Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Reviews from AWS customer

3 AWS reviews

External reviews

59 reviews
from and

External reviews are not included in the AWS star rating for the product.


    Dipak M Gohil

Efficient threat detection and seamless deployment improve overall security

  • September 03, 2025
  • Review provided by PeerSpot

What is our primary use case?

We are using CrowdStrike Falcon because it has very low surface impact and minimal consumption of our resources, and we mainly use it for our endpoint protection.

CrowdStrike Falcon helps with endpoint protection by having very low memory utilization and processor usage, so it doesn't impact the computer system performance, and the computer system works very fast compared to all other endpoint protection solutions.

We find it very unique that CrowdStrike Falcon, which we deployed in many countries wherever our offices are, can be installed very quickly, maintained on a single console, single panel of console, and it's really easy to use and deploy. We primarily use it for endpoint protection.

What is most valuable?

The single panel console of CrowdStrike Falcon is very user-friendly, which is what we are looking for. Having multiple administrators between various offices with this single console gives us the ability to see all offices, branch offices, and partners, making it very useful to detect machines, identify machines, and check security risks. Everything in the single console is very useful.

CrowdStrike Falcon has positively impacted our organization in terms of efficiency because it's very lightweight, easy to deploy, easy to manage, and works very efficiently. It quickly detects issues and doesn't have a signature-based system, so it works fast and takes immediate action.

What needs improvement?

I don't think anything is missing in CrowdStrike Falcon, but if they can manage their SOC solution instead of users or the end users or customers doing that, it will be very useful, just as Sophos does.

For how long have I used the solution?

We have been using CrowdStrike Falcon for the past seven years.

What do I think about the stability of the solution?

CrowdStrike Falcon is stable; I have not had any issues with reliability or downtime.

What do I think about the scalability of the solution?

For scalability, CrowdStrike Falcon deserves a perfect score of ten out of ten.

How are customer service and support?

Regarding customer support, our experience has been really positive as they are very quick to assist us.

The customer support deserves a rating of ten out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were previously using Symantec Endpoint because we were not getting proper quotations, pricing, or support, particularly in India, which is why we wanted to switch.

What was our ROI?

In terms of return on investment, we find that CrowdStrike Falcon has ROI covered because less manpower is required. It's very easy to deploy without many IT admins, saving time, and while I cannot specify the money saved, the time saved is money in terms of manpower. This makes it very useful, quick to run, quick to install, easy to manage, and easy to deploy.

What's my experience with pricing, setup cost, and licensing?

We do not find any price challenges or setup costs with CrowdStrike Falcon; everything is smooth.

Which other solutions did I evaluate?

We evaluated three products, which were Sophos, CrowdStrike Falcon, and Trend Micro, before choosing CrowdStrike Falcon.

What other advice do I have?

In some cases, we have Excel files with VBA code inside, and CrowdStrike Falcon detects that it's a bit risky for us. When people download EXE files that are threats to our organization, it detects them very quickly. It also detects threats under ZIP files and can show us the path from where it came and where it goes, allowing us to easily see where the infection is and where it has spread.

My advice for others looking into using CrowdStrike Falcon is that as an endpoint protection solution, Falcon is always reliable, and I can recommend that this is the product you can deploy and forget all the worries.

We are an end user customer of CrowdStrike Falcon; we are not a partner or reseller, and we are not receiving any gift card or incentive for this review. We are just sharing our experience as an end user and as an IT Manager.

I rate CrowdStrike Falcon 9 out of 10.

Which deployment model are you using for this solution?

On-premises


    Mohamed-Atta

Provides comprehensive threat protection and seamless integration with third-party tools

  • September 02, 2025
  • Review provided by PeerSpot

What is our primary use case?

I am a customer of CrowdStrike Falcon through a consultant, and our company is headquartered in India, while our consultant is a sister company also located in India.

We use CrowdStrike Falcon internally in our company.

I am using CrowdStrike Falcon for its purpose, which is to save the company from any attacks, viruses, or whatever threats are available.

What is most valuable?

The most useful feature of CrowdStrike Falcon is protection, though it cannot be described in one word.

Protection is the main purpose of CrowdStrike Falcon.

CrowdStrike Falcon has positively impacted my organization by providing good protection, logs, and reports, which I find very good.

What needs improvement?

One area for improvement in CrowdStrike Falcon could be the user interface and reports; it requires some improvements to be easily handled.

For the reporting in CrowdStrike Falcon, I need specific data because in most reports, some of the data is not with that importance for the collector, so the reports need to be more specific for each purpose.

For how long have I used the solution?

I have been working with CrowdStrike Falcon for around three years.

What do I think about the stability of the solution?

Regarding stability and reliability, I find CrowdStrike Falcon to be stable; nothing has happened since we installed it, and there are no bugs or issues from the software.

What do I think about the scalability of the solution?

I can say that CrowdStrike Falcon is sufficient in terms of scalability from my point of view; it is capable of working with our current infrastructure or setup, and I believe it's sufficient.

How are customer service and support?

My interaction with technical support for CrowdStrike Falcon was fine; they supported me and provided a solution for my issue.

Based on my experience, I would rate the technical support for CrowdStrike Falcon an eight.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before CrowdStrike Falcon, I used an application called Kaspersky, but not for the same purposes.

Which other solutions did I evaluate?

I did not evaluate other options before choosing CrowdStrike Falcon because it was a forced decision from our headquarters, from the mother company.

What other advice do I have?

Currently, I do not remember exactly what version of CrowdStrike Falcon we are using because I'm managing the team, but I can check the right version later.

We are using the latest version of CrowdStrike Falcon.

CrowdStrike Falcon has not helped me predict and prevent potential breaches by itself, but with support from other applications such as Splunk and Windows Defender, it has contributed.

I integrate CrowdStrike Falcon with third-party tools.

I have to integrate CrowdStrike Falcon with other applications to get the most protection, and the integration is smooth and everything works well.

I am using the lightweight agent.

For the system performance, the lightweight agent is fine; it has not affected performance too much, and generally it's acceptable.

I rate CrowdStrike Falcon eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    Sampath Acharya

Single-agent architecture enhances security while minimizing complexity and costs

  • September 02, 2025
  • Review provided by PeerSpot

What is our primary use case?

The main use cases for CrowdStrike Falcon from my customers are the lightweight agent, which is very easy to use, and it will protect the complete environment in a single dashboard.

A specific use case from my customers for CrowdStrike Falcon is that the SaaS-based single agent can protect all the platforms.

What is most valuable?

The best features of CrowdStrike Falcon are the single agent and the fact that there is no daily signature update.

There is no daily signature update because it operates as a signatureless solution.

Regarding the lightweight agent, all other solutions have multiple agents, which degrade system performance; however, this single agent has multiple features that increase system performance.

The elimination of on-prem infrastructure through CrowdStrike Falcon's cloud-native architecture has impacted my customers by reducing both cost and complexity, as they are now using the cloud-native solution.

What needs improvement?

I recommend that some deep-dive trainings are required for the NG SIEM, specifically for their next-generation SIEM module, as they need some basic trainings for that.

To clarify, deep-dive trainings are required specifically for the NG SIEM or next-gen SIEM.

For how long have I used the solution?

I have been working with CrowdStrike Falcon for six years.

How are customer service and support?

For technical support, I would rate it as a nine out of ten.

There are no complaints about the support.

How would you rate customer service and support?

Positive

How was the initial setup?

It is easy to set up CrowdStrike Falcon.

What was our ROI?

My customers have seen a return on investment with CrowdStrike Falcon.

While I do not have specific details currently available, those who purchased are very happy with the solution.

What's my experience with pricing, setup cost, and licensing?

The price is reasonable when comparing it to other tools.

The license cost is typically per device.

Based on the modules customers purchase, the cost will increase, as they have more than 28 to 32 modules.

What other advice do I have?

The feature called Threat Graph for threat hunting helps in terms of security to predict and prevent breaches by showing how threats are evolving and how we can protect the customer environment, which helps us build better security.

I have integrated CrowdStrike Falcon with existing SIEM solutions and security frameworks.

It helps to streamline incident response processes because it is very easy to integrate with SIEM solutions like IBM QRadar and HPE ArcSight; for the incident response, it helps us correlate with other solutions.

My customers using CrowdStrike Falcon are mainly from all industries, including ITES, finance, marketing, manufacturing, and health.

I recommend that those planning to use CrowdStrike Falcon should migrate from their old traditional antivirus to next-gen antivirus, which will help them protect their environment.

The biggest advantage of this solution for my customers is that it is a single solution that fulfills most of their security concerns while being easy to manage.

I rate CrowdStrike Falcon ten out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    BambangTrisilo

Seamless management and installation elevate cybersecurity architecture

  • May 28, 2025
  • Review from a verified AWS customer

What is our primary use case?

I am using CrowdStrike Falcon for laptop, desktop, our server, and VM, including Linux, Windows server, and Linux server.

What is most valuable?

The most beneficial features of CrowdStrike Falcon are that it is easy to install, easy to manage, lightweight, and it can stop breaches.

The impact of CrowdStrike Falcon lightweight agents on system performance and visibility is good, with only one agent required.

Speaking about the utilization of Falcon threat graph for threat hunting, it helps my security team to predict and prevent potential breaches.

Considering that CrowdStrike Falcon is a cloud-native architecture, the elimination of on-premises infrastructure makes cybersecurity maintenance cost and complexity minimal, because we only need to install it and then monitor from the dashboard.

What needs improvement?

In Indonesia for SMB companies, the price is higher than other solutions.

For SMB organizations, the price may be higher than others, which means they have to think twice about it, but for enterprise companies, the cost is not a concern.

I have been using it for about six years and do not have any problems. The pricing is the only issue.

For how long have I used the solution?

I have been using CrowdStrike Falcon since 2019, before the pandemic.

What was my experience with deployment of the solution?

In terms of deployment of CrowdStrike Falcon, it is quite easy and there are no challenges with deployment.

What do I think about the stability of the solution?

As for stability, I would rate it around eight because last year they faced some downtime with around eight thousand computers, but it will improve.

What do I think about the scalability of the solution?

For scalability, I would rate it a nine because they can scale efficiently with many users.

How are customer service and support?

Technical support from CrowdStrike Falcon is good because usually in Indonesia we have a partner, and if the partner cannot address the issue, we discuss with CrowdStrike directly.

I would rate technical support a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

What was our ROI?

CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.

I am not sure about the exact percentage of money it saves, as I have to calculate the risks, but we are satisfied because CrowdStrike Falcon has stopped breaches and prevented hackers.

Which other solutions did I evaluate?

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

What other advice do I have?

My rating for CrowdStrike Falcon would be eight points because there are many antivirus competitors. For those who want to use CrowdStrike Falcon, they should be mindful of the higher price compared to others.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    Bhupesh-Sharma

Long-term experience has led to streamlined deployments and flexible solutions

  • May 21, 2025
  • Review provided by PeerSpot

What is our primary use case?

The typical use case for CrowdStrike Falcon depends on what kind of service the customer is looking for. Most customers look for antivirus, endpoint detection and response, or possibly managed detection and response, which leads them to reach out to us.

When we speak to the customer, they usually tell us that they're looking for antivirus or endpoint detection and response, and we then introduce CrowdStrike Falcon.

What is most valuable?

CrowdStrike Falcon has many valuable features. The solution is used for multiple functions, including MDR, XDR, and CNA solution. It depends on which category you're looking for, and you have to customize the customer's equation accordingly.

CrowdStrike Falcon can be deployed both on-premise and in the cloud, and it's an on-call solution that can be deployed anywhere by simply deploying the agent on the end devices.

What needs improvement?

Certain areas of CrowdStrike Falcon have room for improvement, but it depends on the specific services being discussed. CrowdStrike offers multiple services, and most of the product comes in the Falcon service, so it's important to be specific regarding whether the discussion is about ADR, antivirus, XDR, or MDR, as it's one of the best solutions in the market.

I believe nothing can be done to make CrowdStrike Falcon a ten out of ten, as I think it's one of the best solutions in the market. However, rating it a ten overall would imply there's no scope for improvement, but to survive in the market, changes must be made every day. Every customer and solution has tendencies for improvement, which is why I'm not giving a perfect score.

For how long have I used the solution?

I have more than two years of experience working with CrowdStrike Falcon.

What do I think about the stability of the solution?

I find nothing to miss in terms of stability; there are no glitches, and the solution is stable.

What do I think about the scalability of the solution?

I would rate the scalability of CrowdStrike Falcon highly because it only depends on the customer's infrastructure and what kind of scalable environment they have. There's no scalability limitation from CrowdStrike itself, as it just requires agent deployment.

How are customer service and support?

I would rate the technical support from CrowdStrike as good, actually more than good.

How would you rate customer service and support?

Positive

How was the initial setup?

CrowdStrike Falcon can be deployed both on-premise and in the cloud, and it's an on-call solution that can be deployed anywhere by simply deploying the agent on the end devices.

What was our ROI?

The return on investment from CrowdStrike EDR depends on each company's circumstances and how they are utilizing the solution.

What's my experience with pricing, setup cost, and licensing?

The price of CrowdStrike Falcon depends on which product we are discussing, as pricing can vary significantly based on the customer's profile and budget.

What other advice do I have?

We are part two of CrowdStrike. The time it takes to deploy CrowdStrike Falcon depends on the customer setup.

My clients vary in size, as we can reach all types of businesses, whether small, medium, or enterprise.

Based on my experience, I would recommend CrowdStrike Falcon solutions to other people. I rate the solution an eight out of ten.


    Jai Prakash Sharma

Continuous monitoring strengthens security despite past challenges

  • May 21, 2025
  • Review provided by PeerSpot

What is our primary use case?

In my cybersecurity strategy, I use CrowdStrike Falcon mainly as an EDR solution for us. Currently, we are using it as an EDR. We are also in discussion along with the CrowdStrike team where we can have a managed SOC integrated.

In the online industry, we are using CrowdStrike Falcon, specifically in online classified, which you could call e-commerce.

What is most valuable?

For threat detection, the most effective feature I find in CrowdStrike Falcon is 24/7 managed monitoring, which is basically a next-gen antivirus and next-gen endpoint detection and response. In endpoint detection and response, the best part is 24/7 365 continuous monitoring to the endpoint for identifying any suspicious activity.

CrowdStrike Falcon serves as a next-gen AV, which basically does AI-based behavioral analysis to detect and act on malware or ransomware.

The automated response capabilities in CrowdStrike Falcon handle incidents based on the behavior of the activity, performing analysis in case it finds more objectionable content. If there is blocking or breaking any of your site map or something of that sort, it is an untraditional way. If the traffic behaves suspiciously, it triggers an automated response to block it. Additionally, if it detects a file which might have an extension of MIME type of maybe a document whereas it is self-replicating, that sends a suspicious activity alert. In such cases, the detection happens automatically. Because in case it's a zero-day, many times such files automatically get put in a sandbox to extract it and see why it is identified as malware. It offers automated threat detection as well, not only automated response.

Falcon's integration capabilities with other tools enhance my security posture because it has a very lightweight agent, and having a unified console gives us complete visibility, including endpoints, servers, containers, cloud workloads, everything.

What needs improvement?

To make CrowdStrike Falcon better for the next release, I recommend that they should have a model where it works as agentless. In terms of everything which the agent pushes to the server or to the single console, having a feature where you can have another port, which is SNMP or your network devices or OT devices, which you can specifically monitor, would be great.

For how long have I used the solution?

I have been using CrowdStrike Falcon for more than two years now.

What was my experience with deployment of the solution?

CrowdStrike Falcon is fairly easy to set up, according to my experience and our team's experience. Since we have a heterogeneous environment, for Windows it is very straightforward and easy, but for Linux it is a bit complex since you need to automate it. If you have a bulk force, then you have to use some CMF or something similar. Overall, it is still fairly easy.

For deployment, it takes approximately a couple of minutes.

What do I think about the stability of the solution?

During these two years with CrowdStrike Falcon, I certainly faced some problems, including the known CrowdStrike outage, which was quite pinching and brought many of the Windows-related services to a halt just because of one bad configuration push from CrowdStrike tracks.

Except for the incident mentioned above, I have not seen any recent issues with stability.

What do I think about the scalability of the solution?

CrowdStrike Falcon is easy to scale for my company's needs.

How are customer service and support?

I have contacted CrowdStrike for issues, and the response was poor. That particular experience was pretty bad, with people not knowing what was happening, how to mitigate, or what to do. We were in a bad situation, but after a couple of hours, their communication started flowing fine, and things gradually started improving. For that particular instance, I would rate it less than four.

Which solution did I use previously and why did I switch?

Before working with CrowdStrike Falcon, I evaluated options such as Carbon Black and SentinelOne.

How was the initial setup?

CrowdStrike Falcon is fairly easy to set up, according to my experience and our team's experience. Since we have a heterogeneous environment, for Windows it is very straightforward and easy, but for Linux it is a bit complex since you need to automate it. If you have a bulk force, then you have to use some CMF or something similar. Overall, it is still fairly easy.

For deployment, it takes approximately a couple of minutes.

What was our ROI?

As for return on investment after implementing CrowdStrike Falcon, I would say if it is protecting my environment, that itself meets my expectations so far.

What's my experience with pricing, setup cost, and licensing?

CrowdStrike Falcon is pretty expensive.

Which other solutions did I evaluate?

I do not see a lot of advantages in CrowdStrike Falcon; however, because of one particular problem, we had to give away SentinelOne. Otherwise, all three products are quite comparable.

What other advice do I have?

For those who would like to use CrowdStrike Falcon, I recommend negotiating hard on commercial terms because it is not an easy or affordable solution. From a commercial standpoint, you should negotiate hard, but technically, it is not very difficult.

CrowdStrike Falcon is a user-friendly tool.

On a scale of one to ten, I rate CrowdStrike Falcon an eight.


    Waleed Omar

Provides effective real-time threat detection with potential for cost optimization

  • May 21, 2025
  • Review from a verified AWS customer

What is our primary use case?

We are protecting our endpoints, workstations, servers, and cloud workloads. This includes effective use of antivirus and detection and response capabilities.

I am working at Arab Open University, and we are using CrowdStrike Falcon as our security product.

What is most valuable?

The most beneficial part is the active response capability of the product. Being an EDR solution, it helps us identify attacks in real-time. The product runs in the background 24/7. The most interesting aspect is the behavior analysis functionality, which analyzes the behavior of any suspicious activity.

It identifies threats efficiently due to its built-in intelligence and AI capabilities, which has been extremely helpful for our organization.

What needs improvement?

Some features such as device control, firewall management, and file analysis are standalone products that we need to purchase separately. If these features came out of the box within the product, it would be much more beneficial for us. Other providers such as SentinelOne include these features in their base product.

We attended a CrowdStrike Falcon event where they discussed some shallow AI features, but we cannot see these in our panel yet. We work with different solutions such as Darktrace and SocRadar, where AI features are automatically displayed in our dashboards after release. However, for CrowdStrike Falcon, we cannot see these features.

For how long have I used the solution?

We have been using the solution for almost four years.

What was my experience with deployment of the solution?

It is a straightforward plug-and-play deployment.

What do I think about the stability of the solution?

Sometimes there are minor glitches, approximately 1% of the time. The biggest issue occurred when every computer worldwide experienced a blue screen. However, they solved the problems and introduced a new feature for channel updates. This has been much more beneficial, and while human errors can occur in any product, we cannot solely blame CrowdStrike Falcon for such incidents.

How are customer service and support?

The customer service is good and efficient in terms of responding. They could improve by initiating calls for high-priority cases instead of just opening tickets. When we open a support ticket, they should call to discuss what happened and listen to our concerns.

How would you rate customer service and support?

Neutral

How was the initial setup?

The setup is straightforward, and most of our integration is within the package. However, for the integration part, we need to purchase additional modules from CrowdStrike Falcon. If this functionality was included as a free standalone feature within the built-in solution, it would be more market competitive. Competitors such as SentinelOne and Microsoft Defender provide this functionality out of the box without additional charges.

What was our ROI?

We have not calculated the ROI extensively, as we typically only calculate it when there is dissatisfaction. On a scale of one to ten, the ROI would be five, which translates to approximately 60%.

What's my experience with pricing, setup cost, and licensing?

The solution is a bit expensive.

Which other solutions did I evaluate?

We are using Darktrace as an email security solution, not as an EDR.

What other advice do I have?

I would rate CrowdStrike Falcon a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?


    Rojal Barreto

Advanced AI integration boosts security effectiveness

  • May 20, 2025
  • Review provided by PeerSpot

What is our primary use case?

I am using it for endpoint protection.

What is most valuable?

The features I appreciate the most are numerous; the overall product is very good, actually.

This is an advanced tool in terms of AI which is implemented and integrated. CrowdStrike Falcon has a ransom detection time of less than 50 seconds. Detection and taking down violations and breaches takes a minimum time of 59 seconds. Intelligence is very good, as AI is integrated with this solution. The integration capabilities in CrowdStrike Falcon are very good.

What needs improvement?

If tomorrow is the next release of the product, new features would be helpful, but at the moment, the product is very good. Nothing specific comes to mind about what new features they can add.

For further improvements, I can only think of one example because this is very important for us; they could reduce the price. Then it would deserve a rating of seven.

For how long have I used the solution?

We have been using it for three to four years and have not encountered any issues.

What was my experience with deployment of the solution?

Regarding challenges or problems with the product, I haven't noticed any current drawbacks. The challenge occurred last year in July when there was some patch update failure, which caused many issues. However, we have overcome that situation.

What do I think about the stability of the solution?

The stability is good.

What do I think about the scalability of the solution?

We have been using it for three to four years and have not encountered any issues. More experience with this product might come with increased usage.

How are customer service and support?

The technical support from CrowdStrike Falcon is good.

I would rate the support an eight.

How would you rate customer service and support?

Positive

How was the initial setup?

The installation and deployment are straightforward. It is very good and can be integrated with the management engine.

What was our ROI?

The Return On Investment saves around 30%.

What's my experience with pricing, setup cost, and licensing?

The licensing cost and setup costs are affordable.

What other advice do I have?

I am a computer engineer by profession.

The maintenance is automatic.

I would rate CrowdStrike Falcon as nine overall.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other


    Mahmoud Younes

User-friendly platform enables streamlined threat management and enhanced endpoint visibility

  • May 15, 2025
  • Review provided by PeerSpot

What is our primary use case?

For our use cases, we are using it to collect IOCs, and we also are using EDR, with injection integrated with our SIM solution to create some use cases.

What I find beneficial about CrowdStrike Falcon is that it performs effectively. We are focusing only on EDR and creating use cases regarding user processes or endpoints, particularly user behavior analytics.

What is most valuable?

The CrowdStrike Falcon has enhanced our cybersecurity posture in our organization by providing full visibility for each endpoint.

The real-time analytics aspect of CrowdStrike performs well because we get all logs in real-time, with no delay, allowing us to take action immediately.

The integration capabilities of CrowdStrike are excellent; we can integrate it with many SIM solutions and SOAR, and we have already integrated with different platforms. While integrating it with other platforms, I do not remember facing any issues, as we have a very good team for custom connectors, and the integration is smooth without any challenges.

What needs improvement?

We do not leverage AI within the CrowdStrike Falcon, as we are using different products LLM, and I am unsure if CrowdStrike has the capability to integrate it with local LLM or if I need to use commercial LLM such as OpenAI.

I am currently investigating SOAR in CrowdStrike because I have seen some articles about it, but I am uncertain if it is operational now or still in development.

I do not have any specific features I would want to see included in CrowdStrike.

For how long have I used the solution?

I have been working with the CrowdStrike Falcon for almost three years.

What do I think about the stability of the solution?

I find CrowdStrike to be stable; there are no issues, although there was one instance when we had an outage for updating the Falcon Agent, but since then, it has been stable without any issues.

What do I think about the scalability of the solution?

In terms of scalability, I find CrowdStrike to be stable, and I have not encountered any limitations with it. CrowdStrike covers around 2,800 endpoints for us.

How are customer service and support?

Regarding maintenance, the service is excellent; if we face any issues, we open a ticket with the CrowdStrike support team.

I would evaluate CrowdStrike tech support as excellent because they have a very fast response.

On a scale of one to ten, I would rate the technical support as a 10 because they resolve many issues for us.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before CrowdStrike, I worked with other solutions for EDR and XDR, specifically Trend Micro and Microsoft Defender's Endpoint, as we are working in MSSP.

The main differences between CrowdStrike and Trend Micro or Microsoft solutions are that CrowdStrike gives me more visibility, while with Defender, I have to run queries which are not easy to use. Even network telemetry for CrowdStrike is very simple and easy to read, allowing for faster understanding compared to Defender where creating rules requires more tuning. Regarding disadvantages of CrowdStrike in comparison to Defender or Trend Micro, I do not see any.

How was the initial setup?

I was not involved in the implementation part of CrowdStrike in my environment because I arrived after it was already installed, so I did not start from scratch.

What was our ROI?

Currently, I do not see any tangible benefits from CrowdStrike regarding incident improvement time, response time, or cost saving.

What other advice do I have?

Based on my experience, I would recommend CrowdStrike to others because it is user-friendly and easy to manage, unlike other solutions that require experienced personnel; CrowdStrike's documentation is also very clear.

I would recommend it to other users because it is a perfect product.

It is an easy solution that anyone can manage, providing many benefits for endpoint visibility and allowing for the creation of many custom use cases without the need for much fine-tuning to get true positive alerts.

On a scale of one to ten, I would rate CrowdStrike Falcon as a product and solution as an eight.

Which deployment model are you using for this solution?

On-premises


    Haroon-Rasheed

security analysts handle rules and investigations swiftly with real-time detection

  • February 12, 2025
  • Review provided by PeerSpot

What is our primary use case?

As a security analyst, I primarily focus on creating rules, conducting investigations, and integrating new devices with our CrowdStrike system. After these integrations, I also check the status to ensure everything is functioning properly.

What is most valuable?

For threat detection, CrowdStrike provides queries and searches. If I need to find any IOCs, I would say that is my best option. During a cyber war, once we gather some IOCs, we can ingest them into CrowdStrike. This ensures that if we encounter an attack using those IOCs in the future, we receive alerts, allowing us to investigate further. Also, the detection capability of CrowdStrike is quite real-time. If we enforce a policy preventing users from inserting USBs into the PC and it triggers, it happens in real-time without delay.

What needs improvement?

Currently, users manually input IOCs, and it would be beneficial if IOCs released by major companies were automatically integrated into CrowdStrike. We retrieve files from vendors, which incurs costs. Automating this process could be cost-effective and time-saving.

For how long have I used the solution?

I think I have been using it for around seven and a half years.

What was my experience with deployment of the solution?

There is no maintenance required because I, as a user of CrowdStrike, am part of the security team. I mainly configure new threat detections or explore new dashboards.

What do I think about the stability of the solution?

The stability is quite impressive, and I am enjoying it.

What do I think about the scalability of the solution?

It is stable, and I haven't encountered any issues. It is manageable and comfortable.

Which solution did I use previously and why did I switch?

I am a security analyst, and CrowdStrike is utilized as part of EDR. For websites, other attacks, and banking systems, we have used QRadar, ELK, Sentinel, and some locally built detection systems.

How was the initial setup?

For me, as a security analyst, it doesn't require months or days. Many tasks can be completed in hours. With experience, even critical tasks can be done in minutes.

What about the implementation team?

Whenever our company hires a new employee, they provide him with credentials. He installs the agent and inputs the credentials. The process is entirely console-based.

What was our ROI?

It depends on the size of the company and the tasks we undertake.

What's my experience with pricing, setup cost, and licensing?

I don't have much information about the setup costs, but it was manageable. CrowdStrike offers three or four packages depending on the company's size, and we purchased the most expensive one for better operations.

What other advice do I have?

I would recommend that if you need a quick response against real-time attackers, you should consider purchasing CrowdStrike. Windows Defender doesn't match up, so configuring it on EC2 instances is better for small and large-scale companies as well. Overall rating: nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud