CrowdStrike Falcon Platform
CrowdStrikeExternal reviews
377 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Great Tool for Endpoint Protection
What do you like best about the product?
How efficiently and effectively it captures the process details and changes made in the endpoint. It captures detctions and co-relate them though time and presents the detection and a very details graph as well as provides details process tree. Also it is really easy and simple to deploy through out the network. Writing custom rules and blacklisting and whitelisting is fairly simple as well.. It proivdes great protection from zero-day attacks as well as know APT groups. Integration with log collection tools like SIEM & UEBA tools is fairly simple and effective. The Overwatch detection functionality support is also a gem.
What do you dislike about the product?
The crowdstrike console looks a bit congested. A lot of information is put on a single screen. Another reason for someone to opt for other EDR solution would be the price, Crowdstrike as a solution is little bit on the expensive side
What problems is the product solving and how is that benefiting you?
We are utilizing EDR for real-time detections and protections. Also we are utilizing for threat management, zero-day covergae. Also it also help in Asset Management. Threat Hunting can also be performed very effectively using Crowdstrike.
Recommendations to others considering the product:
If we are looking for andy EDR solution, crowdstrike should defenitely be an option because it can not only be an EDR piece but can remove the requirement for a seperate AV solution all together. The Threat detection and the Thret Hunting module really adds up a lot value to the overall security controls in the environment.
The next gen cloud based AV that works
What do you like best about the product?
We have been pleased with the capabilities of the product as well as the ease of installation of the agents that does not require a reboot affecting production. Support has been great and the analytics from the product provides great insights. Policies and groups are easily managed. The control and insights you get from your endpoint is great! The sandboxing feature is also a favorite feature to talk about. The ability to hunt, search, and monitor malware as well as tracing the instrusion makes this product stand out alot. Since Crowdstrike analyzes and stops similar threats from all customer's devices, it builds a big repository to harden security and prevention. The graphs and charts makes it easy to understand and to see where the trends are for Indicators of Attacks.
What do you dislike about the product?
All the modules are not free and that's understandable. Each module does a specific task and requirement based on your needs.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection helped us gain better visibility in our network and helps us with the intrusion through the ML prevention methods and expert review of our metadata for recommendations of prevention. The sandboxing capability as well as the malware hunt is great.
Recommendations to others considering the product:
Ask for a demo and test it out to see if it's suitable for your environment.
Best NextGen Antivirus I used
What do you like best about the product?
Install and forget about it. 90% of the tasks prevent anything malicious. Hats off to the developers on studying the patterns and implementing such machine learning algorithms.
What do you dislike about the product?
With CrowdStrike I don't have the ability to scan the system on demand.
What problems is the product solving and how is that benefiting you?
Prevention even before the Virus enters the system.
A great AV for small and large businesses alike
What do you like best about the product?
For our purposes since we do not have a NOC team, I like the relatively hands-off approach you can take with this. It does require an initial setup, and as the central Falcon page updates with more features, and/or if your configuration of Crowdstrike's recommended settings doesn't match what you have set, they'll send you emails about what to turn on and off, or raise or lower how aggressive the AV is acting or reporting. They'll even call you and remote share your screen so they can give you tips about the UI and what to look for. There is some self-management involved; you need to be able to make sure your sensors are up to date and keep an eye out for malicious activity, and if you have EDR, investigate the root cause.
What do you dislike about the product?
I dislike the UI to be honest. I think navigating to some of the pages isn't intuitive and needs to be cleaner and easier to get to. There are some elements that make little sense as far as where you need to go to look up a certain report, and when they told me I needed to go to Legacy dashboards to find something they wanted me to frequent, I thought that was odd. Also, it has a dark theme but it only works on the main page--once you start going into sub-navigation it returns white.
What problems is the product solving and how is that benefiting you?
we're solving the problem of not having to be too hands on with making sure agents are up to date (not having to worry about signature updates failing on a lot of computers, for example). Sometimes agent sensors don't update properly but there is a good report for seeing which ones haven't updated and rectifying it is easy. The benefit is it gives us a better sense of security so we can focus on other tasks without having to invest too much time into micromanaging devices.
CrowdStrike Falcon Review
What do you like best about the product?
CrowdStrike ability to move into the NextGen AV & Malware Detection.
What do you dislike about the product?
I would like to see a remediation scanner added to CS falcon to have the ability to clean up leftover art facts that get left behind .
What problems is the product solving and how is that benefiting you?
The CS Falcon has become a full replacement for the EOL Symantec SEP console.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
Recommendations to others considering the product:
They are moving in the right directions for the NextGen EDR solutions..
Are you sure it's working? It was!
What do you like best about the product?
This is the second organization where I've used CrowdStrike Falcon. I really appreciate how configurable it is. That allows our small IT organization to tweak the settings to prevent false alarms and alert overload. We simply don't have time to be wading through alerts. When we first deployed it, I was a little worried that it wasn't working since we weren't getting any alerts. With a little tweaking, we were able to turn up the sensitivity to give us just the alerts we need to see and not any of the false positives or minor issues that everyone sees. I love the fact that it is a next-generation product so that it looks for malware-like behavior rather than relying on a database of already known malware.
What do you dislike about the product?
I dislike how tough it is to get their annual threat actor calendars. I love the calendar, but it always takes a couple of months for it to get here. There are times that I wish the email alert feature would let you get alerts on minor issues. I know that's the opposite of what I like about it, but for that initial period when we weren't seeing any alerts, it would have been nice to be able to crank up the email alerts when those first couple of issues came in so I knew things were working correctly.
What problems is the product solving and how is that benefiting you?
We were using Windows Defender before Falcon. As the IT Director, I wasn't comfortable that it was giving our users the protection they needed, particularly in this COVID-19 work from home world that we're in. With Falcon installed, I know that we'll find out if our users get attacked or compromised so that we can deal with it right away.
Realtime Response is Powerful
What do you like best about the product?
The realtime response function allows us to quickly and easily vet a given alert and take appropriate escalation action or make the decision to network-contain the host. Containment is quick, safe and easily reversed which allows time for appropriate research if needed.
What do you dislike about the product?
The Splunk backend has certain query size return limitations that make extended investigations painful.
What problems is the product solving and how is that benefiting you?
Managing an enterprise endpoint security program.
Out of the Box functionality to hit the ground running
What do you like best about the product?
As the title implies, CriwdStrike has a lot of out of features that are available out of the box (dependent on subscriptions naturally), but it did not require a lot of heavy configuration and architecture to start running. Which is great if you are part of a small team with multiple competing responsibilities, this is one thing at least you don't have to worry too much over.
CrowdStrike Ideas forum is also great as it allows customers to submit ideas for how to improve the product, and in some cases get quick turnaround from an idea posted to a message board to implementation.
CrowdStrike Ideas forum is also great as it allows customers to submit ideas for how to improve the product, and in some cases get quick turnaround from an idea posted to a message board to implementation.
What do you dislike about the product?
There was a lot of repetitive manual configuration required in some cases, especially in building Prevention Policies and Groups. It would have been nice to be able to make a template policy which could be copied and tweaked for subgroups or dev/test vs prod groups etc, instead of have to start from scratch and build what is essentially the same policy twice (minus a setting or two). This was addressed in the Ideas forum as mentioned in the "What do you like Best" field and hopefully will be added to the platform soon.
Citrix template servers can create multiple copies of themselves in the host list which have to be manually deleted creating a lot of work whenever changes to the template are made and they are rebooted, creating new spawns.
Citrix template servers can create multiple copies of themselves in the host list which have to be manually deleted creating a lot of work whenever changes to the template are made and they are rebooted, creating new spawns.
What problems is the product solving and how is that benefiting you?
Upgrading to NGAV from a hybrid signature based AV solution has cut down on processing load, workstation side.We no longer have to create exceptions for entire application folders in order to ensure the software can run without AV crashing the system anytime it scans, ensuing an overall more secure landscape on user machines.
Recommendations to others considering the product:
CrowdStrike is a great product. It lets you hit the ground running. Especially for a small team the lack of heavy config and ease of use make a huge difference in building out the environment,
Plug and play
What do you like best about the product?
CrowdStrike combines all features in one lightweight sensor with single management console without relying on third-party AVs or products.
What do you dislike about the product?
No DLP capabilities and Content threat removal
What problems is the product solving and how is that benefiting you?
Detection,Breach protection, Threat Hunting
Eye catchy product with ease of managing the endpoint
What do you like best about the product?
Investigation is easy in Crowdstrike and it will give u each detail of endpoint so u will not be missing any of the threat.
What do you dislike about the product?
So far i haven't come across of anything.
What problems is the product solving and how is that benefiting you?
Using it for threat intelligence mainly.
showing 141 - 150