I deal with endpoint security, firewall, and XDR solutions. I use Sangfor and work with Trend Micro and CrowdStrike. I use CrowdStrike Falcon for enterprise companies, which is what I typically recommend.
CrowdStrike Falcon Endpoint Protection
CrowdStrikeExternal reviews
408 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Strong Protection with a Few Trade-Offs
What do you like best about the product?
What I appreciate most about CrowdStrike Falcon is its robust protection combined with minimal operational overhead. The software runs efficiently on endpoints, yet still delivers highly effective detection and response capabilities against modern threats. I also find the visibility it offers to be valuable. The alerts are comprehensive, making investigations more straightforward, and the timeline feature allows us to quickly grasp incidents and respond accordingly. Overall, it enables our security team to react more swiftly without the need for constant agent management.
What do you dislike about the product?
The primary downside is the expense, particularly when additional modules are required. Setting up the system initially can be time-consuming as it takes effort to minimize unnecessary alerts. Additionally, the investigation workflow may be challenging for newcomers, as it comes with a learning curve.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon assists us in detecting and stopping endpoint threats such as malware and ransomware, allowing us to respond swiftly. It provides us with clear visibility, enables faster investigations, and offers centralized control, making it easier to contain incidents while reducing the amount of operational effort required.
Effortless Protection with User-Friendly Interface
What do you like best about the product?
Crowdstrike falcon is a multi feature edr platform that replaces traditional antivirus platforms using a single light weight agent. Its menu navigation is very user friendly and clear. The agent in a single file installation and implementation which can be performed within 30 minutes or less. The EDR module protects the workstations within the end users day to day functions and can be further used freqently for scanning stand alone devices such usb drives, pen drives, etc.
What do you dislike about the product?
The cost is towards the high end even for corporates compaied to most top tier edr products and the behavioral AI tends to cause false positives at times
What problems is the product solving and how is that benefiting you?
The Agent stops invisible attacks where the attackers use fileless malware, stolen credentials and powershell commands that dont leave fingerprints. The behavioral indicators of attack is used by Crowdstrike for isolating zero day attcks where threat has not been seen as yet and further most other competitive edr platform suites are notoriously heavy on processing power, ram usage, disk usage and other resource consumption the falcon uses an all-in-one single light weight agent which is under 50MB on the workstation agent and the rest of the processing done on cloud. This is a huge plus for corporates where it does not take additional capex for upgrading workstations for runnning the agent.
Unified Detection and Lightweight Performance with High-Precision AI
What do you like best about the product?
Unified detection ,prevention and Response.
High Precision detection through AI.
Light Weight and low resource impact
High Precision detection through AI.
Light Weight and low resource impact
What do you dislike about the product?
More support required for Fusion SOAR operations
What problems is the product solving and how is that benefiting you?
Detecting Sophisticated Threats Beyond Traditional Signatures
Enabling Real-Time Visibility and Action Across Endpoints
Improving Threat Hunting and Expert Analysis
Enabling Real-Time Visibility and Action Across Endpoints
Improving Threat Hunting and Expert Analysis
A must to have EDR solution in the Infrastructure
What do you like best about the product?
CrowdStrike Falcon have user friendly dashboard, have a stable agent, gives less false positives, provides detailed analysis of the incident and it is very feasible to integrate with other tools.
What do you dislike about the product?
I don't see something to dislike other than the bizarre incident that happened last year. Other than that cost is a factor to dislike, but it is worth the money I would say.
What problems is the product solving and how is that benefiting you?
With the traditional antivirus going obsolete, EDR solution is what is replacing those and with CrowdStrike threat analysis feature, it is giving very much detailed analysis for any threats, proactive alerts and ultimately creating a safe and secure infrastructure.
Proactive threat hunting has improved breach prevention and now provides deeper endpoint visibility
What is our primary use case?
How has it helped my organization?
CrowdStrike Falcon has helped my customers predict and prevent potential breaches because of its proactive approach.
What is most valuable?
The most valuable features in CrowdStrike Falcon are its AI capabilities. The lightweight agent has a positive impact on system performance and visibility through ease of use. I utilize its Threat Graph for threat hunting.
What needs improvement?
To improve my recommendation to a perfect score, I would focus on better selling skills and improved integration with different vendors.
For how long have I used the solution?
I have been working with CrowdStrike Falcon for approximately five years.
Which solution did I use previously and why did I switch?
I have previously worked with a Total Information Management Corporation solution.
Which other solutions did I evaluate?
I work with competitors as well, and there is good competition to Sangfor at the moment.
What other advice do I have?
I have experience with these products from prior use. I work with security vendors and some of my customers use Trend Micro and CrowdStrike as well. My experience has been positive and I have been satisfied. The pricing might be a little expensive, but I find it cost-effective. I do not find CrowdStrike Falcon to be the most expensive when comparing pricing with competitors. I would rate this solution an 8 out of 10.
Active, Easy & Great to Manage
What do you like best about the product?
The platform provides quick responses to incidents and offers detailed insights into potential risks. Its portal is user-friendly, and deployment across an enterprise company is straightforward.
What do you dislike about the product?
Uninstalling the application can sometimes be a bit challenging, as the process is quite manual. This is often necessary when troubleshooting issues.
What problems is the product solving and how is that benefiting you?
Safeguard your devices from real-time threats, no matter where they are in the world. This solution offers protection for thousands of devices on a global scale.
Effortless Security with Real-Time Protection and Clear Insights
What do you like best about the product?
I like how CrowdStrike Falcon is easy to use and works in the background without slowing down the system. It provides real-time protection against various types of cyber threats, and the cloud-based setup makes it simple to manage. The platform also gives clear reports and insights, helping to quickly spot and fix security issues.
What do you dislike about the product?
While CrowdStrike Falcon is effective, it can sometimes generate false positives, which may require extra time to review and resolve. Additionally, the pricing can be on the higher side, especially for smaller businesses or those with many endpoints.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon solves the problem of protecting endpoints from a wide range of cyber threats, such as malware, ransomware, and phishing attacks. It helps by providing real-time threat detection and automatic responses, reducing the risk of a security breach. This benefits me by ensuring that our systems stay secure without manual intervention, saving time and reducing the workload on the security team.
Highly Secure with Room for Interface Improvement
What do you like best about the product?
I like CrowdStrike Falcon Endpoint Protection Platform because it is highly secure, which gives me confidence that my endpoints are well protected against cyber threats. The ease of implementation is another aspect I appreciate, making the setup process straightforward once I understood the necessary steps.
What do you dislike about the product?
I find the management interface of the CrowdStrike Falcon Endpoint Protection Platform to be less user-friendly than I would like. It could benefit from improved intuitiveness and ease of use. Furthermore, the metrics that CrowdStrike provides are somewhat cumbersome when it comes to setting up direct alerts. This complexity can hinder timely responses to potential threats, impacting overall user experience. It feels like there is room for enhancing the overall user experience to make it more straightforward and efficient.
What problems is the product solving and how is that benefiting you?
I use CrowdStrike Falcon Endpoint Protection Platform to secure my endpoints from cyber threats and unauthorized access.
Lightweight, Accurate, But Challenging Query Language
What do you like best about the product?
CrowdStrike Falcon has been one of the most dependable EDR platforms I’ve used. The agent is extremely lightweight, which makes a big difference in keeping system performance smooth. Its detection accuracy is consistently strong and really helps us stay ahead of threats. The asset discovery feature is one of my favorites—it gives us clear visibility into what’s actually running in our environment and makes managing assets much easier. The built-in vulnerability assessment is also very reliable and helps us quickly identify and prioritize issues. Overall, the platform’s defensive capabilities and real-time protection give us a strong sense of confidence in our media security.
What do you dislike about the product?
The biggest challenge for me has been CrowdStrike’s query language. Coming from Splunk, which is more intuitive and easier to work with, the transition feels unnecessarily difficult. Having to juggle different syntaxes—CrowdStrike, Splunk, SIEM tools, Defender—slows things down and interrupts the workflow when I’m trying to run quick searches or investigations. Better documentation or easier mapping to familiar query formats would help a lot.
What problems is the product solving and how is that benefiting you?
CrowdStrike gives us a strong, lightweight, and effective layer of endpoint protection. It improves our visibility, strengthens our defenses, and helps us detect and respond to threats much faster. It also makes vulnerability management more efficient, which is a big plus for maintaining a secure media environment.
Transparent and Robust Solution That Delivers
What do you like best about the product?
The transparency and robustness of the platform
What do you dislike about the product?
The updates are a little disruptive at times
What problems is the product solving and how is that benefiting you?
Phishing and xsxripting
showing 11 - 20