CrowdStrike Falcon Endpoint Protection
CrowdStrikeExternal reviews
408 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Compared to other Commercial Endpoint solutions Falcon has superior technology and it is hassle free
What do you like best about the product?
features like Threat actors details, network quarantine capabilities, malware execution map & Dashboard
Threat actors database.
Dashboard filtering capabilities and eliminating falsepositives with just a click.
RBAC (role based access control) features enables high security towards authentication.
Email alerts is helpful for rapid threat response to aviod potential security incident.
Intergration capabilities with ITSM tools is an added advantage.
Threat actors database.
Dashboard filtering capabilities and eliminating falsepositives with just a click.
RBAC (role based access control) features enables high security towards authentication.
Email alerts is helpful for rapid threat response to aviod potential security incident.
Intergration capabilities with ITSM tools is an added advantage.
What do you dislike about the product?
Initially, eliminating the false positives and purging them is time-consuming. Agent deployment for Windows flavored OS is easy. But for a Linux-based system, it is a tedious task.
Extracting logs or report for troubleshooting should be even more used readable. I liked the Dashboard, but Falcon can still improve a few automation to eradicate known false positives.
Main Disadvantage: Active endpoint scanning is not possible CrowdStrike only analysis the network traffice and behaviour with in the system. Falcon should introduce quick scan and full scan features to over come this disadvantage.
Duplicate alerts and related ITSM tickets are a problem with falcon, In my experience I have experienced Crowdstrike reporting multiple alerts for same issue. This results in huge number of ticket creation (If Intergrated with ITSM) or large amount of emails spamming your Inbox.
Extracting logs or report for troubleshooting should be even more used readable. I liked the Dashboard, but Falcon can still improve a few automation to eradicate known false positives.
Main Disadvantage: Active endpoint scanning is not possible CrowdStrike only analysis the network traffice and behaviour with in the system. Falcon should introduce quick scan and full scan features to over come this disadvantage.
Duplicate alerts and related ITSM tickets are a problem with falcon, In my experience I have experienced Crowdstrike reporting multiple alerts for same issue. This results in huge number of ticket creation (If Intergrated with ITSM) or large amount of emails spamming your Inbox.
What problems is the product solving and how is that benefiting you?
I have mostly been a Security Analyst. I have investigated alerts reported by Falcon. In a nutshell, we used Crowdstrike for Managing all the endpoints used for business.
Benefits- Real-time status and statistics, since using dashboard one can control the agents so in terms of incident response one can network quarantine a system (if found with malware) with just a few clicks using central Dashboard.
This feature will surely help restrict ransomware from spreading across systems.
Benefits- Real-time status and statistics, since using dashboard one can control the agents so in terms of incident response one can network quarantine a system (if found with malware) with just a few clicks using central Dashboard.
This feature will surely help restrict ransomware from spreading across systems.
Recommendations to others considering the product:
The product is futuristic and will surely add multiple automation over the period. But for Endpoint Detection and Response (EDR). I would recommend CrowdStrike as the market's Pioneer.
Its a very good experience of using CrowdStrike.
What do you like best about the product?
The User interface, detection details, crowdstrike support
What do you dislike about the product?
There is nothing specifically to be said.
What problems is the product solving and how is that benefiting you?
I supported CS support multiple times and they have resolved all my issues.
Recommendations to others considering the product:
Its very advisable to people as its a best EDR in market.
Product is very good ... but interface is bit old
What do you like best about the product?
Perfect is all manner other then support and sales team
What do you dislike about the product?
Support & sales teams are not that supportive and response
What problems is the product solving and how is that benefiting you?
Software it self is pretty much mature and works perfect performance wise
It's a great tool with detailed logs and good detection capabilities
What do you like best about the product?
EDR is the best it's great capability of alert mechanism
What do you dislike about the product?
Sometimes , Crowdstrike does not give a detailed report on registry changes
What problems is the product solving and how is that benefiting you?
All malware are safely terminated
Crowdstrike Falcon - A lightweight agent with superb EDR capabilities and easy management
What do you like best about the product?
The agent is extremely lightweight and it never takes huge resources on the system. Management is extremely easy with easy dashboard. The alerts are extremely well detailed, so any L2 system administrator can understand them and take appropriate actions starting from marking them as malicious or false positive, quarantining the alert to network containing the host. If you are still on conventional AV, switch to Crowdstrike EDR for the best secured experience. It is also one of the leaders in Gartner magic quadrant.
What do you dislike about the product?
The threat advisory part is a little hard to understand for the L2 administrators. So it can be simplified into different attacks and their hashes and ioc which can be blocked easily across the organisation. Its again not a part to dislike but still something which can be improved or modified based on my personal choice.
What problems is the product solving and how is that benefiting you?
Endpoint and host security real time device level log analysis and threat behaviour with seamless machine learning analysis. These capabilities lacked in a conventional antivirus product which was entirely dependent on virus definition signature. With crowdstrike edr, each amd every system event is being analyzed which prevents in the origin of a malicious event.
Recommendations to others considering the product:
Switch to Crowdstrike edr for seamless security and event monitoring. It is a single pane of glass to manage host security instead of depending on a range of products like threat prevention, web filter, firewall etc. which takes up unnecessary resources on system.
Great Tool for Endpoint Protection
What do you like best about the product?
How efficiently and effectively it captures the process details and changes made in the endpoint. It captures detctions and co-relate them though time and presents the detection and a very details graph as well as provides details process tree. Also it is really easy and simple to deploy through out the network. Writing custom rules and blacklisting and whitelisting is fairly simple as well.. It proivdes great protection from zero-day attacks as well as know APT groups. Integration with log collection tools like SIEM & UEBA tools is fairly simple and effective. The Overwatch detection functionality support is also a gem.
What do you dislike about the product?
The crowdstrike console looks a bit congested. A lot of information is put on a single screen. Another reason for someone to opt for other EDR solution would be the price, Crowdstrike as a solution is little bit on the expensive side
What problems is the product solving and how is that benefiting you?
We are utilizing EDR for real-time detections and protections. Also we are utilizing for threat management, zero-day covergae. Also it also help in Asset Management. Threat Hunting can also be performed very effectively using Crowdstrike.
Recommendations to others considering the product:
If we are looking for andy EDR solution, crowdstrike should defenitely be an option because it can not only be an EDR piece but can remove the requirement for a seperate AV solution all together. The Threat detection and the Thret Hunting module really adds up a lot value to the overall security controls in the environment.
The next gen cloud based AV that works
What do you like best about the product?
We have been pleased with the capabilities of the product as well as the ease of installation of the agents that does not require a reboot affecting production. Support has been great and the analytics from the product provides great insights. Policies and groups are easily managed. The control and insights you get from your endpoint is great! The sandboxing feature is also a favorite feature to talk about. The ability to hunt, search, and monitor malware as well as tracing the instrusion makes this product stand out alot. Since Crowdstrike analyzes and stops similar threats from all customer's devices, it builds a big repository to harden security and prevention. The graphs and charts makes it easy to understand and to see where the trends are for Indicators of Attacks.
What do you dislike about the product?
All the modules are not free and that's understandable. Each module does a specific task and requirement based on your needs.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon Endpoint Protection helped us gain better visibility in our network and helps us with the intrusion through the ML prevention methods and expert review of our metadata for recommendations of prevention. The sandboxing capability as well as the malware hunt is great.
Recommendations to others considering the product:
Ask for a demo and test it out to see if it's suitable for your environment.
Best NextGen Antivirus I used
What do you like best about the product?
Install and forget about it. 90% of the tasks prevent anything malicious. Hats off to the developers on studying the patterns and implementing such machine learning algorithms.
What do you dislike about the product?
With CrowdStrike I don't have the ability to scan the system on demand.
What problems is the product solving and how is that benefiting you?
Prevention even before the Virus enters the system.
A great AV for small and large businesses alike
What do you like best about the product?
For our purposes since we do not have a NOC team, I like the relatively hands-off approach you can take with this. It does require an initial setup, and as the central Falcon page updates with more features, and/or if your configuration of Crowdstrike's recommended settings doesn't match what you have set, they'll send you emails about what to turn on and off, or raise or lower how aggressive the AV is acting or reporting. They'll even call you and remote share your screen so they can give you tips about the UI and what to look for. There is some self-management involved; you need to be able to make sure your sensors are up to date and keep an eye out for malicious activity, and if you have EDR, investigate the root cause.
What do you dislike about the product?
I dislike the UI to be honest. I think navigating to some of the pages isn't intuitive and needs to be cleaner and easier to get to. There are some elements that make little sense as far as where you need to go to look up a certain report, and when they told me I needed to go to Legacy dashboards to find something they wanted me to frequent, I thought that was odd. Also, it has a dark theme but it only works on the main page--once you start going into sub-navigation it returns white.
What problems is the product solving and how is that benefiting you?
we're solving the problem of not having to be too hands on with making sure agents are up to date (not having to worry about signature updates failing on a lot of computers, for example). Sometimes agent sensors don't update properly but there is a good report for seeing which ones haven't updated and rectifying it is easy. The benefit is it gives us a better sense of security so we can focus on other tasks without having to invest too much time into micromanaging devices.
CrowdStrike Falcon Review
What do you like best about the product?
CrowdStrike ability to move into the NextGen AV & Malware Detection.
What do you dislike about the product?
I would like to see a remediation scanner added to CS falcon to have the ability to clean up leftover art facts that get left behind .
What problems is the product solving and how is that benefiting you?
The CS Falcon has become a full replacement for the EOL Symantec SEP console.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
CrowdStrike does a fantastic job at prevention policies and real time monitoring.
Recommendations to others considering the product:
They are moving in the right directions for the NextGen EDR solutions..
showing 151 - 160