CrowdStrike Falcon Reviews & Insights

CrowdStrike Falcon is very good product for all types of organizations.we use CrowdStrike Falcon primarily for endpoint security and threat response.CrowdStrike Falcon features - Lightweight agent,single Console for all modules,easy to use,implement in minutes.traditional antivirus often struggle to detect sophisticated threats like ransomware,fileless threat, zero day exploits .CrowdStrike Falcon gives you rapid response with AL and ML and behaviour monitoring and improve security posture. CrowdStrike Falcon provides you autonomous endpoint protection,threat hunting,auto remediation.So overall CrowdStrike Falcon is value for money product.

CrowdStrike Falcon is very good product for detecting and response for sophisticated threat like ransomware ,fileless attack in compare for legacy anti virus .CrowdStrike Falcon is very suitable for endpoint protection but less suitable in data protection because it support only for windows and protect only two channels web and USB and customs regex in bit complicated.

We use it for end point protection for the most part. It keeps us in a safe environment with a very small footprint on each device. We also use identity protection and their new SIEM product as we view them as superior to others we have had in the past. Although more expensive than most they have worked with us to get us to a reasonable cost for what you get out of the product.

Its very easy to deploy on the endpoints and it does a great job finding issues before they spread. It also can get you out of the weeds if you are ever in trouble and don't have the product from the start. It's a first class program that really helps when needed and keeps you secure in your environment.

We use the CrowdStrike Falcon XDR platform with some of the addons, like IdP and spotlight, and find it works well as a complete solution for endpoint protection, as well as a SIEM. The IdP module integrates well with AD and Entra ID, and the workflows also integrate well enough with everything else via webhooks.

Good for medium to large businesses, but small businesses would find it a bit too complex to set up and manage. You need to take the time to fine tune the settings and to manage and respond to detections, as well as build up a number of automated responses based on your particular risk strategy.

We utilize CrowdStrike Falcon to secure our endpoints (Mac, Linux, Windows). We are using both the endpoint detection and response capabilities as well as device control.

CrowdStrike Falcon addresses the problem of attack/exploitation on endpoints. Maintaining 100% patch compliance at all times on all hosts is a difficult pursuit; having CrowdStrike Falcon on the devices provides peace of mind that systems have a strong level of protection during the patch deployment windows.

CrowdStrike Falcon helped pioneer the modern next-gen antivirus market and hs done a great job of building the market. In addition to EDR, CrowdStrike Falcon has built an ecosystem of partner companies who are all leading the cybersecurity product space.

CrowdStrike Falcon's detection and prevention capabilities are best-in-class ensuring businesses remain protected while avoiding burnout due to false positives.

We use CrowdStrike Falcon to keep our endpoints secure in real time. CrowdStrike Falcon takes the guesswork out of endpoint detection and response by giving a full playbook of the threats detected.

CrowdStrike Falcon has been the best endpoint detection we have used to date. The features are far more robust and intuitive than our previous solutions. CrowdStrike Falcon is well suited for all systems even if they are not domain joined.

We use CrowdStrike Falcon as our EDR platform to protect the business against the risks that a modern technology business faces. We use CrowdStrike Falcon on all our linux servers due to its low footprint and memory usage, which enables us to not have to scale up our server sizes to facilitate the overhead that some other EDR solutions have.

CrowdStrike Falcon is well suited to linux workloads where a low overhead is desired, compared to our previous vendor CrowdStrike Falcon allowed us to shrink our instance sizes as it reduced the memory overhead and CPU utilisation required.

We use a company called Act Zero as an XDR solution provider. The tool they use is CrowdStrike Falcon and we use it and they use it to help protect our environment. We wanted to provide greater security across our enterprise and evalauted different soltuions. We liked CrowdStrike and that is why we chose Act Zero - they were using tool we liked.

It is able to really identify the true issues we have with our endpoints. There is not a lot of noise with their tool. They provide a comprehensive toolset and they keep up to date in regards to the latest security scams/issues to protect our environment

The reporting and dashboards could be improved to provide more clarity and ease of understanding of the metrics

CrowdStrike Falcon is the best in class product with the ease of use and implementation. CrowdStrike Falcon sensors are installed in all our computers, servers. Easy to use and well optimized. It automatically detects any threats or files when any external source is connected, or any unknown file is downloaded from the web to keep secure the computer.It help to assure the right protection against hacker attacks and generally malicious activity which other tools wont detect like - Lateral movement, Kerberoasting, AD recon attacks etc.
The solution is almost transparent for the users and the machines but the effectiveness against the malicious activities is on the highest levels, the false positives are also very low in according the total number of blocks against bad links, bad services and bad files.

CrowdStrike Falcon was able identify activity for kerberoasting which is critical as most of tools are not able to identify.Also its capability to DLL sideloading/hijacking is commendable.Interactive sandbox has helped a lot for getting to see how malware works. Great real-time visibility and reaction to all the endpoints.Offers a lightweight agent.

CrowdStrike Falcon is the Extended Detection and Response (XDR) solution we use to secure our corporate assets and production servers. It single-handedly gives us the necessary protection and visibility into all our assets. I am security engineer and I use CrowdStrike Falcon everyday. My scope is to use it to investigate abnormalities in our assets and alerts it generates. The alerts comes with a great amount of details which is mostly helpful. Furthermore, it helps us keep an eye on unwanted applications installed by users and help get rid of it.

CrowdStrike Falcon is good for a mid-large size industry where there are many engineers and analysts are working. It got many modules and a lot of data to analyze and correlate with other tools. Also, the price vs features get justified for a mid-large company. The system is also designed for users with high technical skill level as it has a steep curve. Due to its not so good ML based detection engine it is also suitable for environment with not many lab/developer activity going on as it creates a lot of noise. The policy granularity isn't as detailed as in some other competitors like Cortex XDR.
It is not so well suited for small companies with small security team as it got too many features to manage and mostly an overkill as it will only operate on a small asset-set. Plus it is not cheap. It is also not suited for companies that does large scale development and testing involving network access or File manipulation in their environment simply because the policy options aren't much granular to tune accordingly. Cortex is definitely better in that aspect.

The Falcon agent is installed in all our computers, servers, tablet and mobile phones. It help to assure the right protection against hacker attacks and generally malicious activity, we also adopted the identity protection module to complete the user protection. The solution is almost transparent for the users and the machines but the effectiveness against the malicious activities is on the highest levels, the false positives are also very low in according the total number of blocks against bad links, bad services and bad files

In a scenario with endpoints located worldwide, it can assure to all, the same necessary security level in real time and the highest efficiency for servers and computers. If there are too many legacy operating systems linked to industrial machines it has weakness that need to be covered with different solutions or architectures.