CrowdStrike Falcon Platform

What do you like best about the product?

Its lightweight agent, real-time threat detection, and cloud-native architecture provide excellent visibility into endpoints. It helps identify and stop advanced threats quickly, and it’s also easy to deploy and manage.

What do you dislike about the product?

Some advanced features take time to learn for new users, especially for smaller IT teams that don’t have dedicated security expertise.

What problems is the product solving and how is that benefiting you?

It helps us solve challenges related to endpoint security, threat detection, and incident response across our organization.

What do you like best about the product?

I like that the number of false positive alerts is very low and the detections are very accurate. I also appreciate getting PowerShell access to investigate and take action, as well as the ability to run Python scripts. Investigating the machine's event history is straightforward. The detection and response capabilities are much better than what I was used to with our previous product. The setup was also easy.

What do you dislike about the product?

In CrowdStrike, drive/volume references are shown as device paths rather than Windows drive letters (volume# instead of C: or E:). It would be better if they were changed to Windows style letters.

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon Endpoint Protection Platform for threat hunting, incident investigation, and response. It provides low false positive alerts and accurate detections. I get PowerShell access for investigation, can run Python scripts, and perform event history investigations. Detection, response, and taking action are much improved.

What do you like best about the product?

I use CrowdStrike Falcon Endpoint Protection Platform as our primary enterprise endpoint security solution and I really appreciate its incredibly lightweight agent. It provides top-tier, real-time security and behavioral threat detection without hogging system resources or slowing down user machines. I really enjoy the network isolation feature as it works flawlessly, allowing me to instantly disconnect a compromised device from the network with one click while still maintaining my remote connection to fix it. I also found the initial setup to be incredibly easy since it is 100% cloud-native, requiring minimal effort and allowing me to deploy the lightweight agent across all company devices without needing a single reboot. The platform integrates seamlessly with our Microsoft Azure infrastructure and our centralized SIEM system, which aids in consolidated security logging and rapid incident response. I would rate it a solid 10 out of 10 for its flawless cloud management and zero impact on PC performance, making it the ultimate endpoint protection for any enterprise.

What do you dislike about the product?

The centralized cloud dashboard can feel overwhelming because the user interface has a steep learning curve with too many sub menus. Also, the advanced threat hunting queries (Falcon Insight) require deep specialized knowledge, so making the query syntax more intuitive would be a great improvement for daily operations.

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon to monitor, detect, and isolate malware in real-time, stopping ransomware before it spreads and managing security with AI-driven analysis. Its lightweight agent prevents system slowdowns, and network isolation lets me contain threats instantly, safeguarding our infrastructure from breaches.

What do you like best about the product?

I like CrowdStrike Falcon Endpoint Protection Platform for its real-time threat detection and cloud-based visibility. It's fast and lightweight, and the automated response features really reduce the need for manual intervention. The platform helps me quickly identify suspicious activity before it escalates into a serious incident. The cloud-based visibility is valuable because I can monitor everything from a single dashboard, which is very easy to manage. The automated response saves time by containing or isolating threats instantly.

What do you dislike about the product?

It can sometimes be a bit complex to configure at the very beginning, especially for fine-tuning policies. Also, the alert volume can feel high without good filtering, so it takes some time to adjust.

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon Endpoint Protection Platform to protect against malware, ransomware, and cyber threats. It prevents advanced threats, reduces breach risks, provides real-time visibility, identifies suspicious activity quickly, and saves time with automated threat response.

What do you like best about the product?

I like CrowdStrike Falcon Endpoint Protection Platform for its strong threat detection and lightweight agent. The cloud-based management console is easy to use and the platform provides excellent visibility into endpoint activity. It allows our team to respond to security incidents quickly and efficiently. The initial setup was easy and efficient, with the lightweight agent deploying quickly and minimal effort required for configuration. I would highly recommend it due to its ease of management, cloud-native architecture, and its ability to help organizations respond to threats quickly.

What do you dislike about the product?

CrowdStrike Falcon works very well overall, there are few areas that could be improved. The pricing can be relatively high for smaller organizations, especially when additional modules are required. Some advanced features require time to learn and alert tuning is sometimes needed to reduce noise. More flexible reporting and dashboard customization would also be welcome improvements

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon Endpoint Protection Platform for malware prevention, ransomware defense, and threat detection. It offers real-time endpoint visibility and speeds up incident response, improving our security posture and reducing risks and admin efforts.

What do you like best about the product?

I like the fact that it protects and combines all the defence secuirty tools into one. it basically does most of the stuff

What do you dislike about the product?

licenses are limited not all of us in the team have the licenses due to the badget

What problems is the product solving and how is that benefiting you?

AI-driven behavioral analysis combined with real-time threat intelligence helps detect suspicious activity.

What do you like best about the product?

I find CrowdStrike Falcon Endpoint Protection Platform to be one of the most dependable endpoint protection platforms we've ever used. The cloud-based technology is great because it ensures nothing hampers the performance of our endpoint devices. I appreciated the smooth installation process, which went off without any hitches. The real-time detection feature is excellent, as it detects threats instantly before they cause any damage. I also like the well-structured dashboard, which makes it easy to view the state of security of each endpoint. Another highlight is the threat intelligence provided by its artificial intelligence capabilities, which can spot new patterns of suspicious activity pointing to zero-day attacks.

What do you dislike about the product?

If we need to pick a shortcoming, then it would be the price. For small businesses, this cost may be significant, but considering how good it performs, the costs are justified.

What problems is the product solving and how is that benefiting you?

CrowdStrike Falcon is reliable and cloud-based, ensuring no performance issues on endpoints. It offers excellent real-time threat detection, a clear security dashboard, and AI-driven threat intelligence, identifying new patterns of suspicious activity.

What do you like best about the product?

Cloud-native architecture
Falcon runs from the cloud, so there’s no heavy on-premise infrastructure to maintain. Deployment and updates are usually faster and simpler.
Lightweight agent
Compared to many traditional antivirus tools, the Falcon sensor uses relatively low system resources, which users often appreciate on employee laptops and servers.

What do you dislike about the product?

High cost
Many organizations feel the licensing and add-on modules can become expensive, especially for smaller companies or growing environments.
Complexity for new users
While powerful, the platform can have a learning curve for administrators who are new to EDR/XDR tools or advanced threat hunting.
Alert volume / tuning required

What problems is the product solving and how is that benefiting you?

Detecting advanced cyber threats quickly
Falcon helps identify ransomware, malware, phishing activity, and suspicious behavior in real time using AI and behavioral analytics.
Benefit: Faster detection reduces the risk of data breaches and operational downtime.
Limited visibility across endpoints
Many companies struggle to monitor laptops, desktops, and servers across multiple locations.
Benefit: Falcon provides centralized visibility into endpoint activity, making it easier for IT and security teams to track threats from a single dashboard.

What do you like best about the product?

I appreciate the deep visibility across endpoints while remaining lightweight and easy to deploy. The platform’s AI-driven detection, rapid incident response, and centralized management are invaluable for quickly identifying and stopping threats without heavy infrastructure overhead. It's especially effective for remote or hybrid work environments. The cloud-based setup saved me from managing on-premise servers, and installing the lightweight agent across endpoints was quick. The centralized dashboard makes policy configuration and monitoring easy, supported by helpful documentation and onboarding guides.

What do you dislike about the product?

Some areas where CrowdStrike Falcon Endpoint Protection Platform could improve include reducing false positives in certain environments, simplifying the user interface for less experienced analysts, and providing more customizable reporting options. Some organizations also find the platform relatively expensive compared to traditional endpoint security tools. Advanced features may require a learning curve, and troubleshooting complex detections can sometimes need specialized expertise. Better integration flexibility with certain third-party tools and more granular policy management would improve the overall experience for some security teams.

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon Endpoint Protection Platform to address malware and ransomware attacks, enhance endpoint visibility, and manage compliance concerns. It boosts security with AI-driven detection, rapid incident response, and centralized management, improving threat detection and team productivity, especially in remote work settings.

What do you like best about the product?

I liked CrowdStrike Falcon Endpoint Protection Platform for its visual process tree, which helped me handle massive text logs and map attack timelines, saving me a lot of time compared to manual work with Windows event logs. The real-time response console was another standout feature for me because it's direct, secure, and uses a CLI-based interface, allowing me to kill malicious processes and delete files without the end user noticing. Its ability to isolate an infected machine with one click and record all system behaviors also made it very useful. Additionally, the initial setup was very easy and simple, thanks to the tiny installer.

What do you dislike about the product?

The main problem was the price; even after buying Pro, it asked me to pay for features like integrated vulnerability management and automated SOAR workflows. The aggressive tamper protection made it difficult to easily uninstall or fix a broken agent. Another issue was the false positives, as it frequently flagged the dev tool and my custom internal scripts as malicious due to reliance on AI.

What problems is the product solving and how is that benefiting you?

I use CrowdStrike Falcon Endpoint Protection Platform to eliminate blind spots like script-based attacks, record system behaviors, and isolate infected machines instantly. It saves time by mapping attack timelines and allows me to manage threats globally, even on remote networks.