We use AWS to manage CrowdStrike Falcon. CrowdStrike Falcon is a cloud-native solution, and from the user side, we do not directly manage or choose the cloud provider. CrowdStrike handles the back-end infrastructure. As per my understanding, we simply access the CrowdStrike Falcon console in our cloud and deploy the endpoint agent. So from our perspective, we use it as a cloud-based service without directly interacting with the underlying cloud provider.
CrowdStrike Falcon Platform
CrowdStrikeExternal reviews
433 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Cloud-Native, Intuitive Dashboards and Lightweight Agents—A Solid Endpoint Security Tool
What do you like best about the product?
I think its cloud native architecture and intuitive dashboards are very helpful to manage endpoint security and also their agents are also lightweight so no need of performance drop on endpoints
What do you dislike about the product?
I have seen other products also so i think their pricing are bit higher than competitors so smaller teams with limited budgets not able to use this and also initial setup is also bit complex for new users
What problems is the product solving and how is that benefiting you?
It solves our bigger problem of our cloud security posture we have improved a lot with this platform and also it helps us to quickly solve the incidents happen on endpoints
Simple, reliable, and easy-to use system for daily workforce management
What do you like best about the product?
What I like most is how quickly it detects threats and gives clear visibility into what’s happening across endpoints. It’s lightweight, runs smoothly without slowing systems down, and the dashboard makes it easy to understand security events in real time.
What do you dislike about the product?
The platform is powerful, but it can take some time to get comfortable with all the advanced features. At first, the interface and query options may feel a bit complex, and tuning alerts sometimes requires extra effort to reduce noise.
What problems is the product solving and how is that benefiting you?
It benefits me by giving instant alerts on suspicious activity, reducing the time needed to investigate incidents, and providing clear context for faster response. It also helps improve overall security posture without slowing down endpoints, which makes day-to-day operations smoother and more secure.
Cloud-native security has improved real-time threat detection and streamlined daily operations
What is our primary use case?
What is most valuable?
The features that stand out are its lightweight agent, which doesn't slow down the system, and it is easy to use across multiple devices. This makes it easy for our team.
CrowdStrike Falcon's dashboard and reporting capabilities are very useful in daily operations. The centralized dashboard gives a quick overview of all alerts and system activities in one place. I also support customizable dashboards, so different team members can view the data they need. The reporting provides detailed insights, which helps with management. Overall, the combination of easy-to-use dashboards and detailed visibility with automatic reporting makes it very efficient for day-to-day security operations.
From a security perspective, it has significantly improved our ability to detect threats in real-time and respond quickly before they affect multiple systems. It has also made our work more efficient. Earlier, we had to manually check systems and investigate issues, which was time-consuming. With CrowdStrike Falcon, most of the detection and alerting is automated, so we can focus more on critical incidents instead of routine monitoring. Overall, it has helped us save time, reduce risk, and improve response time.
I have seen a noticeable improvement in time and efficiency with CrowdStrike Falcon. I can estimate that our team saves around thirty to forty percent of their time compared to our earlier processes. For example, earlier, it would take a significant amount of time to identify and investigate a suspicious activity, but now with CrowdStrike Falcon, we can detect and respond in minutes. This has significantly improved our response time and overall productivity.
What needs improvement?
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful.
The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
For how long have I used the solution?
I have been using CrowdStrike Falcon for around six months to one year.
What was our ROI?
We have definitely seen a return on investment with CrowdStrike Falcon in terms of time-saving and operational efficiency. While I don't have exact company-specific financial numbers, based on our experience and industry benchmarks, I can say that we have seen around a thirty to forty percent improvement in time spent on endpoint security operations. It has also reduced the risk of security incidents.
What's my experience with pricing, setup cost, and licensing?
The pricing typically depends on the number of endpoints and the features or modules selected. It is licensed per endpoint on an annual subscription basis. The pricing can vary depending on the subscription chosen. For example, the basic plan starts at a certain price per endpoint per year, while advanced plans with more features cost higher.
What other advice do I have?
In a recent situation while using CrowdStrike Falcon, we saw a suspicious process in the console. We checked the details and the system was showing it in quarantine. We found that the user was trying to access some suspicious link. The system generates alerts if there is suspicious activity. I rate this product an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Comprehensive Protection with Room for Faster Policy Application
What do you like best about the product?
I love how CrowdStrike Falcon Endpoint Protection Platform provides accessibility and usability by organizing all the relevant information for hosts within a single falcon console. It's easy to understand even for non-technical users. From the same console, I can check what processes are quarantined, take control of a specific host, and execute scripts. The platform supports multiple tools seamlessly without being hectic to configure, which is a big plus.
What do you dislike about the product?
When changing configurations for a specific host or a group of hosts, and applying any policy to a host or device, it takes much time to reflect and apply.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform offers comprehensive protection for endpoints, securing crucial data whether in transit or at rest. It simplifies accessing host device information through a user-friendly console, even for non-technical users, and allows easy management like quarantine or process control.
Strong and Reliable Endpoint Protection.
What do you like best about the product?
The improved AI-driven threat correlation and automated response workflows make it faster to detect and contain sophisticated attacks with less manual effort.
What do you dislike about the product?
Alert noise and interface complexity could still be reduced to help teams prioritize incidents more efficiently.
What problems is the product solving and how is that benefiting you?
It addresses key challenges such as detecting advanced cyberattacks (e.g., ransomware and malware) in real time, while also reducing our reliance on multiple, complex security tools by offering a unified, cloud-based platform. This helps us improve threat visibility, respond to incidents faster, and boost overall security efficiency, all while keeping system performance lightweight.
Real-Time Threat Protection with Lightweight, Cloud-Native Performance
What do you like best about the product?
What I like most about Crowdstrike Falcon is its ability to detect and stop threats in real time without slowing down endpoints. Its cloud-native architecture means there’s no heavy agent to manage. The visibility it provides across the entire environment also makes investigations faster and much more accurate.
What do you dislike about the product?
One thing I dislike is that the interface can feel overwhelming at first. There’s a lot of depth, but it takes time to learn where everything is and how it’s organized. Some advanced features also require additional modules, which can make the overall cost add up quickly.
What problems is the product solving and how is that benefiting you?
Crowdstrike Falcon helps us tackle the challenge of detecting modern, fast-moving threats across a distributed environment. Its real-time monitoring and behavioral analytics allow us to catch attacks early, often before they cause any damage.
Excellent Network Containment, RTR, and Endpoint & Identity Protection
What do you like best about the product?
Network containment, RTR, and managing endpoints and workflows, identity protection everything is so good
What do you dislike about the product?
Endpoint on-demand scan: if I initiate a scan on an offline host, it won’t run when the host comes back online, and the scan just fails. It would be really helpful to have a feature where an on-demand scan can be queued and then automatically start once the endpoint is online again.
What problems is the product solving and how is that benefiting you?
It helps with data breaches and with protecting the organisation from malware, and similar threats.
A Comprehensive Security Solution with Easy Deployment
What do you like best about the product?
I like that CrowdStrike Falcon Endpoint Protection Platform works efficiently in the background, which means it takes very little effort from our own team. This allows us to sleep better knowing our computers and servers are protected from malware. The platform also saves us a lot of time because we wouldn't have the resources to run a 24/7 security operations center with our own staff. Switching to CrowdStrike Falcon was significant because it offers both 24/7 service and expert support, not just the technology. The initial setup was very easy, and now it's automated, which I appreciate.
What do you dislike about the product?
They do have additional modules that might add value but we would have to pay extra for those. The admin portal is quite 'made for engineers' and requires knowledge and training to use it for customer.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform protects our computers and servers from malware, provides SOC services, and operates efficiently in the background, saving us time and resources.
Excellent Coverage and Depth—CrowdStrike Falcon Sets the Bar
What do you like best about the product?
CrowdStrike Falcon Endpoint Protection continues to provide excellent coverage and depth in its capabilities. Any other solutions we have looked at have a difficult time meeting the high bar set by CrowdStrike.
What do you dislike about the product?
It is hard to find something to dislike about CrowdStrike Falcon Endpoint Protection Platform.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform gives us peace of mind and confidence that our endpoints are covered by one of the best solutions in this space.
Endpoint security has improved and real-time detection and response reduce false positives
What is our primary use case?
CrowdStrike Falcon's main use case is endpoint security and threat detection, which are the primary purposes for which we are using it.
A day-to-day example of using CrowdStrike Falcon for endpoint security detection occurs when a user downloads suspicious files. The system detects this activity and triggers an alert to the administrator. CrowdStrike Falcon detects abnormal behavior of the system, and an alert is generated in a console. When I log into the console, I can see that some users are trying to access malicious files which are harmful for the organization. The security team isolates the endpoint based on this judgment. We can investigate using process trees and logs in CrowdStrike Falcon. Additionally, USB device control helps sometimes with USB blocking and data access via external storage.
What is most valuable?
The best features CrowdStrike Falcon offers are endpoint detection and response, cloud-native lightweight agent, AI-powered threat detection, threat hunting, and Falcon Overwatch.
The feature I use the most is endpoint detection and response, which you can call EDR. EDR makes the difference in this case because it provides real-time alerts for suspicious activity and full process tree visibility showing what ran, what spawned, and what is happening inside the LAN on the endpoint. It allows for quick investigation of endpoint logins and quick host isolation to stop the spread.
Using CrowdStrike Falcon typically leads to faster threat detection, quicker response, and better visibility across the endpoints. This means I can understand, or an administrator can understand the logs and situation, what is happening with the endpoint, and what suspicious behaviors are occurring inside the endpoints. It has reduced false positives and has a lightweight performance impact, resulting in no heavy use or heavy scans of the agent. User productivity is also increased on the endpoint side.
What needs improvement?
Regarding improvements in reports, when I try to pull a custom report, there are some mismatches, or it does not look professional. I hope CrowdStrike will improve their custom report or inbuilt report to look professional rather than appearing like just adding numbers. Based on the requirement, they should improve their custom reports.
For how long have I used the solution?
I have been using CrowdStrike Falcon for around one year.
What do I think about the stability of the solution?
CrowdStrike Falcon is very stable.
What do I think about the scalability of the solution?
The scalability of CrowdStrike Falcon is very good and very positive.
How are customer service and support?
Customer support is also appreciated as it is very good. I have raised multiple tickets with technical support, and every time I have received a good response from customer support.
Which solution did I use previously and why did I switch?
We did not use any kind of solution previously.
What was our ROI?
Before CrowdStrike Falcon, there were 40 to 50 alerts per day with many antivirus detections and time wasted validating non-issues. When we installed the CrowdStrike Falcon agent on the endpoint, there are now 10 to 15 meaningful alerts that we can work on and isolate the system. There is a 60 to 70 percent reduction in false positives, allowing us to disregard those. Additionally, higher quality behavioral detection based on pattern analysis is justified. The investigation time has been reduced from three to four hours to one to two hours, and per user, we used to take around 10 to 15 minutes, but now with the reduced false positives, we can troubleshoot or inspect users within five minutes.
What's my experience with pricing, setup cost, and licensing?
The pricing is very straightforward and negotiable. The license is thoughtful and very fruitful. The licensing is pretty simple, so it has a very good impact with the licensing, setup cost, and pricing with respect to CrowdStrike Falcon.
Money is saved because if a user is receiving spam alerts or spam emails which are damaging the organization's privacy, the number of alerts, data threatening, DLP, data extraction, and everything has been reduced. There is a big impact on the organization's security posture as well as time saved while doing troubleshooting, allowing us to monitor that alert via one single console. The positive impact is significant, and the money saved is a very good effect for the organization.
Which other solutions did I evaluate?
We have not evaluated another option before choosing CrowdStrike Falcon.
showing 1 - 10