I usually work with CrowdStrike Falcon Cloud Security. I work with all the modules, IDP, and the Falcon EDR. My experience with them has been great. I requested information because a customer was about to switch from CrowdStrike IDP to Microsoft ITDR, so I needed to understand the differences and what makes ITDR special. I work as customer support for the majority of banks in Nigeria, supporting their CrowdStrike Falcon Cloud Security implementation. I needed to understand what was making some of them switch from CrowdStrike to ITDR, and the basic reason was cost. In terms of technicality, CrowdStrike Falcon Cloud Security was obviously better, but it was a bit expensive for them.

The typical use case for cloud security varies. Sometimes, rather than using Rapid7 exposure management, some customers use CrowdStrike Falcon Cloud Security to monitor their assets on the cloud, providing insights into vulnerabilities on machines, exposed assets, and misconfigurations.

Compared to before, in respect to breaches and downtime, they have seen significant differences.

Customers love the UI of CrowdStrike Falcon Cloud Security. They appreciate everything about the dashboard and dashlet. The majority of customers particularly love how seamless the integration is - just copy and paste in your AWS terminal and you're good to go.

The threat detection capability of CrowdStrike Falcon Cloud Security has always been the major seller, and it works effectively. Looking at the detection index for the last two years, CrowdStrike Falcon Cloud Security is consistently ranked number one. Then you have MD and Sentinel alternating positions. In terms of threat detection, CrowdStrike Falcon Cloud Security has always been top-notch in how they explain the workflows.

In terms of improvement, CrowdStrike Falcon Cloud Security could expand into the remediation path. While there is the IT security module, looking at competitors such as Vicarious and SCCM, there is room for advanced capabilities. If CrowdStrike Falcon Cloud Security could implement pushing out remediation from the sensor installed on machines, that would be beneficial. This feature is likely in their pipeline, but implementing it faster would help them maintain their competitive edge.

I am a partner with CrowdStrike Falcon Cloud Security.

The initial setup and deployment of the solution is straightforward.

I have seen a return on investment with CrowdStrike Falcon Cloud Security.

CrowdStrike Falcon Cloud Security is relatively new, approximately a year or two old. I have experience working with both CrowdStrike Falcon Cloud Security and Microsoft Defender for Identity.

I work with CrowdStrike Falcon Cloud Security, Falcon LogScale, Observability, and Sandbox. Different teams manage different parts of CrowdStrike's workload protection features.

I rate CrowdStrike Falcon Cloud Security 9 out of 10 overall.

We mostly use CrowdStrike Falcon Cloud Security for different clients across the globe, and we have installed all the agents on most machines to monitor each and every employee, along with laptops and servers in AWS. We are the core monitoring staff with a SOC where we monitor for viruses, malware, and to remove harmful files. Our primary use cases involve monitoring miscellaneous activities.

I have been using CrowdStrike Falcon Cloud Security's workload protection features because it's a very lightweight agent. Its detection speed is remarkable compared to other tools on the market, including Trend Micro. CrowdStrike Falcon Cloud Security is user-friendly and provides detection transparency, allowing us to present real-time documentation to our executives clearly explaining any detected issues.

Workload protection features influence our security strategy significantly, particularly by blocking any suspicious activities on public-facing servers and generating immediate notifications for us to act upon. It helps in quickly identifying whether potential issues need to be whitelisted or blocked, and assists in troubleshooting when applications trigger false alerts due to bugs.

The most valuable capabilities of CrowdStrike Falcon Cloud Security relate to preventing attacks caused by human error, such as when someone plugs in a USB device or downloads something without caution. It automatically blocks duplication and activities that could result in data loss, effectively preventing unintended copying of data to personal devices.

Deduplication prevention is definitely the most valuable feature.

CrowdStrike Falcon Cloud Security excels in threat detection with a vast investigation structure, allowing us to verify suspicious activities to identify root causes. It helps us trace back to the origin and fix issues, making it a user-friendly tool for this kind of detection.

CrowdStrike Falcon Cloud Security is built on AI and ML technology, enabling it to detect various threats and block suspicious activities immediately, which is particularly effective compared to traditional AVs and EDRs.

The analytics provided by CrowdStrike Falcon Cloud Security is key for maintaining a proactive security posture. Its AI and ML foundations offer extensive information on threats and suspicious activities, making it renowned for analysis in the industry.

The improvements needed for CrowdStrike Falcon Cloud Security include reducing its high cost, which is currently quite expensive, and enhancing the executive reports that are user-friendly for technical engineers but require improvement for higher management.

More detailed and granular reports would be beneficial for better executive comprehension.

I have been using CrowdStrike Falcon Cloud Security for more than eight to nine years, but for the past two years, I have not been using it much because I moved into a different domain.

When evaluating the stability of CrowdStrike Falcon Cloud Security, their partnerships with all major cloud service providers ensure their servers are optimally positioned, leading to no latency or stability issues that I have observed.

CrowdStrike Falcon Cloud Security is indeed highly scalable, ideally for enterprises with a minimum of 2,000 servers to ensure cost efficiency and easier setup.

CrowdStrike Falcon Cloud Security is primarily suited for larger enterprises and not for small or medium companies.

I have a very good in-house team of about 20 to 30 people working with CrowdStrike Falcon Cloud Security, and we maintain excellent communication with their technical support, resolving any issues immediately without complaints on technical aspects or delays.

Based on my experience with CrowdStrike Falcon Cloud Security's technical support, I would rate them a solid 10 out of 10.

Positive

With 19 years of experience in the industrial field, I have also used technologies such as BigFix, Ivanti, Qualys, and I am considering reviewing Tenable, Ivanti Endpoint Manager, Ivanti Security Control, Tanium, and others, including HCL BigFix and Qualys Patch Management.

I participated in the initial setup and deployment of CrowdStrike Falcon Cloud Security.

The implementation plan I typically follow involves multiple installation methods, one being agentless via AD to push agents, and the other using patching tools such as Ivanti and BigFix. This process can take around 15 to 20 days for 2,000 to 3,000 servers or endpoints due to its user-friendly cloud-based configuration.

During the initial setup, I faced some false alerts due to older versions of some applications we used, which may exhibit atypical behavior. Normalizing these false alerts generally takes around one to two weeks after the initial installation to resolve and ensure smooth operation.

Our company has a partnership with CrowdStrike, so we are one of their partners, and that is how we acquired CrowdStrike Falcon Cloud Security. I bought it directly from CrowdStrike.

Some of our customers purchase CrowdStrike Falcon Cloud Security directly from CrowdStrike while others purchase it via AWS Marketplace or other marketplaces.

More than 12 million vulnerabilities have been identified and resolved while working with CrowdStrike Falcon Cloud Security over the past 10 years, which I have been monitoring diligently. This figure reflects the work done not only by me but also collectively with about four customers in one single console, giving a complete picture of our efforts.

The cost of CrowdStrike Falcon Cloud Security is currently quite high, which is an area that needs improvement, particularly for the executive reports that are user-friendly for technical engineers but require enhancement for higher management.

With 19 years of experience in the industrial field, I have used technologies such as BigFix, Ivanti, Qualys, and I am considering reviewing Tenable, Ivanti Endpoint Manager, Ivanti Security Control, Tanium, and others, including HCL BigFix and Qualys Patch Management.

I use CrowdStrike Falcon Cloud Security internally in my company. CrowdStrike Falcon Cloud Security is recognized for its reliability, and I can guarantee they are very reliable. My overall rating for CrowdStrike Falcon Cloud Security is 8 out of 10.

I am working for an MSSP. We use CrowdStrike on a daily basis for different clients across the globe for security purposes and for monitoring and remediating threats.

We have installed agents on the machines of employees in different organizations. We monitor their activities and block several applications. For example, if an organization does not want its employees to use WhatsApp on company-provided laptops, we block such applications. We also monitor malicious activities. If an employee downloads a file from the internet that is not legitimate, such as a virus or malware, we connect to the machine, remove all the files, and run different scans to ensure nothing is harmed.

Additionally, we use it for inventory purposes. At the end of the year, for audit and compliance, I gather information about how many devices, servers, and workstations we have and what their types are.

It helps us by automatically blocking certain applications or activities. We can prevent employees from copying data or attaching any personal USB devices to company machines, thus avoiding malware transfer or data theft. We can block USBs and unwanted applications. It automatically blocks and remediates malicious activities, so we do not have to do regular checks.

For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower. There are no bugs because they release updates continuously. We highly appreciate that, but during hunting or running a query on different logs, the time frame has increased in the past six months. It takes longer to give us the results.

Another issue is the lack of proper documentation. During investigations, there is no proper documentation available. This is a problem because many people are saying there should be proper documentation explaining what CrowdStrike captures from the machine and the meaning of it.

I have been using it for more than three years.

It is stable, but sometimes it shows instability. Occasionally, when the workload increases, it slows down considerably and sometimes becomes unresponsive. I would rate it a seven out of ten for stability.

It is quite scalable. I would rate it an eight out of ten for scalability.

It is deployed across multiple departments and multiple locations. Some people are in one country, and some are in another country.

I have contacted customer service, and they are fast. I have had a good experience with them.

Positive

We have some clients not using CrowdStrike due to cost or other factors. In our opinion, CrowdStrike is the best solution, which is why we recommend it to our clients. Almost 90% of our clients who receive our services use CrowdStrike. Its users include various organizations such as banking, financial, and other organizations.

Over the past three years, more than ten clients have purchased it. Some are using all of its features, and some are using fewer features depending on the budgets and requirements.

It is straightforward, but sometimes, we have difficulties with installing the agents on some machines. It happens quickly, but sometimes it takes a few minutes. It depends on the infrastructure and the machine.

The deployment duration depends on the organization. If the organization is big, it takes a large amount of time. If it is a small one, it is real quick.

The implementation strategy is to use automated scripts that run on the cloud. This automatically reflects changes across thousands of machines.

It does not require any maintenance.

We implement it ourselves.

Compared to other EDRs, CrowdStrike is expensive. However, the main point is that even though it is expensive, it provides a huge capability to the organization. It is expensive, but it adds value.

I would recommend it because it is the best one I have ever used. It has greatly helped me improve my investigative skills in my job. I have gained a lot of skills by using this product. 

Overall, I would rate it a seven out of ten.

We are using CrowdStrike Falcon for endpoint protection across the organization.

I think the UI could be improved, but the technical support said CrowdStrike will improve the UI in the near future. But right now, it’s so messy.

We have been using it maybe since last year.

It's stable, and we already forgot—it just installed and forgot.

Technical support is quite good. We can just WhatsApp the technical easily.

Positive

This is our first time using CrowdStrike.

It's easy to implement the product and we are already up and running in five minutes.

The pricing is still manageable. I think it's about five or six thousand per year. No additional cost for maintenance or support; it's all included in the quotation.

I don’t know if I need to recommend it. I think the overall solution should be rated a ten out of ten.

We are a small company using CrowdStrike Falcon Cloud Security for next-generation endpoint security and antivirus protection. We do not have dedicated threat hunters on the platform and primarily use it for endpoint protection.

CrowdStrike Falcon Cloud Security helps us ensure that our endpoints are protected, which was essential for achieving the Cyber Essentials Plus certification. It also allows us to demonstrate to partners that we are diligent about protecting both our data and theirs.

The most effective feature is the machine learning aspect, which detects unauthorized scripts and potential data exfiltration. It provides alerts on suspicious command executions, helping us safeguard our systems.

The user interface needs improvement as it's sometimes difficult to locate specific dashboards or reports. Simplifying the naming of elements in the UI could make it easier and more intuitive for users.

We have been using the solution for about six months.

I recommend CrowdStrike Falcon for companies of all sizes, from small businesses like ours to some of the largest companies in the world.

We do not expect to get a direct ROI. It is an expense we are willing to pay to conform to Cyber Essentials Plus and demonstrate responsibility in protecting our data and that of our partners. It also helps in mitigating third-party risks.

The pricing for CrowdStrike Falcon Cloud Security is reasonable, especially for small companies with limited budgets. It is essential for achieving Cyber Essentials Plus and is cheaper than solutions like Splunk for Next Gen SEAM.

CrowdStrike Falcon Cloud Security is not recommended for highly sensitive data environments, such as government intelligence services, where cloud products might not be suitable.

I'd rate the solution nine out of ten.

I have been using CrowdStrike Falcon Cloud Security extensively for maintaining endpoint security. It is mainly used to protect systems against malicious binaries. In our cloud environment, we use it by deploying agents on our cloud instances operating in AWS and GCP to protect these instances from malicious binaries.

The solution has significantly enhanced our incident response times when dealing with malware or possible malicious file activities. It allows me to log into machines and pull copies of suspected files, eliminating the need to physically obtain the machines for analysis.

The most valuable features are the real-time response, which allows me to log into a machine to pull files and check signatures for malicious activities, and the ability to restrict USB block storage usage on endpoints by policy.

There is room for improvement in the solution's ability to handle Linux systems. It does well for Windows, but it relies on binary scanning for Linux and lacks comprehensive rules for detecting suspicious behavior. I have had to develop my own custom rules in CrowdStrike for Linux.

I have been using this product extensively for about the past four years.

Apart from the recent media attention for causing some instability worldwide, the solution is quite stable and I haven't had any major concerns.

The solution scales very well, with the only limitation being the licensing purchased.

I have used Carbon Black extensively in the past.

The initial setup is mostly straightforward. They provide a simple way to deploy the endpoint, simplifying the installation process for users.

The solution is quite expensive. The pricing fluctuates based on various factors such as company size, and there is room for negotiation, but it is generally expensive enough that most midsize companies find it difficult to afford.

I would advise first-time users to monitor the number of endpoints regularly to ensure they are checking in. Additionally, they should add custom detections for Linux to identify unexpected behaviors, as the default detection for Linux is not very comprehensive.

I'd rate the solution nine out of ten.

I sell and resell CrowdStrike Falcon Cloud Security as part of my company's cybersecurity portfolio for endpoint detection platforms.

CrowdStrike Falcon Cloud Security assists in detecting malware and provides effective security solutions without the need for hardware servers, saving resources on infrastructure.

I find the easy installation process, quick detection capabilities, and the cloud-based console very useful for this solution.

CrowdStrike had a significant issue with Windows integration two months back. The pricing is very high and should be improved.

I have been working with and reselling CrowdStrike Falcon Cloud Security for five years.

CrowdStrike Falcon Cloud Security is very stable, and I would rate it at ten out of ten for stability.

CrowdStrike Falcon Cloud Security is scalable. I would rate its scalability as seven out of ten.

The technical support is very easy to reach and helpful; I would rate it as ten out of ten.

Positive

My company is an integrator, and I handle the deployment and implementation process personally.

The pricing of CrowdStrike Falcon Cloud Security is very high, and I would rate the current pricing as four out of ten.

I also work with Microsoft and ESET as part of my company's cybersecurity portfolio for endpoint detection platforms.

I recommend CrowdStrike Falcon Cloud Security because it provides excellent services for endpoint security and is very effective as a security solution.

I'd rate the solution nine out of ten.

We primarily use CrowdStrike Falcon Cloud Security as an XDR (Extended Detection and Response) solution, focusing on antivirus and malware protection.

It has been effective in protecting against common virus alerts, operating as a reliable security measure.

The most valuable feature is the auto-detection capability for threat hunting and issuing advisories on remedies.

The main area for improvement is pricing, as it is quite expensive. We are also curious about how it will interact with other AI tools, however, we have not encountered any limitations.

I use the solution lightly, not extensively.

It has been stable, with no observed glitches.

The solution is scalable enough, as we are managing more than 4,000 endpoints.

The customer support is very good, earning a rating of nine out of ten.

Positive

The initial setup is straightforward as it is cloud-based and one person is sufficient for installation.

We are budget-conscious and look for cost-effective solutions that can do the job efficiently.

Pricing is expensive. That said, if it does the job and is cost-effective, we go for it.

I'd rate the solution eight out of ten.

CrowdStrike Falcon is used primarily to enhance cloud security through a lot of automation in the platform. It provides benefits like automation, efficacy, and lower risk, allowing security analysts to focus on high-value tasks.

By deploying CrowdStrike Falcon, the organization can repurpose security analysts to focus on more high-value tasks due to the automation. It also optimizes on licensing because CrowdStrike covers a significant number of capabilities, which allows for the replacement of several vendors, thus reducing licensing and labor costs.

The most valuable features of CrowdStrike Falcon include its automation capabilities, efficacy, and lower risk. It also helps optimize on licensing since it covers a wide range of capabilities.

The SIEM needs to be more developed. Additionally, AI features could be enhanced.

I have been using the solution for only one year.

On a scale of one to ten, the stability of CrowdStrike Falcon Cloud Security is nine.

CrowdStrike Falcon is very scalable. I would rate its scalability as nine out of ten.

As far as I know, the technical support for CrowdStrike is rated as another nine out of ten.

Positive

One person from the partner side and two people from the customer side are usually involved in the installation process.

One person from our side and about one or two people from the customer's side are generally involved.

CrowdStrike Falcon is definitely affordable compared to competitors in the market. On a scale of one to ten, I would rate the pricing as eight out of ten, indicating some room for improvement.

I'd rate the solution nine out of ten.

We like the solution's management and monitoring tools for our network. We use it to monitor our network between workstations and outside our organization. The AI provides useful visualizations of our network on a dashboard.

The tool is expensive. 

We started using the product early this year.

CrowdStrike Falcon Cloud Security is very expensive for us. Last month, we had a big issue that took much time and money to resolve. It slowed down our business and required our management team to get involved. We had a problem similar to the "Blue Screen of Death" issue many US companies faced. This incident used up many of our IT resources in just a few months. That's why we're looking for a replacement tool now.

It costs us about 400,000 US dollars, and we also spend about 10,000 US dollars more on other security products. 

I rate the solution as one out of ten. We must replace this software. We plan to buy a replacement for it as soon as possible.