CrowdStrike Falcon

I'm a security analyst who uses CrowdStrike Falcon for day-to-day endpoint monitoring and response. There is no such problem compared to the competitors. It does its job really well. Our scope is to monitor endpoint assets, including workstations, servers, and DCs (Windows OS, Linux OS, and macOS), for any suspicious or malicious behavior or attempts.

• It helps in reducing breach risk and production disruption cost.
• It reduced employee bandwidth and analysis time compare to SOC operations because it takes action based on the severity.
• It has a Presentable dashboard with executive and board driven visibility.
• It improves Compliance and Audit posture.
• Only negative impact is, its more costlier specially for small organizations.

Palo Alto Networks Cortex XDR and SentinelOne Singularity

IBM Security QRadar SIEM, Palo Alto Networks Cortex XDR, SentinelOne Singularity

We are a business associate to many healthcare organizations, and rely on ingesting ePHI data for our software. We absolutley need "best in class" threat protection and mitigation to protect not only our business, but the hospitals and other healthcare entities we serve. CrowdStrike Falcon complete absolutely protects us and our clients, and provides the visibility and peace of mind into our systems we are looking for.

• Customers have asked us directly if we use CrowdStrike
• Learning curve has been steep, but once we had it implemented, has shown a few critical incidents that have occured and were mitigated.

Trend Micro Cloud One - Application Security and Symantec Advanced Threat Protection

Microsoft Intune, Ramp, Salesforce CMS

Falcon serves as an EDR solution and is deployed at every computing endpoint. It provides realtime detection and mitigation of threats by continuously monitoring the endpoint activity telemetry data. The AI/ML features help eradicate zero-day attacks and serve as a preventive measure to protect your organisation against every possible attack vector. Having Falcon agents running on your endpoint protects your infrastructure from threat actors and reduces/negates the risk of data exfiltration and financial loss or reputational damage.

• Switching to a single security platform helps businesses save significant money. For every dollar spent, companies often get back six dollars in value. These savings come from working faster and avoiding the high costs of data breaches, which are usually recouped within less than half a year.
• Using modern security tools can cut the risk of a cyberattack by up to 85%. This approach replaces many old, separate programs with one system, saving staff thousands of hours of manual work. Over three years, the total financial benefits are nearly triple the original cost.
• Protecting user logins pays for itself very quickly, often within 6 months. By using one specialized tool instead of several small ones, companies can save over a million dollars in long-term costs. This reduces staff workload while making the entire business much harder to hack.

Avira Antivirus

Elasticsearch, Expel, Okta

We use it as our main endpoint protection solution, constantly working on detection and visibility within our environment. We can monitor behaviors and respond to incidents in real time, and with it, we can reduce the risks of malware/ransomware and unauthorized access. It helps our security team every day.

Utilizo como nossa principal solução de proteção de Endpoints, sempre trabalhando na detecção e visibilidade do nosso ambiente. Conseguimos verificar comportamentos e resposta a incidentes em tempo real,. com ele conseguimos reduzir os riscos de um malware/ransomware e de acessos não autorizados. Nos ajuda em todo dia a dia do nosso time de segurança.

• Improved operational efficiency of the Security team.
• Significant reduction in security incidents.
• Greater visibility of the environment and improved security posture for the business.
• Melhora na eficiência operacional do time de Segurança
• Redução significativa de incidentes de segurança
• Maior visibilidade do ambiente e melhora na postura de segurança do negócio

ManageEngine Endpoint Central, AWS CloudTrail, Azure App Service

We use CrowdStrike for our EDR solution. They have been a great partner to work with!

• It has had a great ROI. We have not had any cyber security breaches so far

Huntsman Next Gen SIEM SOAR (Analyst Portal), Datadog, Splunk Enterprise and Arctic Wolf Managed Detection and Response

Abnormal Security, Cisco Umbrella, KnowBe4 Security Awareness Training