CrowdStrike Falcon

CrowdStrike Falcon provides end-user security, as well as data security, and sandboxing further allowing security researchers and analysts to dig into the malware some. It is an over security solution, or stack, that allows companies to use one platform rather than multiple. What I like most though is the compliance assessment. CrowdStrike Falcon recently added HIPAA to the list of compliance frameworks that it will test your environment against so that you can see how your companies security compares to different compliance standards. For example, I need to be hipaa compliant, so I can see how my company‘s security compares to hipaa compliance requirement and if it is not hipaa compliant, it will show me what to fix and how to fix it.

As I said before, with CrowdStrike Falcon, there isn’t a need for a ton of security tools. CrowdStrike Falcon provides almost all required tools to achieve a comprehensive security state.

As I stated previously , it’s a “one stop shop” for security.

I was focused on a specific need rather than a suite of software, had looked for a complete solution, I would have decided on CrowdStrike Falcon sooner.

Yes, we wanted the full benefit of the software.

Yes, I was having an issue with the new HIPAA compliance scanner. I called support and they walked me through it. I had the premium support package but we were unable to validate it, so the support rep took me at my word that we had it and continued to help me, even though he wasn’t obligated to.

CS Falcon is our primary tool of choice for endpoint protection. It has a small footprint and impact while being highly intelligent and very well supported.
With the majority of our users working in hybrid mode we needed a strong security control that could provide top-class protection with the minimum amount of False Positives (and, of course, of True Positives).
Falcon provides full visibility on processes, communication flows and all sorts of activities that are happening on the endpoints. It works smoothly with other tools that we have co-deployed, like DLP, DNS protection, SWG/CASB, App monitoring and Control.
Recently we added to our arsenal the Identity Protection and the Cloud Protection modules, driven by the business needs to reduce the number of vendors, tools and dashboards while achieving maximum protection and synergy/consolidation.
We believe that as a company, Crowdstrike sits on top of the range of security vendors that we work with, has the right vision and keeps delivering excellence.
We are quite happy with their Customer Success Management and Support Services and look forward to trialling their new functions: LogsScale and External Surface Risk Management.

We recently eliminated the use of Microsoft ATA for Identity monitoring and protection by replacing it with Crowdstrike Identity Protection.

Unfortunately, we are not there yet, as the leadership is not up to speed with our (engineering's team) vision for consolidation and simplification.

But we are closely observing the suitability of CS modules for:
- Endpoint DLP (replace Cyberhaven),
- Vulnerability Management (replace Qualys),
- Log aggregation and analysis (replace Splunk)
- Attack Surface protection and Threat Intelligence (replace RiskSense and Digital Shadows, which I forgot to mention in my previous reference to our security arsenal)

Our goal as a security team is to REDUCE the risk from CyberSecurity threats AND minimise the impact of potential breaches.
We have been lucky to have a decent security budget and headcount, but also efficient in exploiting the security arsenal that we are provided with.
As long as I have been with the company (2yrs), there have been no breaches or high-profile security incidents.