We use CrowdStrike Falcon for endpoint protection and cybersecurity.

We implemented CrowdStrike Falcon to ensure our systems were secure and there were no infiltrations to our system.

We deploy CrowdStrike Falcon across a variety of platforms, including cloud and edge environments. We ensure it meets rigorous security standards, is properly certified, and adheres to our data management policy.

We integrated CrowdStrike Falcon with our end-user systems and servers.

Since implementing CrowdStrike Falcon, we haven't experienced any serious threats, and we've seen a decrease in phishing and ransomware emails. This suggests it's been very effective in mitigating those threats.

The UI is easy to use and comprehensive.

CrowdStrike Falcon's performance has improved our user productivity.

CrowdStrike Falcon offers a comprehensive dashboard that is highly effective in protecting against and blocking external infiltration attempts.

The pricing structure should allow for some flexibility.

I have been using CrowdStrike Falcon for almost 3 years.

CrowdStrike Falcon is stable.

I would rate the scalability of CrowdStrike Falcon 8 out of 10.

The technical support is good. We have not had any issues with them.

The initial deployment was straightforward. The deployment doesn't take more than one day. Those involved with the deployment are system engineers, IT analysts, and software engineers.

The implementation was completed in-house.

The price is fixed with no room for negotiation.

I would rate CrowdStrike Falcon 8 out of 10.

We have deployed CrowdStrike Falcon in multiple departments, locations, and satellite offices.

CrowdStrike Falcon doesn't require maintenance from our end other than the updates.

I recommend CrowdStrike Falcon to others.

CrowdStrike Falcon is used as an endpoint detection and response platform. It's basically an antivirus solution. It is deployed on all the endpoints, including workstation servers, et cetera.

We previously had another solution. However, it was a combination of signature-based and anomaly-based detection methods. When we implemented CrowdStrike in our organization, it helped us minimize the critical gap where, in some cases, we could not identify malicious behavior.

CrowdStrike is behavioral-based; therefore, it has a behavioral-based detection method. It's not a signature-based tool. It helps us to identify the threats according to the behavior of any process that is running on any particular system. It helps immensely to identify any malicious behavior on any endpoints.

They have a service called Overwatch. It's an incident response feature, which CrowdStrike usually provides for most of the customer's premium customers. They will be looking for particular instances. If anything really suspicious or malicious happens, they will inform us. That is one kind of feature that is really great as compared to other tools.

The ransomware protection and behavior-based detection are the best features.

The solution has effective prevention policies. They help prevent cyber attacks or any other malicious activity.

The real-time response capability supported our incident response efforts. Whenever there is a case of any critical incident or any security breach, at the time of security breach, we can utilize RTR (real-time response) features to know what process is running. Then, we can kill the process. We can get to know, for example, what active connections are. Also, in case of quarantine, if we quarantine a particular machine with CrowdStrike, we still have access to that machine with the real-time response feature. That's quite useful.

File integrity monitoring could be improved. They need to have more clarity on the policies and how we can apply them to get the file modification details. In terms of vulnerability management, CrowdStrike doesn't have the network scanning feature, which other competitors have.

We sometimes get false positives. We have had to create some exceptions. However, we have been able to minimize the noise.

I have been using CrowdStrike for more than 3 years.

This is a very stable solution. I'd rate the solution 9 out of 10.

We have a single instance across multiple locations. People in the company work from different locations, and we have agents installed to workstations, et cetera. We have around 8,000 workstations and around 5,000 servers. Then, we have about 20 people working on it directly regularly.

The solution is absolutely scalable, and companies can scale it as needed. I'd rate the solution 9 out of 10 in terms of scalability.

I'm absolutely satisfied with CrowdStrike's support. They have a robust support team that is always there to help.

We were previously using Symantec. CrowdStrike has a wider range of features and has been the market leader in its category. After a quick POC, we decided to move to it.

The initial setup was straightforward. There were no major hiccups in implementing it. We were clearly guided by the CrowdStrike team. We just followed the steps provided. It took 45 to 60 days to implement.

CrowdStrike is a cloud-based solution. We don't have to deploy any instance on-premises or cloud. CrowdStrike provides us access to their instance. We simply have to install the agents on our systems. Those agents will communicate to the CrowdStrike Falcon cloud. It will all be managed by CrowdStrike, and we will have access to the console. On the console, we have all the features and all the different options we need to manage the platform. There is no maintenance required.

We had 3 people participating in the deployment. From the system side, there are multiple teams involved from the deployment point of view. That said, 90% of the work was done by the security platform team.

I'd rate the ease of deployment 4.5 out of 5.

We have witnessed an ROI. It's been the first line of defense for us. It has saved us on costs. However, those are hard to quantify as we haven't faced a breach.

The solution is expensive, however, if you look at the features, it's worth the cost.

I'm a customer and end-user.

I would absolutely recommend this product to any organization with a prior POC under its belt. A company needs to test it in their environment. That said, I would highly recommend anyone to test it out.

I'd rate the solution 9 out of 10.

Our organization uses CrowdStrike Falcon for a variety of security tasks, including incident response, investigations, malware analysis, and threat hunting. This comprehensive platform excels at detecting malware across various technologies and endpoints within our environment.

CrowdStrike Falcon functions as a threat detection platform. It identifies malware based on pre-defined signatures and rules. Upon detection, it triggers a response and provides a dashboard for further analysis. This allows us to assess if the malware poses a risk to our organization or if it's a false positive. For confirmed threats, we can then delve deeper for a thorough investigation to uncover any underlying malicious intent.

Our primary goal is to prevent malware-related risks proactively. By leveraging CrowdStrike Falcon, a premium endpoint detection and response tool, we can safeguard our organization from malware exploitation attempts employed by hackers.

The primary advantage of CrowdStrike Falcon is twofold: reducing malware risk and providing advanced investigation capabilities. Traditional antivirus solutions struggle to keep pace with ever-evolving malware threats. CrowdStrike Falcon utilizes cutting-edge technology to proactively prevent these threats, minimizing the risk of infection. Falcon also features a threat intelligence platform that keeps us informed about the latest global malware threats and compromised tactics. This real-time awareness empowers us to proactively prevent threats before they impact our environment.

Recently CrowdStrike Falcon detected and mitigated malware that would have compromised several vulnerabilities in our environment.

Falcon's real-time response capability ensures we can quickly access any compromised host. This is a valuable advantage over other EDR tools.

The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities.

I've found that CrowdStrike's technical support could benefit from increased technical expertise. In my experience, their representatives haven't been able to resolve my issues as effectively as I would have liked.

I have been using CrowdStrike Falcon for 1.5 years.

I would rate the stability of CrowdStrike Falcon nine out of ten.

I would rate the scalability of CrowdStrike Falcon eight out of ten.

I've found the technical support staff to be less knowledgeable than I'd expect. Ideally, they should have expertise in all CrowdStrike modules, as we utilize a wide range of them.

We previously used security solutions from Symantec, Trend Micro, Trellix, and Mandiant. However, CrowdStrike Falcon stood out as a more premium offering. Its advanced capabilities and comprehensive approach to security ultimately led us to switch providers after careful consideration of several factors.

The initial deployment was straightforward and took less than 15 days to complete.

There were between 30 to 40 people involved in the deployment.

Our security engineering team implemented CrowdStrike Falcon entirely in-house. We also received some support from our internal desktop team and leveraged the expertise of an internal managed service provider team. No third-party vendors were involved in the deployment.

CrowdStrike Falcon is more expensive than other EDR solutions with similar features.

I would rate CrowdStrike Falcon nine out of ten.

After deployment, there are some simple maintenance tasks to keep everything functioning well.

New users should learn about the different modules of CrowdStrike Falcon and their functionalities to work effectively with the tool.

CrowdStrike Falcon is our platform for IT security, encompassing endpoint security, cloud security, and EDR capabilities.

CrowdStrike protected us from a cyberattack. That's why I believe it's a very effective product. It's already prevented attacks on 2 occasions. It successfully quarantined suspicious files, essentially making our organization much safer.

We also leverage CrowdStrike Falcon Overwatch, a managed threat-hunting service offered by CrowdStrike. This service complements CrowdStrike's EDR functionality, which provides automated detection and response capabilities against external attacks. In our case, CrowdStrike successfully identified and automatically contained a cyberattack launched against our organization.

Our CrowdStrike Falcon integration with our SIEM is proving to be flexible.

The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition. It also excels in external media control, particularly USB access. The ability to disable USB access to flash drives significantly improves security.

Furthermore, Falcon helps identify patches needed for Windows, Mac, and other operating systems. This provides valuable reports and insights into our system vulnerabilities, allowing us to proactively address them.

If CrowdStrike can further expand its support for XDR compatibility, that would give it an edge over all the other competing new products.

I have been using CrowdStrike Falcon for 2 years.

I would rate the stability of CrowdStrike Falcon 8 out of 10.

We've deployed CrowdStrike Falcon across all 3,000 of our endpoints, and it has demonstrated excellent scalability. Therefore, scalability is not a concern for CrowdStrike in terms of performance or its ability to handle growth.

I would rate the scalability a 9 out of 10.

The deployment was straightforward, taking 2 months for 3,000 endpoints. We implemented it directly where needed. The process was simple and easy. We believe this approach offers advantages due to its lower complexity compared to other methods. Careful planning was essential, and with a clear plan for sensor installation, we were able to execute the deployment successfully.

While a third party handled the implementation, the OEM provided us with direct training on Falcon alongside CrowdStrike.

CrowdStrike Falcon has demonstrably provided a positive return on investment. We've already encountered two specific instances where, without CrowdStrike, the company would have faced millions in damages. In one case, we would have likely lost our entire SAP system.

The pricing of CrowdStrike Falcon is competitive.

After evaluating SentinelOne, we found CrowdStrike to be a superior solution. CrowdStrike offers advantages in dashboard compatibility and a feature called Overwatch, which gives it a competitive edge.

I would rate CrowdStrike Falcon 8 out of 10.

CrowdStrike Falcon is deployed in multiple branches across India.

No maintenance is required from our end.

I recommend CrowdStrike Falcon. It is not a solution we need to think twice about using.

We provide a service for our clients with CrowdStrike Falcon. Alerts come into the CrowdStrike Falcon dashboard, and we investigate them based on the process tree and commands running. We check everything for any infections in the host or internal connections. If a threat is confirmed, we place it into the containment section inside Falcon.

CrowdStrike improves our detection capabilities. We use multiple tools like Symantec and this one. CrowdStrike reports on the processes and services, allowing us to investigate forensically. We can conduct a deep analysis and identify the threat at the memory level. We can do more investigation of the process to see where it started and where it is going. We can see the commands running on the backend, CPU utilization, and memory consumption. All of that information is helpful.

CrowdStrike displays a threat score when it detects an infection. This is helpful because not all detections are the same. It will classify them as ransomware, malware, phishing, etc. This feature helps us prioritize and cross-check with other EDR tools.

It's integrated with multiple threat intelligence sources, such as the AbuseIPDB. That integration helps because we can easily cross-check between CrowdStrike and other solutions like an MDR or Azure AD. Hybrid analysis is integrated with CrowdStrike in our environment. There's also sandbox analysis. It's more informative. We perform a routine activity in our test environment where we simulate the process and file.

CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization.

I have used Falcon for more than two years.

CrowdStrike Falcon is a stable solution.

CrowdStrike is scalable. We can query large amounts of data, and the solution responds well, whereas Splunk takes a longer time to perform a search operation.

I rate CrowdStrike support 10 out of 10. They respond quickly and don't take much time to resolve all our issues.

I have used Symantec and Rapid7.

Falcon was already deployed when I started working. It requires some maintenance. We need to make some adjustments for some use cases, or we might need to implement upgrades that require downtime.

CrowdStrike Falcon is expensive because it's based on the number of services.

I rate CrowdStrike Falcon 10 out of 10. It has delivered some good results.

We use it for threat detection and threat hunting.

We are an MSP. We have deployed this in our customer environment, and we use it to detect threats in their environment. It is beneficial for customers to find cybersecurity-related threats on the endpoints.

The out-of-the-box configurations and threat intelligence provided by CrowdStrike are better than other vendors and competitors in this field. It improves our security strategy because we are building threat intelligence on top of CrowdStrike-provided detection.

We are building SIEM use cases on top of the data provided by CrowdStrike. There is reliability, and the response that we get from it is very fast. If any incident happens on the endpoint, it immediately detects that and sends that to our SIEM.

Endpoint security is a very crucial aspect of cybersecurity. Integrating CrowdStrike helps a lot to identify and dig deeper into the threats.

Its integration capability is valuable. It integrates easily with any OS.

They are good at what they are doing, but they can add more use cases. They can improve their documentation. It is a very big aspect where they are lacking. They have documentation, but it is behind the wall of authentication. It is not available publicly.

In terms of features, I would like them to add detailed logging functionality in CrowdStrike. Currently, CrowdStrike detects the threats immediately based on the IOCs and the signature-based policies or many threat behaviors, but in terms of logging those threats, it is not very good. The information that they provide in the logs is very little. They can build more analytics into it. If they can add more information about an event, it will be beneficial for us and everyone else who is using CrowdStrike.

I have been using this solution for four years. I have had hands-on experience with it for about two to three years.

It is a stable product.

I have not interacted with their support team. It is not a part of my job.

I work with multiple vendors, not only CrowdStrike, in the endpoint space, and the CrowdStrike UI is better than others. The response of CrowdStrike is better than other vendors.

It is deployed on the cloud. Its deployment is of moderate complexity. It is not easy, and it is also not difficult. Overall, it is easy to deploy and manage CrowdStrike Falcon across the organization.

I would definitely recommend CrowdStrike Falcon. It is better than other solutions, such as VMware Carbon Black. CrowdStrike is doing better in this space.

If you are using CrowdStrike Falcon for the first time, it will be easy for you. You can definitely use it.

Overall, I would rate CrowdStrike Falcon an eight out of ten.

I'm a security analyst. We get alerts on the cloud side that appear in the CrowdStrike console and also in our email. We can consolidate them on the console and check the process tree. You can see the hostname, user details, and all the information on the right side. On the file part, we can see whether the malicious file has been executed and decode it to see where the hash appears.

I worked with an event-tracking tool before I started working at this company, and any insights that were triggered in that tool would be noted in the infrastructure certificate tool. The information we gather from CrowdStrike will be updated in Azure, so all the information, resolutions, etc. will be added to Azure. We can check the activity and whether the malicious file is being blocked, quarantined, or allowed.

I like Falcon's threat detection and endpoint investigation features. It's a user-friendly solution. We determine the root cause of an alert and contact the end user via our Slack channel if necessary to gather additional information to determine whether they know about the activity. We can download and investigate the malicious file in the sandbox to see what's happening. We check to see if it has been executed. We can easily delete it in the CrowdStrike console if it hasn't.

I have used CrowdStrike for two years.

I rate CrowdStrike Falcon ten out of ten for stability.

I rate CrowdStrike Falcon ten out of ten for scalability.

I rate CrowdStrike support eight out of ten. They respond quickly on weekdays, but the weekend response times are slower.

I'm working on two projects. One is using CrowdStrike Falcon and the other is using Crowdstrike XDR, which is the advanced version.

Falcon is a cloud-based platform so deployment is easy. You only need to deploy the agent to the endpoints, but the data is stored in CrowdStrike.

I rate CrowdStrike Falcon ten out of ten. I would recommend Falcon to others.