CrowdStrike Falcon Platform
CrowdStrikeReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
314 reviews
from
External reviews are not included in the AWS star rating for the product.
Crowdstike Falcon EDR: A SOC Analyst 's Hands-On review
What do you like best about the product?
As a SOC Analyst, I really value CrowdStrike Falcon’s real-time threat detection and visibility. The threat graph and behavioral analytics make it easier to investigate incidents and correlate activities quickly. I also like how lightweight the agent is—it doesn’t slow down endpoints, and updates are seamless. The dashboard is intuitive, and the detailed telemetry gives deep insights for hunting and responding to threats.
What do you dislike about the product?
The main drawback is the steep learning curve for new analysts, especially when diving into advanced hunting queries. Some of the alerts can be very noisy, requiring fine-tuning to avoid false positives. The pricing is also on the higher side compared to other EDR solutions, which might be challenging for smaller organizations.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon helps us detect and respond to endpoint threats in real-time. It provides detailed telemetry and behavioral analytics that improve our investigation speed and reduce dwell time. The cloud-based architecture ensures scalability and seamless updates. Overall, it has strengthened our SOC capabilities by giving us better visibility, faster containment, and reduced risk of data breaches.
State-of-Art solution that provides Visibility, Threat Analysis and Response
What do you like best about the product?
Falcon offers visibility, detection and response, and integration within a single agent. It is easy to deploy across different platforms and brings everything together in a unique central management console for threat analysis and orchestration. This setup allows for the creation of automatic and proactive responses to adversaries and other threats.
What do you dislike about the product?
Falcon Crowdstrike Marketplace apps are not updated regularly, which can be frustrating when trying to get a response from vendor integration during a proof of concept. The lack of timely updates sometimes makes the process more challenging than it should be.
What problems is the product solving and how is that benefiting you?
Visibility, integration, and protection are among the key benefits of using FALCON. These features enhance the way threat hunting, data analysis, and extended response are carried out within IT Security Architecture, offering solutions for every layer of security.
CS deployment is very straight forward, they are not only an endpoint but also a top security firm
What do you like best about the product?
The ease of implementation stood out. Deployment was fast with minimal disruption. The interface is intuitive, and the lightweight agent doesn’t impact system performance. Its broad feature set (threat detection, EDR, vulnerability management) is robust, and the frequency of use is daily since it runs seamlessly in the background. Customer support has been responsive and knowledgeable, and integration with other security tools has been straightforward.
What do you dislike about the product?
The cost can be somewhat concerning, particularly when considering the price of additional modules such as IAM and SOAR. I hope they will consider offering free access for at least 50 to 100 devices to allow users to test their features, as this could encourage customers like me to take their product more seriously. Overall, I like their product and believe it is worth the investment.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon addresses the challenge of advanced endpoint protection by detecting and stopping threats that traditional antivirus solutions often overlook. It gives us real-time visibility into attacks, suspicious activities, and vulnerabilities across all our endpoints, whether on-premises or remote.
This has led to a noticeable reduction in security incidents, less downtime, and better compliance with internal and regulatory security standards. Since it is cloud-native, we avoid the need to maintain heavy infrastructure, and updates are applied seamlessly. As a result, our IT and security teams now spend less time responding to incidents and can focus more on proactive defense.
This has led to a noticeable reduction in security incidents, less downtime, and better compliance with internal and regulatory security standards. Since it is cloud-native, we avoid the need to maintain heavy infrastructure, and updates are applied seamlessly. As a result, our IT and security teams now spend less time responding to incidents and can focus more on proactive defense.
Protect your enterprise network with CrowdStrike Falcon
What do you like best about the product?
Deploying CrowdStrike Falcon Endpoint Protection Platform agents across all computers in the network was easy and fast. CrowdStrike provide end point protection for your devices and ensure no malware gets access to your network.
Integration with Active directory is easy, and you can manage access and users. implementing on new devices with only agents to be installed,
As for the customer support if you have any issue, you can raise ticket with customer support, and they will sort out your issues with top technician.
Integration with Active directory is easy, and you can manage access and users. implementing on new devices with only agents to be installed,
As for the customer support if you have any issue, you can raise ticket with customer support, and they will sort out your issues with top technician.
What do you dislike about the product?
CrowdStrike utilize your device resources, so you need devices with high specs to avoid slowness and unusual performance for the computers.
What problems is the product solving and how is that benefiting you?
CrowdStrike helped our environment by protecting or end users' devices, and it control the access of end points such as USB and CD from Uknown sources.
Powerful and Reliable Endpoint Protection for Modern SOC Operations
What do you like best about the product?
What I like best about CrowdStrike Falcon is how fast and reliable it is when detecting threats. Just recently, it flagged a suspicious PowerShell script running on one of our endpoints. Within minutes, we had a full timeline of the activity, including the parent process and command line details. That helped us respond quickly and avoid any impact.
As a SOC analyst , I also appreciate how easy it is to navigate. The interface is clean, and the alerts are well-organized, which makes it easier to learn and understand real-world attack patterns. It doesn’t just throw alerts—it gives context, which is super helpful when you're still building your skills.
As a SOC analyst , I also appreciate how easy it is to navigate. The interface is clean, and the alerts are well-organized, which makes it easier to learn and understand real-world attack patterns. It doesn’t just throw alerts—it gives context, which is super helpful when you're still building your skills.
What do you dislike about the product?
While CrowdStrike Falcon is a powerful and reliable platform, some features can be a bit overwhelming for new users. It takes time to get used to the interface and understand how to use all the modules effectively. Also, the filtering options in the investigation tab could be improved—sometimes it's hard to narrow down alerts quickly when you're dealing with a large volume.
A helpful improvement would be to make the search and filtering more flexible and user-friendly, especially in the event timeline and process tree views. That would make investigations faster and smoother, especially for SOC teams handling multiple incidents.
A helpful improvement would be to make the search and filtering more flexible and user-friendly, especially in the event timeline and process tree views. That would make investigations faster and smoother, especially for SOC teams handling multiple incidents.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon helps us solve one of the biggest challenges in cybersecurity: detecting and responding to threats in real time across multiple endpoints. Before using Falcon, it was hard to get visibility into what was happening on devices, especially during suspicious activity. Now, we can track everything—from process execution to network connections—with detailed timelines and context.
As a SOC analyst trainee, this has been a huge benefit. It allows me to learn from real incidents while contributing to investigations. The platform also helps reduce false positives, so we can focus on actual threats instead of wasting time chasing noise. Overall, it’s made our team faster, more efficient, and more confident in our response.
As a SOC analyst trainee, this has been a huge benefit. It allows me to learn from real incidents while contributing to investigations. The platform also helps reduce false positives, so we can focus on actual threats instead of wasting time chasing noise. Overall, it’s made our team faster, more efficient, and more confident in our response.
Robust cybersecurity platform with excellent real-time threat detection capabilities
What do you like best about the product?
Advanced threat detection and response: The platform leverages artificial intelligence and machine learning to detect sophisticated threats, including zero-day attacks and fileless malware. Its behavioral analysis is particularly effective against ransomware and advanced persistent threats.
Cloud-native architecture with lightweight agent: Single lightweight agent deployment provides rapid scalability without significant endpoint performance impact. Real-time visibility across the entire environment is exceptional, enabling quick incident response.
Integrated threat intelligence: Access to one of the industry's most comprehensive threat intelligence databases with constant updates on emerging attack campaigns and adversary tactics, techniques, and procedures (TTPs).
Cloud-native architecture with lightweight agent: Single lightweight agent deployment provides rapid scalability without significant endpoint performance impact. Real-time visibility across the entire environment is exceptional, enabling quick incident response.
Integrated threat intelligence: Access to one of the industry's most comprehensive threat intelligence databases with constant updates on emerging attack campaigns and adversary tactics, techniques, and procedures (TTPs).
What do you dislike about the product?
Premium pricing structure: The platform comes with a high price point that can be prohibitive for small to medium-sized organizations, especially when considering additional modules like Falcon OverWatch or specialized industry packages.
Initial complexity and learning curve: Organizations without prior EDR experience may find the volume of alerts and configuration options overwhelming initially, requiring specialized training and potential consulting services to optimize effectiveness.
Internet connectivity dependency: Being fully cloud-based requires consistent internet connectivity for complete functionality, which can be limiting in air-gapped environments or locations with unreliable network infrastructure.
Initial complexity and learning curve: Organizations without prior EDR experience may find the volume of alerts and configuration options overwhelming initially, requiring specialized training and potential consulting services to optimize effectiveness.
Internet connectivity dependency: Being fully cloud-based requires consistent internet connectivity for complete functionality, which can be limiting in air-gapped environments or locations with unreliable network infrastructure.
What problems is the product solving and how is that benefiting you?
Advanced Persistent Threat Detection: Falcon identifies sophisticated, multi-stage attacks that traditional antivirus solutions miss, significantly reducing our mean time to detection (MTTD) from days to minutes. This has prevented several potential data breaches.
Centralized Security Visibility: The unified console provides comprehensive visibility across all endpoints, eliminating security blind spots and reducing the complexity of managing multiple security tools. This has improved our security team's efficiency by 40%.
Automated Threat Response: Real-time automated containment and remediation capabilities have reduced our incident response time dramatically, allowing us to isolate compromised endpoints within seconds rather than hours.
Centralized Security Visibility: The unified console provides comprehensive visibility across all endpoints, eliminating security blind spots and reducing the complexity of managing multiple security tools. This has improved our security team's efficiency by 40%.
Automated Threat Response: Real-time automated containment and remediation capabilities have reduced our incident response time dramatically, allowing us to isolate compromised endpoints within seconds rather than hours.
Best EDR Ever
What do you like best about the product?
complete suite for endpoint protection with high detection and response low false positive and give any CISO a peace of mind
What do you dislike about the product?
its cloud and CSPM pretty poor and expensive
What problems is the product solving and how is that benefiting you?
user and endpoint best protection
the best endpoint protection tool
What do you like best about the product?
I like the Best about CrowdStrike Falcon is its protection on the endpoints where it is a security tool which is used to detect and stop the malwares, ransomware and threats on the devices and the best is fast to deploy and scale
What do you dislike about the product?
I'm not satisfied with the pricing compared to some other alternatives which is little bit high and it is having the limited mobile support
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon is mainly helping in providing the protection to the endpoints like protecting as a antivirus to the system and also protecting from malware, ransomware and threats and also provides the proactive detections, fast response and complete visibility across our environment. we can't prove our usage through companies profile it it very confidential to share the use case of crowdstrike falcon we are in builted this software in some PC's to scan and validate multiple folders.
CrowdStrike Falcon Endpoint Protection : Security and Features ( EDR)
What do you like best about the product?
We have been using Crowstrike's Falcon Platform for over 5 years now. It is great at what is does and while the Falcon Platform itself can be pricey (though about on par for the competition), additional tools are included or very affordable (SIEM/Log Collector or CSPM for example). It's very easy to deploy, especially in a modern setting. The functionality within the tool is exactly what our team is looking for - EDR, isolation, remote response, and more. Charlotte AI helps detection and response with autonomous reasoning and action.
What do you dislike about the product?
Good Product for security point of view but TAC support can be much better.
Also, Cost is very High.
Also, Cost is very High.
What problems is the product solving and how is that benefiting you?
Real-Time Detection - Uses advanced behavioral analytics to identify and stop attacks quickly. Lightweight Cloud-Native Agent - Minimal impact on endpoint performance with easy deployment and updates. Intuitive User Interface - Clean, user-friendly dashboard that simplifies monitoring and incident response.
CrowdStrike Falcon: Elite Endpoint Protection with Enterprise-Grade Intelligence
What do you like best about the product?
1 Lightweight agent with near-zero performance impact
2 Fast deployment via cloud-native architecture
3 AI-powered, real-time detection and XDR capabilities
4 Unified platform—one agent, multiple modules
5 Excellent visibility, custom reporting, and threat intel
2 Fast deployment via cloud-native architecture
3 AI-powered, real-time detection and XDR capabilities
4 Unified platform—one agent, multiple modules
5 Excellent visibility, custom reporting, and threat intel
What do you dislike about the product?
1 False Positives & Detection Gaps
2 Some features need additional licenses
3 Managed Services Shortcomings
4 Limited Native Features
2 Some features need additional licenses
3 Managed Services Shortcomings
4 Limited Native Features
What problems is the product solving and how is that benefiting you?
1 Advanced Threats (Ransomware, Zero-Day, Fileless Attacks
2 Lack of Visibility Across Endpoints
3 Slow Incident Response & Remediation
4 Complex, Resource-Heavy Security Tools
5 Disparate Security Tools & Gaps in Coverage
2 Lack of Visibility Across Endpoints
3 Slow Incident Response & Remediation
4 Complex, Resource-Heavy Security Tools
5 Disparate Security Tools & Gaps in Coverage
showing 11 - 20