Likelihood to Recommend I would highly recommend CrowdStrike Falcon to any organization serious about bolstering its cybersecurity defenses. The platform's effectiveness in threat detection, proactive mitigation, and scalability make it a valuable asset in today's ever-evolving threat landscape. Despite some learning curves and integration challenges, the return on investment and the overall security enhancement justify its strong recommendation.
Read full review If you want a platform that is covering thousands of sources, and that includes deep, dark web, clear web forums, blogs, newspapers, social media networks, etc. Recorded Future is the most complete solution that I have seen. On the other hand, if you are looking for a really advanced platform with lot of human added value, research papers, advanced investigations, etc. Recorded Future might not be the ideal solution.
Read full review Pros The Log analysis is very detailed and easy to use. Prevent and block all type of malwares. Great threat intelligence which is very up-to-date with the recent cyber attacks very user friendly in access and management Automated feature of detecting, taking action and closing incidents using fusion workflow. Read full review Gives latest threat reports regarding an artifact (IP, domain or hash). Browser extension provides a real-time information about an artifact. Accurate in identifying malicious domains and IPs. Read full review Cons Sometimes updates to sensor versions fail, which requires manual intervention by internal staff members The variety of different administrative privilege levels is vast and sometimes confusing Proactive notifications confirming the health of the environment would be great instead of just reporting on potential issues Read full review E-Mail reports can show unrelated content, especially sometimes you'll see alerts popping up for articles which have been published years ago but for some reason were just recently discovered by RF. Yara rules from their insikt blog sometimes are not syntactically correct and need to be manually edited to actually work. There's some proper QA missing. Their global and 3rd party risk reports could be more tailored towards the industries of their client. There is entries for totally unrelated security incidents. Of course a global list aims to find incidents on a global view, but it doesn't add much value at that point. Read full review Likelihood to Renew Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.
Read full review Usability I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.
Read full review Support Rating Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.
Read full review I've had an issue with their browser-plugin which didn't want to authenticate correctly. RF's support could arrange for a session with me and identify and solve the issue. I was very pleased how serious they took my problems and also how knowledgeable they are.
If I have more general questions they quickly reply and most likely also have a solution at hand.
Read full review In-Person Training There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.
Read full review Online Training The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.
Read full review Alternatives Considered CrowdStrike Falcon's cloud-native architecture gives it an edge in terms of scalability, ease of deployment, and real-time threat intelligence updates. The user interface of Falcon is intuitive and offers clear visibility into our organization's threat landscape. Our team felt more comfortable navigating Falcon's dashboard. CrowdStrike Falcon's API and integration capabilities meant we could easily incorporate it into our existing tech stack, enhancing our other tools. Falcon's seemed more flexible for our specific needs.
Read full review It is the most complete solution of these three, as the others are focused in specific areas and having really detailed analysis about threat actors, APT groups, etc. Recorded Future is not having this level of knowledge in really specific areas but doing a really good work covering thousands of sources and the most relevant forums.
Read full review Return on Investment Centralized resource management means we need less tools to do the same job. EDR data is massive and has to be factored into the overall cost of the product. You are exponentially punished for more devices. CS has allowed larger coverage over devices and has discovered massive pockets of no protections. Read full review Recorded Future crashes my web browser in cases I have to open a web page containing hundreds of IPs. A quick disable feature for a particular tab would be beneficial for someone like me. Read full review ScreenShots