CrowdStrike is being used within the security department. It is installed on machines within the whole organization, but the only people typically looking into the platform are the security team. Systems team has access to the platform, but only log on as needed to update sensors or install new ones. It addresses the issue of not needing to manually scan machines. The detections allow for easily digging into any potential issues.
- Detailed explanations and break downs of detection.
- Allows for remote control of machines.
- Easy to deploy.
- Falcon isn't continuously scanning the machine, if something is downloaded and viewed as safe it won't be re-checked later.
- More dashboards and information on vulnerabilities on the machines would be helpful.
- More reports that could be given to executives would also be beneficial. There are some now, but the options are rather limited.
Read this authenticated review
Falcon does an efficient job of detecting suspicious activity on machines. It is well suited for any scenario, I can't think of a particular case where Falcon wouldn't be useful. There could be a greater amount of dashboards and reporting options, if your company is heavy on those I would suggest looking into Falcon's options before purchasing the product.