We use AWS to manage CrowdStrike Falcon. CrowdStrike Falcon is a cloud-native solution, and from the user side, we do not directly manage or choose the cloud provider. CrowdStrike handles the back-end infrastructure. As per my understanding, we simply access the CrowdStrike Falcon console in our cloud and deploy the endpoint agent. So from our perspective, we use it as a cloud-based service without directly interacting with the underlying cloud provider.
CrowdStrike Falcon Platform
CrowdStrikeExternal reviews
439 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Excellent Visibility and Investigation Tools
What do you like best about the product?
The Kestrel Lead Generator has got to be the best development CrowdStrike has put out so far. This feature has saved me so much time in detection investigations!
What do you dislike about the product?
The fact that their query language is only slightly different than SQL. If you know SQL and jump into this platform, CQL is similar enough but different enough to slightly annoy you.
What problems is the product solving and how is that benefiting you?
Visibility and quick detection/incident resolution within each endpoint. It's always beneficial when mean time to resolution is reduced and CrowdStrike has helped us get our time down and feel better about the security of our environment.
An superb EDR product providing comprehensive protection to cyber security threats
What do you like best about the product?
The platform doesn't just look for known bad files; it looks for user / system behavioural patterns. It can stop 'fileless' attacks and zero-day threats by identifying malicious intent (Indicators of Attack) in real-time using its own AI knowledge
What do you dislike about the product?
We have some challenges on deploying Falcon sensor (agents) to our Azure Virtual Desktops. Besides, Falcons sensor on mobile devices has more rooms of improvement. Its vulnerability management functions also got a lot of room for improvement.
What problems is the product solving and how is that benefiting you?
It solves the issue of modern attackers living off the land with legitimate tools (like PowerShell) rather than just malware files. This gives me peace of mind that we aren't just looking for old virus signatures, but for actual malicious behaviour.
Fast to implement at scale | Rapid response for all Critical Detections
What do you like best about the product?
In the Endpoint Protection Platform space, the CrowdStrike Falcon sensor—together with the Falcon Complete service—feels unrivaled. Having a team of experts always available to help resolve detections in an environment of our scale means we can stay focused on critical business issues instead of constantly triaging alerts and detections.
What do you dislike about the product?
The main problems we face are with some of the supporting modules that are offered, such as data consistency issues in Exposure Management. Also, the lack of feature parity between Linux, MacOS, and Windows means we have to implement different policies and features across the different OS types. We haven’t faced any problems with the core product itself.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform allows us to maintain a lean team. With the same team size, we can now manage an environment that is 2x larger than before, while still improving our security posture (reducing MTTR, enhancing coverage, and delivering better security than traditional tools).
Strong Detection and AI-Driven Threat Protection, Though There’s Room to Improve
What do you like best about the product?
I like the best feature about falcon is their strong detection capabilities and ai driven threat detection system its too good features
What do you dislike about the product?
I think tuning for removing noice is hard and it takes too much effort and also their advance feature required more modules so its complex and also cost is high for that
What problems is the product solving and how is that benefiting you?
It solves our endpoint security on remote machines very well which traditional anti virus software may miss and also management of remote machines are very efficient
Cloud-Native, Intuitive Dashboards and Lightweight Agents—A Solid Endpoint Security Tool
What do you like best about the product?
I think its cloud native architecture and intuitive dashboards are very helpful to manage endpoint security and also their agents are also lightweight so no need of performance drop on endpoints
What do you dislike about the product?
I have seen other products also so i think their pricing are bit higher than competitors so smaller teams with limited budgets not able to use this and also initial setup is also bit complex for new users
What problems is the product solving and how is that benefiting you?
It solves our bigger problem of our cloud security posture we have improved a lot with this platform and also it helps us to quickly solve the incidents happen on endpoints
Simple, reliable, and easy-to use system for daily workforce management
What do you like best about the product?
What I like most is how quickly it detects threats and gives clear visibility into what’s happening across endpoints. It’s lightweight, runs smoothly without slowing systems down, and the dashboard makes it easy to understand security events in real time.
What do you dislike about the product?
The platform is powerful, but it can take some time to get comfortable with all the advanced features. At first, the interface and query options may feel a bit complex, and tuning alerts sometimes requires extra effort to reduce noise.
What problems is the product solving and how is that benefiting you?
It benefits me by giving instant alerts on suspicious activity, reducing the time needed to investigate incidents, and providing clear context for faster response. It also helps improve overall security posture without slowing down endpoints, which makes day-to-day operations smoother and more secure.
Top-Notch Security with Easy Deployment
What do you like best about the product?
I like how easy it is to deploy CrowdStrike Falcon Endpoint Protection Platform. Because it’s entirely cloud-based, it’s straightforward to roll out at scale across endpoints and servers. Resource utilization is minimal, so end users aren’t bottlenecked during day-to-day work. The detection rate is top-notch and, in my experience, among the best in the industry, which helps give us an edge over attackers.
I also value the different modules it can integrate with, since it works seamlessly with other Falcon modules as well as third-party vendors. The initial setup was simple, and the documentation was robust and genuinely helpful. CrowdStrike Charlotte AI has also been very useful for investigations and log correlation.
I also value the different modules it can integrate with, since it works seamlessly with other Falcon modules as well as third-party vendors. The initial setup was simple, and the documentation was robust and genuinely helpful. CrowdStrike Charlotte AI has also been very useful for investigations and log correlation.
What do you dislike about the product?
The pricing for SMBs can be improved. The UI/UX can also be improved as it's outdated and it needs to be more intuitive. Also, if the other Falcon modules were included with endpoint protection in the base package, it would be a great advantage. The current UI/UX of CrowdStrike seems outdated and it's not easy to navigate and not easy on the eyes.
What problems is the product solving and how is that benefiting you?
I use CrowdStrike Falcon Endpoint Protection Platform to secure servers and endpoints against cyber attacks, gain visibility across our environment, and meet compliance requirements. It's effective, easy to deploy, has a top-notch detection rate, minimal resource use, and integrates well with other tools.
Reliable Endpoint Security That Actually Makes Investigations Easier
What do you like best about the product?
What i like most about crowdstrike falcon is how lightweight yet powerful it is..It has minimal impact on endpoints while still providing strong behavioural detection and real-time visibility. The centralized console makes it easy to investigate and respond to threats quickly without juggling multiple tools also main advantage of crowdstrike endpoint protection platform is that it fetches data only one time then the data is shared between all the platforms like cloud security and next-gen siem
What do you dislike about the product?
One downside of CrowdStrike Falcon is that its pricing can be on the higher side, especially once you start adding multiple modules. The UI also feels a bit complex at first, particularly for new users, and some advanced features require a learning curve to fully utilize. You also need to learn their CQL language to query data from multiple sources. Additionally, sometimes policies take a long time to get applied to endpoints. Overall, it’s a powerful platform, but there are a few areas where it still needs improvement.
What problems is the product solving and how is that benefiting you?
It helps detect modern, fileless attacks and gives me real-time visibility across endpoints. That makes it easier to respond faster and rely less on multiple tools, which improves overall efficiency in security operations. I also don’t need to write custom rules or build dashboards, because it comes with out-of-the-box rules that cover almost the entire MITRE ATT&CK framework. On top of that, I can get a complete view of my endpoints and clearly see what’s happening across them.
Cloud-native security has improved real-time threat detection and streamlined daily operations
What is our primary use case?
What is most valuable?
The features that stand out are its lightweight agent, which doesn't slow down the system, and it is easy to use across multiple devices. This makes it easy for our team.
CrowdStrike Falcon's dashboard and reporting capabilities are very useful in daily operations. The centralized dashboard gives a quick overview of all alerts and system activities in one place. I also support customizable dashboards, so different team members can view the data they need. The reporting provides detailed insights, which helps with management. Overall, the combination of easy-to-use dashboards and detailed visibility with automatic reporting makes it very efficient for day-to-day security operations.
From a security perspective, it has significantly improved our ability to detect threats in real-time and respond quickly before they affect multiple systems. It has also made our work more efficient. Earlier, we had to manually check systems and investigate issues, which was time-consuming. With CrowdStrike Falcon, most of the detection and alerting is automated, so we can focus more on critical incidents instead of routine monitoring. Overall, it has helped us save time, reduce risk, and improve response time.
I have seen a noticeable improvement in time and efficiency with CrowdStrike Falcon. I can estimate that our team saves around thirty to forty percent of their time compared to our earlier processes. For example, earlier, it would take a significant amount of time to identify and investigate a suspicious activity, but now with CrowdStrike Falcon, we can detect and respond in minutes. This has significantly improved our response time and overall productivity.
What needs improvement?
While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful.
The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.
For how long have I used the solution?
I have been using CrowdStrike Falcon for around six months to one year.
What was our ROI?
We have definitely seen a return on investment with CrowdStrike Falcon in terms of time-saving and operational efficiency. While I don't have exact company-specific financial numbers, based on our experience and industry benchmarks, I can say that we have seen around a thirty to forty percent improvement in time spent on endpoint security operations. It has also reduced the risk of security incidents.
What's my experience with pricing, setup cost, and licensing?
The pricing typically depends on the number of endpoints and the features or modules selected. It is licensed per endpoint on an annual subscription basis. The pricing can vary depending on the subscription chosen. For example, the basic plan starts at a certain price per endpoint per year, while advanced plans with more features cost higher.
What other advice do I have?
In a recent situation while using CrowdStrike Falcon, we saw a suspicious process in the console. We checked the details and the system was showing it in quarantine. We found that the user was trying to access some suspicious link. The system generates alerts if there is suspicious activity. I rate this product an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Comprehensive Protection with Room for Faster Policy Application
What do you like best about the product?
I love how CrowdStrike Falcon Endpoint Protection Platform provides accessibility and usability by organizing all the relevant information for hosts within a single falcon console. It's easy to understand even for non-technical users. From the same console, I can check what processes are quarantined, take control of a specific host, and execute scripts. The platform supports multiple tools seamlessly without being hectic to configure, which is a big plus.
What do you dislike about the product?
When changing configurations for a specific host or a group of hosts, and applying any policy to a host or device, it takes much time to reflect and apply.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection Platform offers comprehensive protection for endpoints, securing crucial data whether in transit or at rest. It simplifies accessing host device information through a user-friendly console, even for non-technical users, and allows easy management like quarantine or process control.
showing 1 - 10