Powerful and Feature-Rich, Yet Pricey
What do you like best about the product?
As marketed, complete protection from code to cloud, ideal for organizations of all sizes - highly efficient with minimal false positives. I found the interface to be very user-friendly and gives insightful data in any alert, which helps to investigate the incidents easily, and the ease of integration with AWS.
What do you dislike about the product?
While it is feature-rich but you have to consider that pricing is a bit on the higher side (even more if you request a custom quote), I highly doubt if small orgs would be able to afford it while being suitable at the same time. Also, you might face a higher learning curve if you are not well-versed in similar security tools.
What problems is the product solving and how is that benefiting you?
Mainly threat detection & protection, Cloud Security with AWS, and Cloud Misconfigurations identifier
Boosts security by automatically blocking applications or activities, but query responses have been slower recently
What is our primary use case?
I am working for an MSSP. We use CrowdStrike on a daily basis for different clients across the globe for security purposes and for monitoring and remediating threats.
We have installed agents on the machines of employees in different organizations. We monitor their activities and block several applications. For example, if an organization does not want its employees to use WhatsApp on company-provided laptops, we block such applications. We also monitor malicious activities. If an employee downloads a file from the internet that is not legitimate, such as a virus or malware, we connect to the machine, remove all the files, and run different scans to ensure nothing is harmed.
Additionally, we use it for inventory purposes. At the end of the year, for audit and compliance, I gather information about how many devices, servers, and workstations we have and what their types are.
What is most valuable?
It helps us by automatically blocking certain applications or activities. We can prevent employees from copying data or attaching any personal USB devices to company machines, thus avoiding malware transfer or data theft. We can block USBs and unwanted applications. It automatically blocks and remediates malicious activities, so we do not have to do regular checks.
What needs improvement?
For the past six months, we have been facing some issues. Because it is a cloud-based infrastructure, it has been getting slower. There are no bugs because they release updates continuously. We highly appreciate that, but during hunting or running a query on different logs, the time frame has increased in the past six months. It takes longer to give us the results.
Another issue is the lack of proper documentation. During investigations, there is no proper documentation available. This is a problem because many people are saying there should be proper documentation explaining what CrowdStrike captures from the machine and the meaning of it.
For how long have I used the solution?
I have been using it for more than three years.
What do I think about the stability of the solution?
It is stable, but sometimes it shows instability. Occasionally, when the workload increases, it slows down considerably and sometimes becomes unresponsive. I would rate it a seven out of ten for stability.
What do I think about the scalability of the solution?
It is quite scalable. I would rate it an eight out of ten for scalability.
It is deployed across multiple departments and multiple locations. Some people are in one country, and some are in another country.
How are customer service and support?
I have contacted customer service, and they are fast. I have had a good experience with them.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We have some clients not using CrowdStrike due to cost or other factors. In our opinion, CrowdStrike is the best solution, which is why we recommend it to our clients. Almost 90% of our clients who receive our services use CrowdStrike. Its users include various organizations such as banking, financial, and other organizations.
Over the past three years, more than ten clients have purchased it. Some are using all of its features, and some are using fewer features depending on the budgets and requirements.
How was the initial setup?
It is straightforward, but sometimes, we have difficulties with installing the agents on some machines. It happens quickly, but sometimes it takes a few minutes. It depends on the infrastructure and the machine.
The deployment duration depends on the organization. If the organization is big, it takes a large amount of time. If it is a small one, it is real quick.
The implementation strategy is to use automated scripts that run on the cloud. This automatically reflects changes across thousands of machines.
It does not require any maintenance.
What about the implementation team?
We implement it ourselves.
What's my experience with pricing, setup cost, and licensing?
Compared to other EDRs, CrowdStrike is expensive. However, the main point is that even though it is expensive, it provides a huge capability to the organization. It is expensive, but it adds value.
What other advice do I have?
I would recommend it because it is the best one I have ever used. It has greatly helped me improve my investigative skills in my job. I have gained a lot of skills by using this product.
Overall, I would rate it a seven out of ten.
Most effective edr tool I have used till now
What do you like best about the product?
Using host and ip investigation feature on my day to day task in investigating incident, sandbox is also a great feature to deal with malicious files and network containment is by far the most used and helpful features security wise I think
What do you dislike about the product?
Need to improve commands that we can use after connecting with the host and also there should be demo videos page in the portal to help in certain times
What problems is the product solving and how is that benefiting you?
It is definitely effective in client security, scanning of client in real time, malicious process program and file injection can be monitored, also network containment in case of a threat is a great to have as an security admin
Provides good Cloud security, and stability, but the documentation has room for improvement
What is our primary use case?
We use CrowdStrike Falcon Cloud Security to manage our clients' cloud environments. It provides us with a unified view of all their cloud configurations, across different cloud providers. This allows us to identify security weaknesses, improve their overall security posture, and ultimately limit potential attacks on their systems.
Our CrowdStrike Falcon Cloud Security deployments vary, with some clients utilizing hybrid models, but the majority leverage private clouds hosted on AWS and Azure.
What is most valuable?
The most valuable features of CrowdStrike Falcon Cloud Security are Cloud Security Posture Management and Cloud Workload Protection, offering more visibility and protection across our cloud environment.
What needs improvement?
CrowdStrike Falcon Cloud Security should function as a standalone solution, offering Cloud Security Posture Management, Cloud Infrastructure Entitlement Management, and Cloud Workload Protection capabilities without requiring integration with additional Assurance, Detection, and Response solutions. This would allow clients to implement Falcon Cloud Security independently within their systems, eliminating the need for integrations.
The CrowdStrike partner portal documentation could be improved to provide proper instructions for integrating their products. Currently, the documentation lacks step-by-step details, forcing users to seek assistance from OEM partners. Fortunately, the integration process itself is straightforward.
For how long have I used the solution?
I have been using CrowdStrike Falcon Cloud Security for two months.
What do I think about the stability of the solution?
In the short time I have been using CrowdStrike Falcon Cloud Security it has been stable.
What do I think about the scalability of the solution?
I would rate the scalability of CrowdStrike Falcon Cloud Security eight out of ten.
How are customer service and support?
The technical support is good. We access through our OEM partner whenever support is required.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
After finding that Palo Alto Prisma Cloud's market value seemed to be declining and customer interest in its features waned, we transitioned to CrowdStrike, because it holds a strong market presence in India.
How was the initial setup?
As a CrowdStrike partner, we're currently conducting a review of the Falcon Cloud platform. Following this internal evaluation, we plan to deploy it for one of our largest clients in India, and we're actively preparing for a successful implementation.
The initial deployment is straightforward.
What other advice do I have?
I would rate CrowdStrike Falcon Cloud Security seven out of ten.
CrowdStrike Falcon Cloud Security is deployed in multiple locations in multiple regions and offices in India. Each office has its own cloud systems that reside in its region.
I recommend CrowdStrike Falcon Cloud Security to others.
CrowdStrike Falcon Cloud Security offers a robust and secure solution, backed by a reliable support system to ensure your cloud environment is well-protected.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Easy to use and helpful for security, but the console and the support need improvement
What is our primary use case?
We took this solution just for security purposes. We do not want someone to attack us, get into our environment, and get sensitive customer data.
How has it helped my organization?
It is good for security. We have a Palo Alto firewall, and we implemented CrowdStrike as an add-on feature.
What is most valuable?
Cloud security is one valuable feature. Spotlight is the other one. There is also vulnerability management and a couple of more features.
What needs improvement?
The console and the customer service are quite bad. We paid a big amount of dollars to them to implement it. We paid them for premium support.
It gets the work done, but the main problem with the solution is that if you remediate anything, it takes 45 days for you to get any of the features displayed on the dashboard. This is the real weakness of CrowdStrike. Their customer support is also not ready to help with it. If you remediate any cloud vulnerability that they are giving you, such as removing a host from your organization, it takes around 45 days for them to remove it from their console.
For how long have I used the solution?
It has been around a year since I onboarded it in my company and have been using it.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
It is scalable, but it depends on the organization's structure and how vast the environment is. Our environment is not that big, so scalability is okay. It is just that you need to deploy the sensors on the hosts.
How are customer service and support?
I would rate their support a five out of ten because they do not respond. We have taken premium support with them. If we raise a case with them, it takes around two to three days to get a call scheduled with them. Even the TAM that we have got from them cannot help. If you go for any service from Google, Microsoft, or Amazon AWS, their TAM is always ready to help you with your queries, but in the case of CrowdStrike, the TAM says that you need to raise a support case, and they will help you out.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I was not there in the organization at the time, so I do not know about it.
How was the initial setup?
I lead a team of 18 people. I get it deployed on all of the EC2 instances through them.
Its initial setup was straightforward. It is very easy to use.
For the whole organization, it took two weeks because we needed the downtime as well to deploy it in the production environment.
In terms of maintenance, it does not require any maintenance from our side.
What about the implementation team?
There was some consulting from the CrowdStrike team. They did help us to implement it.
Overall, five or six people were assigned to deploy the solution. They were infra-support engineers. It was deployed across multiple locations.
What's my experience with pricing, setup cost, and licensing?
I am not the one who handled the pricing. A different team worked on it, but it is pretty expensive.
Which other solutions did I evaluate?
We did our research and after that, we implemented CrowdStrike. Secureworks was there. There were some different players that gave us the quotation, but in terms of the features and the price, CrowdStrike was good.
CrowdStrike offered us Spotlight, vulnerability management, and cloud solution management. There are different blades to it. We implemented it, and now it supports our environment. It is good.
What other advice do I have?
To those evaluating this solution, I would say that it depends on their needs. If they need this product, they can go ahead and take it. It is straightforward, and it gets the job done.
I would rate it a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
The only platform that prevents misconfigurations and runtime gaps
What do you like best about the product?
An all-in-one solution for Azure and AWS makes CrownStrike stands out.
The only platform that prevents misconfigurations and runtime gaps
What do you dislike about the product?
Too much information on the website. This has to be taken care.
What problems is the product solving and how is that benefiting you?
Cloud security posture management (CSPM)
Cloud workload protection (CWP)
Decent product suite but has a long way to improve
What do you like best about the product?
1. Fine grained detailed information about configuration
2. Compliance feature provides one stop posture monitoring
3. Detailed asset inventory. Acts as a inventory management suite for Cloud assets
4. Good IOA and IOC detection capabilities
What do you dislike about the product?
1. Not the best of identity analysers. Has the tendency to spit out false positives.
2. Not the best of UI and the UX is no where close to native cloud security vendors
3. Lacks the ability to join the dots. While the product provides all essential in-depth data, this is a major improvement that is pending with Crowdstrike.
What problems is the product solving and how is that benefiting you?
Helps us understand our cloud workloads, security posture of such workloads along with potential security vulnerabilities/misconfigurations. It provides a holistic account to workload level security posture description which enables us to detect, respond and mitigate the right threats within the right timeframe.
Strongest Software for cloud security
What do you like best about the product?
Crowdstrike has a large number of options to stop cyber attacks like phishing, Ransomware,
and malicious activities.
the best thing I like is we can add IOCs by ourselves to prevent the attacks.
What do you dislike about the product?
overall it's a good cloud security tool but sometimes it lags too much.
and also after doing some changes it takes a little time to update the changes otherwise
I have not found any problem while using it.
What problems is the product solving and how is that benefiting you?
By using Crowdstrike we are able to stop different types of threats and vulnerabilities.
Crowdstrike detects threats then we take necessary action on them also it blocks the threats for us.
