CrowdStrike Falcon Endpoint Protection
CrowdStrikeExternal reviews
419 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Lightweight, Invisible Agent with Powerful One-Click Network Containment
What do you like best about the product?
The best part is definitely the single, lightweight agent. Unlike our old antivirus, which used to slow down laptops and require constant reboots for updates, Falcon is almost invisible to end users. I also really love the 'Network Containment' feature being able to isolate an infected machine from the network with one click (while still keeping the connection to the console) is a huge stress reliever for our team.
What do you dislike about the product?
It’s a 'premium' product with a premium price tag. If you’re a smaller shop, it’s hard to justify the cost compared to something like SentinelOne or even Defender for Business. Also, the learning curve is pretty steep. The query language (FQL) is powerful but it isn't exactly intuitive—you really have to spend time in the documentation to do anything beyond basic alert checking. I also wish the reporting templates were a bit more flexible without having to export data elsewhere.
What problems is the product solving and how is that benefiting you?
The biggest problem Falcon solved for us was 'alert fatigue.' Before switching, we were drowning in notifications from our legacy AV that mostly turned out to be false positives. Falcon’s behavioral AI is much more accurate—it filters out the noise so when my team gets an alert, they actually take it seriously. It’s also saved us a ton of time on deployment. We can push the agent to hundreds of remote machines without a reboot, which means no more scheduling late-night maintenance windows just to update our security.
Well-Organized EDR Portal with Easy Navigation and Detailed Detections
What do you like best about the product?
My favorite part of the EDR platform is the platform itself. The portal is very well organized. The navigation of the dashboard is easy to follow to locate the components you are actually looking for. I also like the detection page because of the great breakdown of detailed information it provides in one window.
What do you dislike about the product?
It's a bit of a double-edged sword. I like the dashboard layout and the separation of each function, but there can be information overload sometimes. The portal itself is well organized, the data being presented can be overwhelming and hard to follow though. For this reason, the home page of the dashboard can be so valuable as you can see the most significant information cleanly instead of in the mix with so much other information. This could be more of the result of me not personally being as versed in cyber-security.
What problems is the product solving and how is that benefiting you?
It serves as just that. It's an endpoint protection tool. It allows our district to confidently monitor our issued devices. Working in schools can open the door to many threats, but the platform allows for me to see what exactly is being accessed and installed. I can perform analysis and remediate issues as they arise. Gone are the days of waiting for a teacher to report issues; I can actively see what is being performed on our laptops.
Accurate Threat Detection with Centralized Endpoint Visibility
What do you like best about the product?
CrowdStrike Falcon endpoint protection platform provides accurate detection and timely warnings of threats. It also offers centralized management and clear visibility across hosts, making it easier to monitor and manage endpoints from one place.
What do you dislike about the product?
Setting up the API connectors for Log Management in the Next-Gen SIEM is a bit complicated but support is always there to help with that
What problems is the product solving and how is that benefiting you?
Legacy antivirus tools often can’t reliably detect or stop modern threats such as ransomware, fileless malware, zero-day attacks, credential theft, and lateral movement, largely because they tend to depend on signature-based detection and periodic scans.
Falcon Solution: It uses AI-powered detection, behavioral analytics, and next-gen antivirus capabilities to identify and block threats in real time
Falcon Solution: It uses AI-powered detection, behavioral analytics, and next-gen antivirus capabilities to identify and block threats in real time
All-in-One protection with easy handling
What do you like best about the product?
I appreciate that all CrowdStrike modules are unified in one platform. I particularly like the auto-update function of the endpoint sensor and the ease of operation and administration. The platform requires little CPU and RAM, which is very helpful. I also find it good that the analyst has many options to respond to attacks and receives numerous log files. The initial setup was very easy because the platform is intuitive and there are many guides available.
What do you dislike about the product?
The UI is partially overloaded and not modern enough, sometimes the UI reaches its limits.
What problems is the product solving and how is that benefiting you?
I use CrowdStrike Falcon Endpoint Protection Platform for the detection of next-generation attacks with integrated threat response. All CrowdStrike modules are unified in one platform. The auto-update function, easy operation and administration, and low CPU and RAM usage are useful.
Cloud-Native Security Solution
What do you like best about the product?
I like the cloud-native architecture of CrowdStrike Falcon Endpoint Protection Platform, as it eliminates the need for on-premise management with hardware. The lightweight agent and the fact that a single agent manages both EPP and XDR is a big plus for me. It's always up-to-date, which is great. Fast incident investigation is another feature that I find beneficial. I also appreciate the provision with the tenant provided by CrowdStrike, mass deployment with MDM solutions, and policy creation according to best practices.
What do you dislike about the product?
The solution is very good, but there are support challenges I'm facing. When I raise a ticket in the support portal with a priority 1 issue, there's a response delay and I often have to provide multiple logs.
What problems is the product solving and how is that benefiting you?
I use CrowdStrike Falcon Endpoint Protection Platform for agent connectivity and analyzing threats. I like its cloud-native architecture, lightweight agents, and fast incident investigation.
CrowdStrike Falcon Endpoint Protection Platform is amongst the best out there!
What do you like best about the product?
Crowdstrike Falcon Endpoint Protection's interface is extremely intuitive.
What do you dislike about the product?
In all honesty, I love the product. My only dislike, i would say, is my fear they may repeat their mishap with Windows Updates.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform has helped us secure all of our endpoints across multiple platforms.
Powerful Endpoint Security That Works Quietly in the Background
What do you like best about the product?
As an individual user, what I appreciate most about CrowdStrike Falcon is how unobtrusive yet effective it feels. Once it’s installed, it runs quietly in the background without noticeably slowing down my system, which makes a big difference in day-to-day work. I don’t have to actively manage it or constantly watch for alerts, yet I still feel confident knowing my device is protected.
From my perspective, it’s also reassuring that the platform emphasizes real-time threat detection and behavior-based analysis rather than relying only on traditional antivirus signatures. Overall, it gives me a strong sense of security while allowing me to stay focused and keep my normal workflow uninterrupted.
From my perspective, it’s also reassuring that the platform emphasizes real-time threat detection and behavior-based analysis rather than relying only on traditional antivirus signatures. Overall, it gives me a strong sense of security while allowing me to stay focused and keep my normal workflow uninterrupted.
What do you dislike about the product?
Because it’s an enterprise-level security tool, most of the controls are managed by the IT or security team. As an individual user, that means my visibility into what the software is doing behind the scenes is fairly limited, and I don’t always have much context when something happens. Occasionally, legitimate applications or processes get flagged, and resolving that typically requires coordinating with IT to review and approve whatever was blocked. Even so, it comes across more as a cautious safeguard than a true flaw, and it’s understandable given the level of protection the tool is designed to provide.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon helps protect endpoints from malware, ransomware, and advanced cyber threats without requiring constant user involvement. Before using it, our security posture felt more reactive and overly dependent on traditional antivirus tools. With Falcon, detection and response are more proactive and happen in real time. For me, that translates into fewer security-related interruptions, a lower risk of infections, and more peace of mind when working with sensitive company data. Overall, it lets me stay focused on my work while the security side is handled reliably in the background.
AI-Driven Protection with Setup Challenges
What do you like best about the product?
I like the lightweight agent and AI-driven threat prevention the most. The intuitive dashboards make quick incident response a breeze. The lightweight Falcon agent, which takes just 40-50 MB of disk space, deploys with minimal CPU and memory usage, ensuring no slowdown on endpoints like laptops or servers. AI-driven threat prevention uses behavioral analysis to detect and block zero-day attacks and ransomware instantly, reducing manual monitoring for IT teams and enhancing security value by preventing breaches before they escalate. CrowdStrike Falcon Endpoint Protection excels at real-time threat detection and prevention with its lightweight, cloud-native agent. It's ideal for enterprises needing robust EDR and automated response without performance issues. With AI-powered threat detection and easy deployment, it's lightweight and stops advanced attacks fast. We use it with Netskope SASE and integrate it with SIEM tools for better security and advanced threat visibility, which strengthens our endpoint protection and overall security posture.
What do you dislike about the product?
High pricing can be a barrier for smaller organizations. The advanced features have a steep learning curve, requiring training for full utilization. Integration with some legacy systems may need extra effort. CrowdStrike Falcon could improve advanced features like deeper vulnerability management and automated remediation. Integration with legacy systems can be challenging—simplifying connectors and offering better compatibility would make adoption easier. The initial setup isn’t very easy—you need an expert for proper implementation. Basic steps like installing the agent are simple, but configuring policies and advanced features requires technical expertise.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection blocks zero-day threats and ransomware, streamlines incident response, reduces breach risks without slowing devices, and excels at real-time threat detection and prevention.
Lightweight, Cloud-Native Endpoint Security with Powerful AI Threat Detection
What do you like best about the product?
Its lightweight, cloud-native design that delivers strong security without slowing down systems. It provides real-time, AI-driven threat detection that effectively stops advanced attacks, while the centralized dashboard gives clear visibility across all endpoints and makes investigation and response easier. Deployment and management are straightforward, and the platform scales well, making it reliable and efficient for enterprise environments. Good support
What do you dislike about the product?
What I dislike about CrowdStrike Falcon Endpoint Protection Platform is that it can be expensive, especially for small or budget-conscious organizations.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform solves the problem of detecting and stopping modern cyber threats that traditional antivirus tools often miss, such as ransomware, fileless attacks, and zero-day malware. It does this by using cloud-native architecture and AI-driven threat detection, giving real-time visibility across all endpoints and enabling faster investigation and response. This benefits me by strengthening overall security, reducing the risk of breaches, and making it easier to manage and respond to incidents across the organization without heavy infrastructure or performance impact on devices.
Deep Endpoint Visibility, Powerful CQL, and Exceptional CrowdStrike Support
What do you like best about the product?
One of the standout features of CrowdStrike Falcon is its versatility as a data source, providing deep visibility into endpoint activity and threat telemetry. The platform’s CrowdStrike Query Language (CQL) is intuitive yet powerful, enabling security teams to perform complex queries without requiring extensive training. This makes investigations and threat hunting highly efficient.
Additionally, the ability to create dashboards quickly and customize them to specific operational needs is a major advantage for monitoring and reporting. The integration with CrowdStrike’s Next-Gen SIEM capabilities further enhances the platform’s value by centralizing and correlating data across multiple sources, improving detection and response times.
Another aspect I truly appreciate is that the CrowdStrike team is constantly improving the platform and actively listens to customer feedback. They are highly engaged and will not hesitate to address issues or implement enhancements—especially when you meet them at Fal.Con, where collaboration and innovation are clearly prioritized.
Finally, CrowdStrike’s support team is exceptional—fast, knowledgeable, and proactive in resolving issues, which significantly reduces downtime and ensures smooth operations.
Additionally, the ability to create dashboards quickly and customize them to specific operational needs is a major advantage for monitoring and reporting. The integration with CrowdStrike’s Next-Gen SIEM capabilities further enhances the platform’s value by centralizing and correlating data across multiple sources, improving detection and response times.
Another aspect I truly appreciate is that the CrowdStrike team is constantly improving the platform and actively listens to customer feedback. They are highly engaged and will not hesitate to address issues or implement enhancements—especially when you meet them at Fal.Con, where collaboration and innovation are clearly prioritized.
Finally, CrowdStrike’s support team is exceptional—fast, knowledgeable, and proactive in resolving issues, which significantly reduces downtime and ensures smooth operations.
What do you dislike about the product?
Limited dashboard sharing options – Currently, dashboards cannot be shared outside of the CrowdStrike environment, which makes collaboration with external stakeholders or reporting to non-platform users more challenging.
Lack of built-in conditional access features – The platform does not provide native functionality for location-based access control or alerting. This would be a valuable addition for organizations looking to enforce granular security policies based on geolocation.
User interface complexity – Although feature-rich, the interface can sometimes feel cluttered and unintuitive, especially for new users. Streamlining navigation and improving UI consistency would enhance the overall user experience.
Lack of built-in conditional access features – The platform does not provide native functionality for location-based access control or alerting. This would be a valuable addition for organizations looking to enforce granular security policies based on geolocation.
User interface complexity – Although feature-rich, the interface can sometimes feel cluttered and unintuitive, especially for new users. Streamlining navigation and improving UI consistency would enhance the overall user experience.
What problems is the product solving and how is that benefiting you?
Rapid threat detection and response – The platform enables us to identify malicious actions almost immediately, significantly reducing dwell time and improving incident response. Combined with the CrowdStrike SOC’s 24/7 monitoring, we have continuous protection and expert oversight, which strengthens our overall security posture.
Enhanced device visibility – Falcon provides comprehensive visibility into endpoints across our infrastructure, including systems that would otherwise remain unnoticed. This capability is essential for maintaining an accurate asset inventory and ensuring that all devices are properly monitored and protected.
Operational flexibility – While primarily designed for endpoint protection, we have successfully leveraged the platform to automate software deployments, even though it was not originally built for this purpose. This demonstrates the versatility and adaptability of the solution within our environment.
Enhanced device visibility – Falcon provides comprehensive visibility into endpoints across our infrastructure, including systems that would otherwise remain unnoticed. This capability is essential for maintaining an accurate asset inventory and ensuring that all devices are properly monitored and protected.
Operational flexibility – While primarily designed for endpoint protection, we have successfully leveraged the platform to automate software deployments, even though it was not originally built for this purpose. This demonstrates the versatility and adaptability of the solution within our environment.
showing 11 - 20