I used the tool since my company wanted a product with next-generation antivirus and EDR, as it can help with the detection of malicious activities and behavior detection, and the MI and machine learning part in the tool also helps.

Only for the customized IOCs, there is a need to highlight certain aspects, and based on it, we get to block only the hash values but is not based on the file name, like .exe, or other extensions, so I can't block them, making it in an area where the solution needs to improve.

My company had raised a concern with CrowdStrike's support team when one of the antivirus applications that communicates with CrowdStrike started misbehaving. For both the aforementioned tools, the same support ticket had to be raised. If my company had to provide any suggestions regarding the whitelisting part, there was a delay of over a month when dealing with the product's support team. If the tool's support team suggests users follow certain steps, and if it is not followed or is not in progress, then after two or three days, the tool's support team needs to join a video call and provide a resolution to the users.

Some policies in the tool need to be fine-tuned. Customized IOCs need to be improved since they have certain shortcomings. With the customized IOCs, it can be made possible to block a file extension with a filename or file extension type of blocking. Providing users with the ability to customize policies would be a good improvement to the solution.

I have been using CrowdStrike Falcon Threat Intelligence for a year. I am a user of the tool.

Stability-wise, I rate the solution an eight and a half out of ten.

Scalability-wise, I rate the solution an eight out of ten.

My company's cybersecurity and IT security team use the tool. In my company, there are 15,000 users. For servers, there are 1,500 users.

Right now, there is no need to increase the usage of the tool.

The solution's technical support is not good. I rate the technical support a four to five out of ten.

Neutral

I have experience with Palo Alto.

The detection and other functionalities in CrowdStrike and Palo Alto are the same, but cost-wise, CrowdStrike is reasonable. Technically, I would prefer Palo Alto over CrowdStrike.

The product's deployment phase is easy. I rate the setup phase of the tool as a ten on a scale where one is difficult and ten means it is an easy process.

The solution can be deployed in the cloud and on an on-premises model.

The solution can be initially deployed in a minute.

Considering the number of users, servers, cloud, and on-premises environment, it hardly takes 15 to 20 days. When there are laptop and desktop users who are online, and there is a need to install the agent, then there can be some issues, and with such minor things, ten days are more than enough for the installation.

CrowdStrike is a reasonably priced tool.

In terms of the ability of the tool to deal with threats, I would say that the product does it by around 85 percent.

The real-time response of the tool is good, and I feel it is around 90 to 95 percent.

The tool's incident-handling capability is good.

Considering the influence of the product on our company over some time, I would say that the solution is cost-effective and offers good threat detection features. The tool's interface is also good.

The tool's AI features are good, but they are not useful for our company since the area of detection is not something in our bucket right now.

If you have a big budget, go with Palo Alto. If you have a low budget and want a tool that provides more accuracy during detection, then it is better to go with CrowdStrike.

I rate the tool a nine out of ten.

The tool helps to increase security because the threats we face keep changing, so we need better protection. In the past, we've faced some attacks on our network, and while we managed to deal with them, we realized we needed even stronger protection. That's why we decided to implement CrowdStrike Identity Protection.

The main feature we rely on is the product's intelligence. We appreciate the advice from the team during implementation. One of the main reasons we chose this product is its compatibility with Office 365.

Improvement is always possible. It's challenging to gauge how much future mitigation is provided, especially since we've only been using the product for about one and a half years. Every product faces this challenge because nothing is ever completely foolproof. So, besides relying on technology, we also focus on increasing our staff's awareness of security issues. Feedback from my colleagues suggests that the reporting and dashboarding of incidents could be improved.

I have been working with the product for one and a half years. 

I rate the tool's stability an eight out of ten. 

Scalability isn't a problem for us. Many big multinational companies use CrowdStrike Identity Protection, so it's designed to handle environments like ours without any issues. My company has 500 users. 

The tool's deployment is easy. Thanks to the installation scripting we utilized, the technical rollout took about two weeks. Then, there was some additional time, around two to four weeks, for customization and configuration. After that, the systems were up and running. So, all in all, it took about three months to have our mitigation strategies in place. We have one engineer for maintenance. 

I rate the overall product an eight out of ten. I would recommend it to others. However, it's crucial to understand areas where the product might not provide coverage and how to mitigate those gaps. For example, it covers endpoints, networks, and Office 365 environments, but are there other areas in the attack surface that it doesn't address well? It's essential to be aware of any potential gaps upfront.

The solution helps in preventing incidents. However, it's challenging to quantify the exact impact because we don't know what would have happened without it. It's similar to having insurance for your house. 

We use CrowdStrike Falcon for intrusion prevention management.

CrowdStrike Falcon proactively blocks threats and provides us with insights.

CrowdStrike Falcon integration is seamless.

The endpoint and server management are the most valuable features of CrowdStrike Falcon.

CrowdStrike Falcon's GUI requires improvement for user-friendliness. The console's available options are unclear, making it difficult to understand and extract details. Additionally, correlating information within the console and reports proves challenging.

I have been using CrowdStrike Falcon for two years.

CrowdStrike Falcon had some initial stability issues in our environment, likely due to its new integration. However, it appears to have matured and is now functioning reliably.

Being cloud-based, CrowdStrike Falcon offers easy scalability. Adding licenses through procurement increases resources without the need for additional hardware, making scaling straightforward.

While the technical support meets all response time commitments outlined in our Service Level Agreement, some users believe they should strive for a higher standard – a Security Level Target. This means responding to security incidents immediately, not just within SLA windows. Security tools are crucial for our environment's protection, and their use shouldn't be limited by SLA constraints.

Positive

After using Symantec, Trend Micro, McAfee, and VMware Carbon Black, we migrated to CrowdStrike Falcon due to a lack of support from the previous vendors and their shortcomings in comprehensive threat detection.

I would rate CrowdStrike Falcon eight out of ten.

The maintenance required is reasonable.

We have 6,000 endpoints in our environment.

CrowdStrike Falcon shines with its user-friendliness, providing clear insights into the endpoint environment. Proactive features are a major plus, offering actionable items and valuable attack path simulations that empower better decision-making.

We use Falcon to check the login attempts of the users. We can see who has logged in and when. We can see which workstation is assigned to each user. CrowdStrike helps us enforce policies, such as USB policies and users recycling passwords. 

CrowdStrike is deployed on every workstation, so policy changes can be enforced on all of them. It lowers the manual work on each of the workstations. It has helped us manage device usage in our environment. 

I like CrowdStrike's policies. The integration is easy to do. I can remember once when Falcon prevented a security breach occurred because someone clicked on a phishing link, and their credential was compromised. We used threat tracking to isolate the device from networks. 

I have used Falcon for two years.

I rate Falcon nine out of 10 for stability. 

I rate Falcon eight out of 10 for scalability. 

I rate CrowdStrike Falcon nine out of 10. 

Due to compliance requirements, our organization utilizes CrowdStrike Falcon as our Endpoint Detection and Response solution. This decision was particularly driven by the need to address a surge of ransomware attacks within our environment, experiencing between ten and 15 incidents at the time. The implementation of an EDR solution became crucial for effectively responding to these threats.

Our existing system lacked real-time monitoring and visibility, causing detection delays of even several minutes. CrowdStrike addressed this by offering near-instantaneous detection across the entire system. Furthermore, it allows for manual or automated response actions, significantly improving our overall incident response speed.

Integrating CrowdStrike Falcon with other solutions such as our SIEM was easy.

The key aspect of CrowdStrike Falcon is its behavioral detection approach. Unlike traditional signature-based platforms that rely on pre-defined patterns, Falcon analyzes an application's behavior to identify and respond to threats much faster. This makes it lightweight and minimizes impact on system performance. The sandbox feature is also valuable, while it incurs an additional cost, it can be valuable for deeper investigation.

The UI is not efficient. We are required to dig down to get more information, jumping from screen to screen.

I have been using CrowdStrike Falcon for three and a half years.

CrowdStrike Falcon generally ran smoothly with minimal lag.

CrowdStrike Falcon meets our scaling needs. To increase usage we simply add more agents.

Frustrated by CrowdStrike's slow and inconsistent technical support, we ended up having more success researching and resolving the issue ourselves.

Neutral

Leveraging the cloud platform, the initial deployment was straightforward. We simply needed to activate and deploy the agents. While configuration for a seasoned professional only took one to two hours, the entire deployment process typically takes a couple of days.

CrowdStrike Falcon can be more expensive than some competitors, and its base price doesn't cover every feature. For instance, adding sandboxing for advanced malware analysis incurs an extra cost.

We evaluated CrowdStrike and SentinelOne. However, since we bought the CrowdStrike, we did not move forward with SentinelOne.

CrowdStrike stands out for its superior threat detection speed, lightweight agents that don't impact system performance, and its helpful recommendations for responding to threats. This combination allows us to swiftly stop even unknown threats in their tracks.

I would rate CrowdStrike Falcon eight out of ten.

Two engineers max are required for maintenance.

We have 5,000 CrowdStrike Falcon users within our organization.

CrowdStrike Falcon utilizes a behavioral approach to security, proactively identifying threats based on their actions rather than relying on pre-defined signatures. This allows for faster response times compared to traditional signature-based systems.

A popular choice for Data Loss Prevention is CrowdStrike Falcon. This is the primary function our clients leverage it for, as it offers industry-leading DLP capabilities.

CrowdStrike Falcon has helped our customers secure their confidential data.

The DLP is the most valuable feature of CrowdStrike Falcon. Additionally, the scanning is good and the deployment is easy.

The console is not user-friendly or visually appealing and has room for improvement. I would like a single pane of glass dashboard.

I have been an integrator of CrowdStrike Falcon for one day. 

CrowdStrike Falcon is stable.

I have also worked with Trend Micro and Panda.

The initial deployment is straightforward. I would rate the ease of setup nine out of ten.

Two people are required for the deployment.

I need to upgrade the software occasionally but it doesn't require continuous maintenance.

While the specific deployment time varies depending on each client's individual environment, on average the process can be completed in a couple of days.

I only deploy the solution for clients, I don't calculate their ROI.

CrowdStrike Falcon's pricing is reasonable. We can customize features and that affects the pricing.

We pay 40,000 dirhams per 100 users.

I would rate CrowdStrike Falcon nine out of ten.

Our clientele ranges from small to enterprise-level businesses.

I recommend CrowdStrike Falcon as it provides all the features of an EDR.

We use the product for cloud security. We use it for prevention, to watch for gaps in security. We work with customers seeking prevention for advanced apps. 

Sometimes a customer has multiple solutions that come at a higher cost. They have to pay for all of these other security features. With CrowdStrike, customers get one agent for all system operations. It offers more security for remote work and clients gain access to the latest protections.

The solution offers good features. The prevention and device control are useful. It offers helpful firewall management and identity protection.

They've reduced the complexity and provide better security outcomes. Customers tend to prefer CrowdStrike. 

It's easy to deploy and manage.

The solution isn't known in my market. The brand isn't as recognizable. Their shortcomings are more on the marketing side. Everyone knows Microsoft Defender. Customers need to hear more about CrowdStrike and all the advantages and features on offer. 

We've used the solution for three to four months. 

I haven't had any issues with bugs or glitches. I haven't had a problem with stability so far. 

The capability to scale so far has been good. 

Technical support is good. 

Positive

I'm also familiar with Microsoft Defender. However, Defender works best with Microsoft and not necessarily other legacy applications. With CrowdStrike, you can secure all system operations and versions. It's easier to deploy and operate. 

The deployment is seamless and users get immediate protection. It's lightweight. There's one agent deployed to endpoints in minutes. The product offers consistent coverage. There's no complex integrations and it doesn't need fine-tuning. In comparison, Defender can be more complex.

CrowdStrike can be deployed on any operating system, not just Microsoft. 

There isn't really maintenance, it's set and forget. The agent updates automatically and receives continuous security updates, enabling immediate enforcement across endpoints. 

The solution is well worth the cost.

The costs are predictable. There are no surprises. 

In Chile, there are not a lot of CrowdStrike partners of the managed service; therefore, it's a little more expensive than Microsoft, as there are so many more managed partners for Microsoft. That said, if you look at the total cost of ownership, CrowStrike is better than Microsoft.

We're a reseller. We're still new to CrowdStrike. 

I'd rate the solution eight out of ten. The cost is good and they offer better tech support. Also, the protection is wonderful. 

We use Falcon to investigate threats and reduce risks in our environment. It covers multiple departments within the same building and company. All units are attached to one controller, so we can manage them from one point. 

We can implement different kinds of policies on sensitive data for various departments. For example, I can limit how data can be changed if I'm dealing with financial data. It's the same for production or logistics. We can set rules for data sharing and access because some departments need to share data with customers.

CrowdStrike's AI-driven analytics have improved our security considerably. It's sharing information from across the infrastructure and applying machine learning to prevent issues. This is a powerful, proactive approach to cybersecurity. It takes action in time to prevent the problem, so we don't need to remedy it after the fact. Sometimes, by the time you take action, it's already too late. 

Before deploying Falcon, I would avoid taking action due to potential risks. With CrowdStrike, I don't worry about recovering data, so I can focus on preventing situations. In two years, I have never had that problem. When I look at the platform, I can see all the notifications and the actions taken. I can see how potential attacks can possibly reach the server and create a significant incident. Thus, I can directly measure the quality of the service.

Falcon is easy to integrate with our infrastructure because we can control the entire network through our fiber router and switch. CrowdStrike can interface with all devices easily and provide integrated security. Falcon gives you greater control without any problems.

The agent will recognize issues immediately, and we can follow up to create a plan for if this problem reappears or is still present on the infrastructure. Falcon enables instant remediation. It doesn't take two or three days. It's in real-time.

Falcon has the capacity to identify potential problems quickly. The administrator can deploy the agent, and the users cannot change it. This assures you that the agent remains on this device. Also, the agent can act preemptively to provide alerts about potential problems. 

When there's a problem, you can follow the rules. For example, you can put a file that might be infected into quarantine or lock the device, preventing it from propagating the threat to other devices or networks. The agents are collecting information and feeding that back into the CrowdStrike platform, so you have 24/7 control and visibility. 

Falcon's deep learning capabilities are flexible and work across multiple operating systems. You can control everything from the same place, whether you're dealing with a Windows, Linux, or Mac device. You can define your policies precisely and decide how you want the platform to respond in any situation. 

CrowdStrike's AI approach is interesting because it improves the capacity to correlate information based on all the deployments on devices worldwide. It analyzes this data to identify something anomalous that could potentially be a problem in your environment. Falcon can isolate the issue to determine if it's a real threat. You will get an email saying the platform has identified a potential problem they are investigating. 

Falcon explains the steps they are taking. After the issue has been resolved, you will get another message showing CrowdStrike's analysis and evidence that the problem is now under control. I get about 20 emails from CrowdStrike daily. 

I want more ability to customize how you summarize the data. The default views are fine, but it would be interesting to be able to customize them based on the kind of data you want to see immediately. This can help the administrator gain an immediate overview and reduce the investigation time.

We have used Falcon for two years.

I rate CrowdStrike support 10 out of 10. They have one of the best teams that I've worked with. They're very fast and professional, with a high level of skill and knowledge. 

Positive

I previously used Sophos. It's a good solution that works well with other Sophos infrastructure, like firewalls, etc. For example, if the firewall is from Sophos, it can interact with the software to identify a problem. However, CrowdStrike is more powerful when using hardware from different vendors. It doesn't rely on specific hardware because it works with an agent, so you're more flexible and less constrained. 

Overall, Falcon is more powerful than other solutions. It is light on resource consumption. It has a minimal effect on the client when you have installed the system because everything is controlled by our cloud platform where you can see the portfolio of devices.

The installation was quite easy. The platform is based in the cloud, but you need to download agents based on your operating system. After you install the agents, you only need to configure the various devices on the cloud platform. CrowdStrike's platform is managed by the vendor. You can log in and manage your portfolio of devices and define your policy or apply profiles to groups of users and devices. 

We feel like Falcon is worth what we pay.  The cost of the solution is minimal compared to restoring data from a potential attack. 

Falcon's price is accessible, and it's a good value for the level of quality we get. We don't have any objections based on the cost, and we understand that you will pay more for an enterprise solution. There is no objection to the cost. It's appropriately priced for the service that we receive.

I rate CrowdStrike Falcon 10 out of 10.

We are a CrowdStrike Falcon distributor that helps clients monitor their environments for malicious activity coming from the internet.

Both users and administrators find CrowdStrike Falcon easy to use.

I like the vulnerability assessment and proactive hunting features of CrowdStrike Falcon.

To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features. The separate model pricing structure can make it challenging for clients to gain approval for their security needs.

CrowdStrike could consider regional pricing models to better reflect the economic realities of different markets.

I have been using CrowdStrike Falcon for 2 years.

CrowdStrike Falcon is stable.

CrowdStrike Falcon is scalable.

We have also used Sophos. CrowdStrike Falcon is a better solution but Sophos is more affordable.

The deployment is straightforward.

The cost of CrowdStrike Falcon in Latin America seems high relative to the economic conditions in the region.

I would rate CrowdStrike Falcon 9 out of 10.

To realize the benefits of CrowdStrike Falcon, it's recommended to conduct a proof of concept first. You should then start to see the advantages within a few months.

No maintenance is required from our end.

To ensure the successful implementation of CrowdStrike Falcon, it's essential to have a complete network map and inventory of all resources and devices.

We use CrowdStrike Falcon to investigate security detections for malicious activities in our environment.

CrowdStrike utilizes machine learning algorithms and detection rules to generate alerts for suspicious activity within our environment. We then investigate these detections individually, analyzing the details of each event.

In addition to automated detection, CrowdStrike allows for custom queries. For instance, if we need to investigate a specific host, we can leverage a cloud security language to examine its activity. Similarly, we can use CrowdStrike to search for activity related to particular users or hosts.

CrowdStrike Falcon provides significant additional value. It excels at identifying suspicious activity the moment an application appears in the environment, immediately bringing these incidents to the attention of our response team. Upon receiving an alert, our team can investigate and take appropriate action if anything malicious is found. In essence, CrowdStrike Falcon acts as a strong barrier against attackers.

In the past 3 years, we have encountered many scenarios where CrowdStrike Falcon has helped mitigate potential security breaches.

The detection and response console is the most valuable feature.

We encounter occasional issues, such as when disabling network access for a host that uses CrowdStrike. In these cases, the access disable process can be quite slow.

I'm using CrowdStrike Query Language, and I've noticed an issue with event backups. Searches exceeding a certain event threshold aren't capturing all results. For instance, if I run a search that returns 10,000 events in a single day, only 2,000 events are backed up. This limitation with CrowdStrike Query Language needs to be investigated.

I have been using CrowdStrike Falcon for over 3 years.

CrowdStrike Falcon is generally stable, although event searches may occasionally experience slow performance.

CrowdStrike Falcon's scalability is dependent on the license acquired.

The technical support live chat can experience long wait times. Submitting a ticket may result in a quicker response.

The company was using Carbon Black before I joined. When I came on board, they decided to switch to CrowdStrike.

I would rate CrowdStrike Falcon 9 out of 10.

CrowdStrike Falcon is deployed across multiple end-user systems and locations.

I recommend CrowdStrike Falcon. It's a wonderful security platform that's easy to use and requires minimal effort to maintain.