External reviews are not included in the AWS star rating for the product.
I am a cybersecurity analyst, responsible for conducting log and user activity analysis, managing and escalating support tickets, and overseeing performance monitoring, phishing analysis, and incident response for the company's systems. We use CrowdStrike Falcon Cloud Security as our primary security tool.
We implemented CrowdStrike Falcon Cloud Security as our EDR, to instantly mitigate any potential threats to our IT infrastructure.
Every month, CrowdStrike provides us with training on new features and how to use them effectively. This helps my team and me improve our security skills.
The immediate mitigation of potential threats and instant alerts are valuable.
CrowdStrike Falcon Cloud Security is expensive.
I have been using CrowdStrike Falcon Cloud Security for over three years.
I have not experienced stability issues in the time I have been using CrowdStrike Falcon Cloud Security.
I would rate the scalability of CrowdStrike Falcon Cloud Security a nine out of ten.
I have contacted technical support many times and they are always quick to respond and resolve my issues.
Positive
Previously, we relied on IBM QRadar for our security needs. However, we transitioned to CrowdStrike Falcon Cloud Security to achieve greater security capabilities and cost efficiency.
We used an integrator for the implementation.
As EDR solutions represent organizations' last line of defense against intrusions, CrowdStrike Falcon Cloud Security has been a worthwhile investment.
CrowdStrike Falcon Cloud Security is pricy.
I would rate CrowdStrike Falcon Cloud Security a nine out of ten.
I recommend CrowdStrike Falcon Cloud Security as a robust and effective EDR solution.
CrowdStrike Falcon serves as our go-to tool for endpoint detection and response. We often leverage scripts to implement actions such as blocking and isolating specific machines. These scripts help us pinpoint and flag machines within the system that require investigation. Our focus involves delving into logs, scrutinizing identities, and ensuring a secure cloud posture through effective cloud posture management.
The primary focus lies in the swift and effective response to potential threats. CrowdStrike's Remote Threat Response feature allows remote access to machines under investigation, provided they are online. This capability significantly aids in expediting the investigative process. Additionally, the tool supports threat hunting within the Falcon framework. An aspect worth noting is the tool's proficiency in making correlations within internal data, including both machine and user logs.
The RTR feature stands out as particularly valuable to me due to its capability to log into machines. Whether it's a Linux machine, allowing me to execute native Linux commands, or a Windows machine, where I can use PowerShell commands, it empowers me to seamlessly proceed with my investigations. This flexibility is a key factor that enhances the overall effectiveness of my work.
I tend to focus more on the forensic aspects, believing there's potential for additional improvements in that area. I've noted that CrowdStrike recently introduced a new feature in their latest update, aimed at enhancing forensic capabilities. Incorporating threat intelligence into the system would be a valuable addition.
I have been working with it for two months.
The stability of the platform has been consistently reliable, with no instances of downtime or issues encountered during installations. The process has been remarkably smooth, and I have not encountered any problems so far.
The scalability is quite impressive. With thousands of endpoints in our environment, we can effortlessly deploy additional agents on any new endpoint integrated into our system.
Regarding technical support, the response time typically takes a few hours. The speed of response may be influenced by the specific licensing arrangements in place. I would rate it seven out of ten.
Neutral
In my previous role, we predominantly relied on Azure solutions. Microsoft Advanced Threat Protection, encompassing Defender for Endpoint, Sentinel for Identity, and Security for Cloud Apps, constituted the core components of our security arsenal.
The deployment spans various locations and departments, encompassing all our endpoints. This includes multiple nationwide locations and extends to different continents. Maintenance is not a significant requirement. While we do make occasional updates to rules, our Security Management service takes care of this aspect. Updates, including new rules, are automatically implemented during the update process. Duplicative rules are removed in the course of these updates. Although we have some custom rules, the entire process is managed as part of a service, ensuring seamless and well-controlled cycles.
I have a stronger inclination towards Microsoft ATP. However, since joining this company just three months ago, CrowdStrike Falcon has become a part of my toolkit.
The user interface designs are highly user-friendly with some interesting settings. I would wholeheartedly recommend it to anyone not specifically seeking a source solution but rather a comprehensive Security Orchestration, Automation, and Response platform. The flexibility it offers to analysts is noteworthy, especially when utilizing the RTR feature. This allows seamless remote access to computers, where analysts can execute commands natively without disrupting user activities. It provides a valuable capability for conducting investigations discreetly and efficiently. Overall, I would rate it eight out of ten.
We use it for EDR as well as cloud security posture management. We also use file integrity and vulnerability management.
By implementing CrowdStrike Falcon Cloud Security, we wanted a 360-degree view of the security landscape of our enterprise. We wanted the complete view in one single dashboard, and our requirement was almost met with this solution.
We gained a lot of control and visibility into our cloud infrastructure using CrowdStrike Falcon Cloud Security. Within 30 days of deployment, we started seeing its value.
Cloud security posture management (CSPM) is most valuable.
There should be cloud storage scanning. We would like to have cloud storage vulnerability and threat management on any cloud storage.
I have been using this solution for three years.
It is stable. I would rate it a nine out of ten for stability.
It is scalable. I would rate it a nine out of ten for scalability.
In terms of our environment, we have multiple sites, multiple delivery centers, and multiple clouds. CrowdStrike Falcon Cloud Security is covering all aspects.
We had McAfee, and we replaced McAfee with CrowdStrike because of the features such as EDR. We got multiple security features from a single vendor.
It is deployed on the public cloud. We use AWS and Azure.
Its initial setup was straightforward. Its implementation took about 15 days.
We did the agent installation on a test bed or less critical devices. We monitored the performance, and we monitored the data coming into CrowdStrike from those deployments. Once we were satisfied, we followed a phased approach. Phase by phase, we covered all our resources under the CrowdStrike umbrella.
We implemented it in-house. We had two senior engineers involved.
In terms of maintenance, it does not require any maintenance from our side.
It is worth the money.
Its price is moderate.
I would recommend trying its features, evaluating it, and seeing if it fits your requirements. Only then proceed with the purchase.
I would rate CrowdStrike Falcon Cloud Security a ten out of ten. It is good.
We took this solution just for security purposes. We do not want someone to attack us, get into our environment, and get sensitive customer data.
It is good for security. We have a Palo Alto firewall, and we implemented CrowdStrike as an add-on feature.
Cloud security is one valuable feature. Spotlight is the other one. There is also vulnerability management and a couple of more features.
The console and the customer service are quite bad. We paid a big amount of dollars to them to implement it. We paid them for premium support.
It gets the work done, but the main problem with the solution is that if you remediate anything, it takes 45 days for you to get any of the features displayed on the dashboard. This is the real weakness of CrowdStrike. Their customer support is also not ready to help with it. If you remediate any cloud vulnerability that they are giving you, such as removing a host from your organization, it takes around 45 days for them to remove it from their console.
It has been around a year since I onboarded it in my company and have been using it.
It is stable.
It is scalable, but it depends on the organization's structure and how vast the environment is. Our environment is not that big, so scalability is okay. It is just that you need to deploy the sensors on the hosts.
I would rate their support a five out of ten because they do not respond. We have taken premium support with them. If we raise a case with them, it takes around two to three days to get a call scheduled with them. Even the TAM that we have got from them cannot help. If you go for any service from Google, Microsoft, or Amazon AWS, their TAM is always ready to help you with your queries, but in the case of CrowdStrike, the TAM says that you need to raise a support case, and they will help you out.
Neutral
I was not there in the organization at the time, so I do not know about it.
I lead a team of 18 people. I get it deployed on all of the EC2 instances through them.
Its initial setup was straightforward. It is very easy to use.
For the whole organization, it took two weeks because we needed the downtime as well to deploy it in the production environment.
In terms of maintenance, it does not require any maintenance from our side.
There was some consulting from the CrowdStrike team. They did help us to implement it.
Overall, five or six people were assigned to deploy the solution. They were infra-support engineers. It was deployed across multiple locations.
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
We did our research and after that, we implemented CrowdStrike. Secureworks was there. There were some different players that gave us the quotation, but in terms of the features and the price, CrowdStrike was good.
CrowdStrike offered us Spotlight, vulnerability management, and cloud solution management. There are different blades to it. We implemented it, and now it supports our environment. It is good.
To those evaluating this solution, I would say that it depends on their needs. If they need this product, they can go ahead and take it. It is straightforward, and it gets the job done.
I would rate it a seven out of ten.
I use CrowdStrike Falcon Cloud Security primarily for endpoint protection, including detection and response. It acts like a modern antivirus, automatically detecting and responding to threats based on defined policies. Additionally, it offers a vulnerability management module, highlighting machine vulnerabilities based on the number of managed machines.
The most valuable feature of CrowdStrike Falcon Cloud Security is its lightweight sensor, taking minimal space and not impacting server performance. The centralized console is a huge advantage, letting me manage everything from one place. It also allows running scripts directly on machines through the portal, making it highly convenient.
In terms of improvement, it would be more convenient if there was an easier way to install CrowdStrike, perhaps through better integration with Active Directory. This could automate the installation process for new machines in the environment.
I have been using CrowdStrike Falcon Cloud Security since 2020.
CrowdStrike Falcon Cloud Security is highly stable, with minimal false positives and performance issues. It operates smoothly without requiring much intervention.
CrowdStrike Falcon Cloud Security is scalable. While installation is manual on each machine, it is easy to deploy on any number of machines, and their console makes it simple to manage them all. CrowdStrike Falcon Cloud Security is widely used in our company, managing endpoint security on almost every device. The user base is around 50,000 plus.
I have been in touch with CrowdStrike's tech support for the past three years. Their support is excellent, quickly resolving issues and providing top-notch assistance, especially compared to other security vendors I have worked with.
We chose CrowdStrike because of its effective detection capabilities with minimal false positives. It enhances the overall safety of our company's environment from cyber threats.
It is a cloud-based solution managed by CrowdStrike. All we need to do is install a simple sensor on our machines, and they take care of the rest, providing us with a comprehensive endpoint security solution. We can easily monitor and manage security through their user-friendly interface. The installation and setup of CrowdStrike Falcon Cloud Security are very easy and require a good internet connection on your machine.
CrowdStrike Falcon Cloud Security is not cheap but it is worth the money. It simplifies administration by handling both vulnerability and endpoint security with just one sensor installation. In terms of cost, it is competitive and comparable to Windows Defender, offering better efficiency without the need for multiple consoles.
We explored other options like Trend Micro and Sophos before deciding on CrowdStrike. However, those tools had performance issues, especially on application servers and desktops due to their heavy installers. CrowdStrike stood out as it is lightweight and doesn't impact system performance during operation.
I would strongly recommend CrowdStrike Falcon Cloud Security to others. It is highly effective in providing accurate security and detecting cyber threats without overwhelming you with false positives. It allows you to focus on meaningful alerts, making it a value-for-money product. Overall, I would rate it as a nine out of ten.
I use Falcon Cloud Security as our primary EDR solution, integrated with Splunk for alert management. While Falcon effectively mitigates many threats automatically, we leverage it for targeted threat hunting when we observe unusual patterns or a high occurrence of specific tactics. This allows us to ensure we are not being targeted and provides insights into potential threats to our environment.
Falcon Cloud Security has significantly improved our organization by providing detailed and clear insights into potential threats. Its precise visibility allows us to see everything entering and leaving our environment, enabling us to effectively mitigate attacks and respond to potential security incidents.
The most valuable feature of Falcon Cloud Security is its comprehensive threat-hunting ability. It ensures we stay ahead of potential threats by providing detailed insights and allowing us to investigate and address security concerns proactively.
One area for improvement in Falcon Cloud Security is the support portal. While the documentation is comprehensive, I would like easier access to in-depth training and resources within the tool. Simplifying the portal for better navigation and learning would be beneficial.
I have been working with Falcon Cloud Security for a year.
The stability of the solution is a solid ten out of ten.
The scalability of the solution is excellent. I would rate it as a ten out of ten.
CrowdStrike's technical support is excellent. The team is highly knowledgeable and provides comprehensive assistance.
Before using CrowdStrike Falcon Cloud Security, I have used SentinelOne. They have different philosophies – SentinelOne is more automatic and easier to use, like a Mac, while Falcon is more technical, allowing for deeper customization and insights, akin to a PC. Falcon's comprehensive and technical approach aligns well with our SOC's needs.
Deployment is generally straightforward, but like many tools, it takes time to fine-tune and achieve optimal configuration.
While I have heard that Falcon Cloud Security can be expensive, I believe the investment is justified for the peace of mind it provides.
My advice for someone considering CrowdStrike Falcon Cloud Security is to do your homework and ask plenty of questions to fully understand the depth and capabilities of the tool. Overall, I would rate the solution as a nine out of ten.