent activites, event search through spl, reporting.
Falcon NGAV gave me an experience beyond words.
What do you like best about the product?
fantastic protection, effortless deployment
What do you dislike about the product?
Limited features in the free tier, which does not allow people to explore the product
What problems is the product solving and how is that benefiting you?
We deployed it at an enterprise level to cover more than 20k+ employees. It helped restrict significant exploitation attempts with Machine learning and artificial intelligence detections of unknown malware and ransomware.
Behavior-based indicators play an essential role in diagnosing unexpected issues.
Behavior-based indicators play an essential role in diagnosing unexpected issues.
Very easy to protect system from any type of attack
What do you like best about the product?
The best thing that I like about Crowdstrike tool is it gives us a complete picture about what all progress was executed which leads to detect the file as suspicious like it tell us attack pattern in case of true positive
What do you dislike about the product?
Sometimes it becomes difficult to fetch event logs or we are unable to fetch list of incident we got in particular time frame
What problems is the product solving and how is that benefiting you?
The benefits of using crowdstrike is that it is able to detect any suspicious activity carried out on specific device where crowdstrike is installed
This is a must have for corporations that are fighting against cyber attacks
What do you like best about the product?
Relatively easy to deploy and highly efficient, integration with other vendors is available using APIs.
What do you dislike about the product?
I think reporting is something Crowdstrike could invest more.
What problems is the product solving and how is that benefiting you?
We are constantly fighting against cyber attacks, Crowdstrike is one of the top tools we have in our toolbox.
Recommendations to others considering the product:
I highly recommend Crowdstrike epp; you'll reduce the number of machines you reimage because of cyber incidents. If you also use Proofpoint, make sure you enable the Integration between them. Your email gateway will be able to use Crowdstrike infrastructure to decide about block attachments.
I recommend the CrowdStrike to organizations to protect their endpoint devices from cyberattacks
What do you like best about the product?
1. Dashboard Flexibility - we can get a clear picture of what's going in the network environment. Mainly, the incident and detections widgets are very important. The overall scoring of incidents will be crucial to understand how safe the network is. Additionally, the mitre tactics will be clearly displayed. The home screen search gives flexibility for the analysts to quickly check for IP/hostname/file details within seconds.
2. Incident Scoring - it will trigger with an indication of critically scoring out of 10. The incident details are, with flow-based and behavioral-based pre-analysis will be given. Each stage of flow will be represented with a full description, block action, and mitre attack mapping.
3. Detection Mechanism - mainly focuses on file-based detection, which comes with a lot of filters where we can filter will hostname, filename, mitre tactic, block action, severity, etc.
4. Event Search - All the Investigate search fields help to search each and every event.
5. Overwatch alerting - are a more important part of monitoring. The critical true positive incidents will trigger as overwatch. The probability of getting true positive incidents is very high.
6. Finally, the Support team of crowdstrike will also keeps eye on the critical things happening in our environment and notify us.
2. Incident Scoring - it will trigger with an indication of critically scoring out of 10. The incident details are, with flow-based and behavioral-based pre-analysis will be given. Each stage of flow will be represented with a full description, block action, and mitre attack mapping.
3. Detection Mechanism - mainly focuses on file-based detection, which comes with a lot of filters where we can filter will hostname, filename, mitre tactic, block action, severity, etc.
4. Event Search - All the Investigate search fields help to search each and every event.
5. Overwatch alerting - are a more important part of monitoring. The critical true positive incidents will trigger as overwatch. The probability of getting true positive incidents is very high.
6. Finally, the Support team of crowdstrike will also keeps eye on the critical things happening in our environment and notify us.
What do you dislike about the product?
1. More focused on only file-based executions.
2. Machine Learning based detections throw more false positives. Unnecessary blocking of genuine executions will sometimes impact business.
3. For Endpoints protection, it can have the best alternatives with the best features like Microsoft ATP, Zscalar.
2. Machine Learning based detections throw more false positives. Unnecessary blocking of genuine executions will sometimes impact business.
3. For Endpoints protection, it can have the best alternatives with the best features like Microsoft ATP, Zscalar.
What problems is the product solving and how is that benefiting you?
1. File-based detections is the biggest positive in Crowdstrike.
2. Overwatch alerts will be the most probably true positive incidents. It will alarm in the CS console as well as in the mail.
3. We can see what all applications installed in the user's machine.
4. Almost 65% percent of work will be done by crowdstrike itself without analyst intervention.
2. Overwatch alerts will be the most probably true positive incidents. It will alarm in the CS console as well as in the mail.
3. We can see what all applications installed in the user's machine.
4. Almost 65% percent of work will be done by crowdstrike itself without analyst intervention.
Recommendations to others considering the product:
I strongly recommend the Crowstrike to organizations to protect their endpoint devices from cyberattacks. Almost all the major incidents can be mitigated with this Endpoint protection.
It is excellent cloud based NGAV with full proof protection..!!
What do you like best about the product?
It is reaaly good in manageability and monitoring entire organization in single console with very less effort.
What do you dislike about the product?
Crowdstrike Store must be more user friendly and product needs to display with full description with use case.
What problems is the product solving and how is that benefiting you?
It is work with less compute power and use unwanted disk operation. The endpoint works really well in terms of other peers competition.
Compared to other Commercial Endpoint solutions Falcon has superior technology and it is hassle free
What do you like best about the product?
features like Threat actors details, network quarantine capabilities, malware execution map & Dashboard
Threat actors database.
Dashboard filtering capabilities and eliminating falsepositives with just a click.
RBAC (role based access control) features enables high security towards authentication.
Email alerts is helpful for rapid threat response to aviod potential security incident.
Intergration capabilities with ITSM tools is an added advantage.
Threat actors database.
Dashboard filtering capabilities and eliminating falsepositives with just a click.
RBAC (role based access control) features enables high security towards authentication.
Email alerts is helpful for rapid threat response to aviod potential security incident.
Intergration capabilities with ITSM tools is an added advantage.
What do you dislike about the product?
Initially, eliminating the false positives and purging them is time-consuming. Agent deployment for Windows flavored OS is easy. But for a Linux-based system, it is a tedious task.
Extracting logs or report for troubleshooting should be even more used readable. I liked the Dashboard, but Falcon can still improve a few automation to eradicate known false positives.
Main Disadvantage: Active endpoint scanning is not possible CrowdStrike only analysis the network traffice and behaviour with in the system. Falcon should introduce quick scan and full scan features to over come this disadvantage.
Duplicate alerts and related ITSM tickets are a problem with falcon, In my experience I have experienced Crowdstrike reporting multiple alerts for same issue. This results in huge number of ticket creation (If Intergrated with ITSM) or large amount of emails spamming your Inbox.
Extracting logs or report for troubleshooting should be even more used readable. I liked the Dashboard, but Falcon can still improve a few automation to eradicate known false positives.
Main Disadvantage: Active endpoint scanning is not possible CrowdStrike only analysis the network traffice and behaviour with in the system. Falcon should introduce quick scan and full scan features to over come this disadvantage.
Duplicate alerts and related ITSM tickets are a problem with falcon, In my experience I have experienced Crowdstrike reporting multiple alerts for same issue. This results in huge number of ticket creation (If Intergrated with ITSM) or large amount of emails spamming your Inbox.
What problems is the product solving and how is that benefiting you?
I have mostly been a Security Analyst. I have investigated alerts reported by Falcon. In a nutshell, we used Crowdstrike for Managing all the endpoints used for business.
Benefits- Real-time status and statistics, since using dashboard one can control the agents so in terms of incident response one can network quarantine a system (if found with malware) with just a few clicks using central Dashboard.
This feature will surely help restrict ransomware from spreading across systems.
Benefits- Real-time status and statistics, since using dashboard one can control the agents so in terms of incident response one can network quarantine a system (if found with malware) with just a few clicks using central Dashboard.
This feature will surely help restrict ransomware from spreading across systems.
Recommendations to others considering the product:
The product is futuristic and will surely add multiple automation over the period. But for Endpoint Detection and Response (EDR). I would recommend CrowdStrike as the market's Pioneer.
One of the most advanced EDR available in the market
What do you like best about the product?
The way alerts are triaged and broken up for easy understanding
What do you dislike about the product?
Nothing. Everything is good in this EDR.
What problems is the product solving and how is that benefiting you?
Most of the threats to a organization are through the mistakes of the users which is directly monitored by CS Falcon
Recommendations to others considering the product:
Start using this in the organisation for better security
It the best solution in market
What do you like best about the product?
Capability of the tool and the performance of the tool and
What do you dislike about the product?
Nothing there is that I dislike about crowdstrike
What problems is the product solving and how is that benefiting you?
Real time response is the best feature
Recommendations to others considering the product:
It's the best in market
showing 151 - 160