CrowdStrike Falcon

It is able to really identify the true issues we have with our endpoints. There is not a lot of noise with their tool. They provide a comprehensive toolset and they keep up to date in regards to the latest security scams/issues to protect our environment

The reporting and dashboards could be improved to provide more clarity and ease of understanding of the metrics

CrowdStrike Falcon was able identify activity for kerberoasting which is critical as most of tools are not able to identify.Also its capability to DLL sideloading/hijacking is commendable.Interactive sandbox has helped a lot for getting to see how malware works. Great real-time visibility and reaction to all the endpoints.Offers a lightweight agent.

CrowdStrike Falcon is good for a mid-large size industry where there are many engineers and analysts are working. It got many modules and a lot of data to analyze and correlate with other tools. Also, the price vs features get justified for a mid-large company. The system is also designed for users with high technical skill level as it has a steep curve. Due to its not so good ML based detection engine it is also suitable for environment with not many lab/developer activity going on as it creates a lot of noise. The policy granularity isn't as detailed as in some other competitors like Cortex XDR.
It is not so well suited for small companies with small security team as it got too many features to manage and mostly an overkill as it will only operate on a small asset-set. Plus it is not cheap. It is also not suited for companies that does large scale development and testing involving network access or File manipulation in their environment simply because the policy options aren't much granular to tune accordingly. Cortex is definitely better in that aspect.

In a scenario with endpoints located worldwide, it can assure to all, the same necessary security level in real time and the highest efficiency for servers and computers. If there are too many legacy operating systems linked to industrial machines it has weakness that need to be covered with different solutions or architectures.

CrowdStrike Falcon is a robust security suite that would do well with any company, but it is geared more towards enterprises.

The solution is relatively good as a set and forget, particularly if being operated by a small team. Similarly, the system will allow for a level of active monitoring and integrating into MSSP services; however there is a point at which the level of sophistication drops off, especially when heading down a path of automated response, etc.

not the cheapest solution but the cost saving for that extra bit of knowhow that fills the gap between our old EDR and CrowdStrike is well worth the money. we modern protection is the current cost of doing business and will hopefully pay off in the extra layer of protection.

I believe CrowdStrike Falcon is great for teams who have a small security team with no 24x7 coverage. Using their Complete add-in you are covered by the 24 hours a day 7 days a week 365 days a year. This is all with a 4 minute window to remediate issues should one occur.

CrowdStrike Falcon is well-suited for business that wants to take their virus protection to the next level. It is also great for IT departments that are smaller, or run leaner and don't have as much time to spend on endpoint security.

It is best suited for organizations that have lot of machines and users, since CrowdStrike agent-based deployment is easy to manage and maintain.
CrowdStrike Falcon may be less appropriate for smaller organizations due to its cost, also a technical support team is required to install / remove agents from machines and monitor the dashboard for detections daily.

Incident response containment works really well, we have contained a couple of machines during incidents and it works pretty well. Also telemetry from different devices is useful. Identity protection alerting also works very well for us, we get tickets and calls from CrowdStrike Falcon when users connects from suspicious countries.

It can be used in combination with your current AV solution or even as an standalone product.
It seems to work pretty well and protects you from almost everything tested.
Maybe RFM can be improved, specially with patch Tuesdays, but nothing to worry too much about.

CrowdStrike Falcon is an all in one solution - One agent, low impact

I would highly recommend CrowdStrike Falcon to any organization serious about bolstering its cybersecurity defenses. The platform's effectiveness in threat detection, proactive mitigation, and scalability make it a valuable asset in today's ever-evolving threat landscape. Despite some learning curves and integration challenges, the return on investment and the overall security enhancement justify its strong recommendation.

It is suitable for large companies with complex organizational structures that are managed by the company's own staff or by Crowdstrike. It is less suitable for small companies due to its high initial costs, especially if it is offered as a service from an MSP, since the management of MSP users is complicated and, in some cases, it cannot even be a real vision of the users that can manage each company.

The deployment is very easy and very fast. You don't need an enviremont in your own data center. It is easy to use and you have a good on demand online traning. You can't see the status on the client easy. There would be a tray or somethimg like this very good.

CrowdStrike has detected some malicious activity on computers that it has stopped successfully. It works on Windows, MacOS, and Linux which is helpful for organizations with multiple OS's. It hasn't always been as great at preventing more minor adware or annoyance software. It can still sometimes be difficult to figure out exactly what a user was doing that triggered an alert.

CrowdStrike Falcon can be treated as a single source for endpoint protection. With additional features, CrowdStrike Falcon has a strong use case for preventing malware infection in the infrastructure security ecosystem. CrowdStrike Falcon's complete helps get the MSSP capabilities for SOC detection and incident response from a league of experts.

I have been in the industry for close to thirty years and this has been one of the best endpoint protection programs I have ever used. We feel confident as an organization that we are protected on the endpoints at all times. The Falcon Complete team is great for providing assistance whenever we need it.

Protecting Windows, Linux, and MAC Operative Systems from all kinds of threats. Not only alerting but also preventing, using behavior detection and file analysis.

It is suited to small teams who require additional backup and assistance within the security area.

I feel CrowdStrike Falcon is well suited for anybody who takes securing their systems and employees safe. They have a $1 million breach policy, which helps give peace of mind that they stand behind their product and really believe in it. This was the big determining factor for us. Not because we needed the $1 million policy but because it shows how much they are willing to invest in their products as the best on the market.

the mdr service is very good, the response and remediation capabilities work very well. The growth of the platform and the new modules show the continuous innovation that the product has.It could improve the responses to support tickets.

It helps in Adversary Emulation Exercise.
It helps in Red Team / Blue Team Exercise.

Threat visibility is something where it is less appropriate.

Unmatched AI capability to find security threats & seamless Customer Support