Used few system resources, can easily isolate infected machines, and add modules
What is our primary use case?
We use CrowdStrike Falcon for endpoint security and response, and Horizon to manage and protect our data.
Following a 2021 security incident, the general response team recommended implementing CrowdStrike. We adopted their suggestion and found its network threat detection and prevention capabilities invaluable.
What is most valuable?
I like the feature called RTC, the remote time connector. It allows us to connect to a computer via the command line and execute commands for various functions and investigations. This eliminates the need for any additional programs. We can launch the connection and its subcommands from a single console.
The containment feature is another valuable tool. It allows us to isolate any machine exhibiting suspicious behavior or facing a detected threat. Once activated, containment immediately severs the machine's network connection and blocks user access.
What needs improvement?
Despite implementing tuning rules specifically designed to address them, we are still encountering a significant number of false positives. This issue persists even after collaborating with their support team to find a solution.
I have worked with their technical support on several problems that were never fully resolved.
For how long have I used the solution?
I have been using CrowdStrike Falcon for three years.
What do I think about the stability of the solution?
While we encountered some bugs with on-demand scanning, the overall performance and stability of the system are positive. CrowdStrike Falcon is less resource-intensive than our old McAfee solution, which often led to performance complaints due to its high memory consumption.
What do I think about the scalability of the solution?
CrowdStrike Falcon is scalable. Adding new features or licenses to CrowdStrike Falcon is seamless, with no disruption to our system's performance. Installing new modules is easy because it uses the same sensor.
How are customer service and support?
While I've found screen sharing helpful with other support teams, CrowdStrike's technical support has never proactively suggested it. Instead, they've always initiated contact by calling me back after I submitted a ticket. We recently offered to screen share, but it seems it's not their preferred method. The support is good but it is not the best I have used.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Previously, we utilized Carbon Black for our endpoint security needs. However, we transitioned to CrowdStrike for several compelling reasons. As a prominent market competitor with widespread adoption among organizations, CrowdStrike offered a robust platform capable of meeting our evolving security requirements.
The 2021 incident further underscored the importance of robust security tools. CrowdStrike's capabilities proved invaluable in navigating the aftermath and instilled confidence in its continued effectiveness for future challenges.
Beyond its proven track record, CrowdStrike seamlessly integrates with our existing security ecosystem. The platform's comprehensive feature set simplifies endpoint management from a centralized console. Additionally, its granular telemetry across various modules provides invaluable insights during incident detection, enabling us to gather holistic information from each affected machine.
Furthermore, CrowdStrike consolidates our security stack by encompassing next-generation firewalls, endpoint detection and response, and real-time endpoint scanning, eliminating the need for separate solutions like McAfee. This streamlined approach enhances operational efficiency and simplifies security management.
How was the initial setup?
The initial deployment presented some challenges due to the need to install the solution on all machines. This phase, requiring careful coordination among ten people over several weeks, involved connecting all the computers to the network. However, once this foundation was laid, the subsequent rollout proceeded smoothly.
What about the implementation team?
The implementation was completed in-house by our people.
What was our ROI?
The return on investment is evident in the enhanced security posture achieved through continuous monitoring and immediate isolation of compromised machines. This proactive approach not only mitigates risk but also provides significant peace of mind for our team, alleviating concerns and optimizing their performance.
What's my experience with pricing, setup cost, and licensing?
While CrowdStrike Falcon offers significant security benefits, its high price point might make it prohibitively expensive for many small and medium-sized businesses, including companies like ours.
What other advice do I have?
I would rate CrowdStrike Falcon a nine out of ten.
CrowdStrike Falcon is a great tool. Investing in proper training on the CrowdStrike Falcon platform is highly recommended for any organization seeking to maximize its potential and avoid navigation struggles within the console. However, it's important to note that effective utilization of Falcon without CrowdStrike's managed services necessitates the formation of a dedicated team responsible for managing the solution.
An overall positive experience with crowdstrike
What do you like best about the product?
I am not a heavy user of crowdstrike so i cant give a super in deph review however when i have used it which has been quite a lot recently in the last few months due to project work it has been a joy to work with it has a lot of differnt features which my company has not made use of yet however i have full confidence that these features will be easy to implement and intergrate into our crodstrike enviroment i have only had to conatct customer support once during this year for some advice and they were very helpful and got to my issue quickly
What do you dislike about the product?
I think due to my lack of time using the product i have quite a biased review however i have no negatives for crowdstike it has been perfect really
What problems is the product solving and how is that benefiting you?
It allowed us to roll out the control of USB sticks via policies and grouping tags this projrct was very beneficial for us due to the fact we had a security audit recently and they tried USB sticks and this did not work
Great experience
What do you like best about the product?
Good cloud security tool recommended for every orginization easy to use number of features
What do you dislike about the product?
No dislike its good product nothing everything is good
What problems is the product solving and how is that benefiting you?
Yes it is helpful for getting the junk files blocked and its a very good antivirus tool
The excellent endpoint protection solution
What do you like best about the product?
The best feature of crowdstrike falcon is that it is very easy to use and manage and works in offline mode also and the product implementation was very easy the customer support was also helpfull.
What do you dislike about the product?
crowdstrike falcon is premium endpoint prtection solution so it is very costly compare to other solutions and sometimes its detection engine detects number of false positives.
What problems is the product solving and how is that benefiting you?
it is helping me to protect my endpoints from ransomware attacks that i was worried for and protecting my whole network from sophosticated attacks and safeguarding me from attackers.
Essential-Falcon End Protection
What do you like best about the product?
Advance Threat detection, endpoint visibility, scalability and flexibility.
What do you dislike about the product?
Cost of implementation and ongoing subscription fees , dependency like it's relies on consistent internet connectivity
What problems is the product solving and how is that benefiting you?
Enhance incident response, allowing proactive measures against potential risks, real-time visibility
Efficient Endpoint Protector
What do you like best about the product?
CrowdStrike Falcon Endpoint Protection is useful in terms of detecting vulnerabilities on endpoints, it not only scans endpoints but goes as far as protecting the network of the organisation against cyber threats.
What do you dislike about the product?
CrowdStrike Falcon Endpoint Protection GUI may look easy on the eye but there is alot going on under its "hud" that I would say isn't user friendly, you need to get the hang of using CrowdStrike Falcon Endpoint Protection to know how to navigate through it and set things well in their place.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection has assisted our organisation in reducing the footprint of the amount of vulnerabilities out there that could pose a threat our endpoints and network.
Ease of use and maximum visibility
What do you like best about the product?
It offers ample features for all platforms- windows,linux and max. The user interface is easy to use. Crowdstrike query helps in investigating the alerts more deeply. With right access containment and real time connection proves to be great when working critical alerts. Its machine learning and custom intelligence capabilities makes sure that no incident is overlooked. It also provides great customer support. Implementing tuning for white listing is also simple
What do you dislike about the product?
Search capabilities sometimes gives false results.
What problems is the product solving and how is that benefiting you?
Real time visibility and continous support that is of utmost importance in security field.
Leading EDR solution
What do you like best about the product?
The feature, navigations, process chains enables us to in depth threat hunting and incident response capability with root cause analysis. It helps our clients to serves best in terms of remediation and mitigation.
What do you dislike about the product?
I expect some more features to removable device feature when any file or application got written to a system from other device. This information is not getting logged in detail.
What problems is the product solving and how is that benefiting you?
It is performing as a complete solution and replacement of traditional antivirus solution with strong behaviour analysis, machine learning and Mitre attack framework.
A powerful tool for monitoring and threat protection
What do you like best about the product?
I am using CrowdStrike Falcon Endpoint protection on my office laptop and I have to say the product is overall great for blocking the traffic both internal and external along with tracing any other malicious activity.
What do you dislike about the product?
Some organizations may find the price of CrowdStrike Falcon's premium endpoint security solution to be on the expensive side. Also, compared to some other endpoint security solutions, CrowdStrike Falcon's support can be improved.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection can be considered as one of the top options for a cybersecurity tool with real-time capabilities, threat detection, monitoring, and blocking. Its threat detection is excellent keeping our organization devices safe.
Feature packed product with swift response timelines.
What do you like best about the product?
Exceptional EDR capabilities along with fast response from the managed SOC. I like the way the product maps out any threat/potential threat vector. It provides a great visulatization for users to trace the source.
What do you dislike about the product?
Sometimes, the product gets a bit noisy in throwing false positives but it tends to improve over time.
What problems is the product solving and how is that benefiting you?
Crowdstrike fully managed Falcon helps us manage our endpoint security posture. Since we are customers of the fully managed version, we have SOC capabilities partnered with Crowdstrike that allows 24/7/365 monitoring and alerting.
