CrowdStrike Falcon Review Insights

Score9.1 out of 10

399 Reviews and Ratings

Back to Reviews

Insights from CrowdStrike Falcon Reviewers

Based on 14 verified reviews published in the last 18 months

What other products like CrowdStrike Falcon have you used or evaluated?

14 answered

Organizations frequently evaluate a diverse array of alternative solutions in the cybersecurity market, particularly within endpoint security. Half of the reviewers (7 out of 14) indicated experience with various endpoint security platforms, suggesting a competitive landscape where organizations often compare multiple vendors. A smaller subset of reviewers, 2 out of 14, also noted their engagement with Managed Detection and Response (MDR) services, sometimes overlapping with endpoint security offerings. This indicates that organizations considering solutions like CrowdStrike Falcon often assess a broad spectrum of security tools and services, from traditional endpoint protection to more comprehensive managed detection capabilities. The evaluation process appears to involve a wide range of established and emerging providers, reflecting varied organizational needs and security strategies.

Endpoint Security Solutions

7 mentions

Organizations frequently evaluate a wide range of endpoint security products when considering solutions similar to Crow…

Organizations frequently evaluate a wide range of endpoint security products when considering solutions similar to CrowdStrike Falcon. Half of the reviewers (7 out of 14) reported experience with various platforms, including established vendors like Symantec and Kaspersky, as well as newer entrants such as Palo Alto Networks Cortex XDR and SentinelOne Singularity. This diverse consideration suggests that organizations often explore multiple options to find the best fit for their specific endpoint protection needs.

Managed Detection and Response

2 mentions

A smaller proportion of reviewers also identified Managed Detection and Response (MDR) services as alternatives or comp…

A smaller proportion of reviewers also identified Managed Detection and Response (MDR) services as alternatives or complementary solutions they have evaluated. Two out of 14 reviewers mentioned engaging with MDR providers such as Arctic Wolf Managed Detection and Response and Sophos Managed Detection and Response. This indicates that some organizations consider a broader security strategy that includes outsourced threat monitoring and response capabilities alongside or in conjunction with their endpoint security platforms.

CrowdStrike Falcon provides in depth solutions to meet a range of different needs. Please describe how the breadth of CrowdStrike Falcon solutions has helped you achieve your goals or objectives.

14 answered

CrowdStrike Falcon's broad suite of solutions is frequently cited by reviewers for enhancing organizational security posture and operational efficiency. A significant portion of the feedback, from 4 of 14 reviewers, highlights the platform's ability to provide a unified security approach, integrating various functions like endpoint protection and cloud workload monitoring into a single agent, which helps achieve total visibility and a more mature cybersecurity strategy. Simultaneously, 4 of 14 reviewers emphasize the platform's strong capabilities in threat detection and prevention, noting its effectiveness in stopping breaches and mitigating vulnerabilities, including zero-day attacks. While the comprehensive nature is largely positive, a mixed sentiment regarding cost and feature utilization emerged from 3 of 14 reviewers, who mentioned not fully leveraging all available features due to cost considerations or lack of immediate need. The platform also contributes to improved visibility and investigation capabilities, allowing analysts to perform faster and more accurate analyses.

Unified Security Platform

4 mentions

Reviewers frequently commend CrowdStrike Falcon for its ability to consolidate multiple security functions into a singl…

Reviewers frequently commend CrowdStrike Falcon for its ability to consolidate multiple security functions into a single, cohesive platform. This integration of endpoint protection, identity security, and cloud workload monitoring is noted by 4 of 14 reviewers as providing total visibility and transforming security from siloed tools into a proactive defense, leading to a more mature cybersecurity strategy.

Threat Detection and Prevention

4 mentions

The platform's robust capabilities in threat detection and prevention are a key benefit cited by 4 of 14 reviewers. Use…

The platform's robust capabilities in threat detection and prevention are a key benefit cited by 4 of 14 reviewers. Users report that CrowdStrike Falcon effectively prevents breaches before they occur and detects and stops advanced attacks, including zero-day threats, based on behavioral analysis, thereby improving the overall security posture of the organization.

Cost and Feature Gaps

3 mentions

Despite the breadth of solutions, 3 of 14 reviewers expressed mixed feelings regarding the cost and full utilization of…

Despite the breadth of solutions, 3 of 14 reviewers expressed mixed feelings regarding the cost and full utilization of all available features. Some indicated that they are not currently using the entire suite or multiple tools due to cost considerations, suggesting a cautious approach to adopting additional offerings.

Identity Protection

2 mentions

CrowdStrike Falcon addresses specific concerns related to identity protection for some organizations. Two reviewers hig…

CrowdStrike Falcon addresses specific concerns related to identity protection for some organizations. Two reviewers highlighted its utility in managing scenarios such as "impossible travel," enabling automated responses like forced re-login with multi-factor authentication for suspicious access attempts from distant or blocklisted locations.

Visibility and Investigation

2 mentions

The platform enhances an organization's ability to conduct thorough security investigations by providing in-depth infor…

The platform enhances an organization's ability to conduct thorough security investigations by providing in-depth information. Two reviewers noted that this capability allows analysts to perform faster and more accurate analyses, offering extensive detail on events and processes for comprehensive incident investigation.

CrowdStrike Falcon offers a wide variety of modules which can help replace tools and solutions in your tech stack. Please describe what tools you’ve reduced the use of/eliminated entirely as a result of CrowdStrike Falcon.

14 answered

CrowdStrike Falcon frequently enables organizations to consolidate their security tool stack, primarily by replacing traditional antivirus solutions. A significant portion of reviewers, 6 of 14, reported eliminating or reducing the use of legacy antivirus platforms, transitioning to a more modern endpoint detection and response (EDR) approach. Beyond endpoint protection, the platform also contributes to the reduction of SIEM infrastructure, with 3 of 14 reviewers noting a decrease in SIEM tool usage or associated costs. While the replacement of traditional security tools is a clear benefit, the platform's role in vulnerability management is less definitive, with 2 of 14 reviewers indicating either partial replacement or ongoing evaluation of its capabilities in this area. Overall, the evidence suggests CrowdStrike Falcon is effective in centralizing prevention, detection, and response functions, leading to a more streamlined security environment.

Traditional Antivirus Replacement

6 mentions

A substantial number of reviewers, 6 of 14, indicated that CrowdStrike Falcon effectively replaced their traditional an…

A substantial number of reviewers, 6 of 14, indicated that CrowdStrike Falcon effectively replaced their traditional antivirus solutions. This transition allowed organizations to move from legacy AV platforms like Symantec and Kaspersky to a more advanced EDR system, centralizing prevention, detection, and response capabilities in a single platform.

SIEM Tool Reduction

3 mentions

CrowdStrike Falcon has also contributed to the reduction in the use of Security Information and Event Management (SIEM)…

CrowdStrike Falcon has also contributed to the reduction in the use of Security Information and Event Management (SIEM) tools for some organizations. Three of 14 reviewers specifically mentioned that the platform's capabilities allowed them to reduce SIEM infrastructure costs or replace certain SIEM functionalities, such as endpoint audit trails.

Vulnerability Management Tools

2 mentions

The impact of CrowdStrike Falcon on vulnerability management tools appears to be less conclusive, with 2 of 14 reviewer…

The impact of CrowdStrike Falcon on vulnerability management tools appears to be less conclusive, with 2 of 14 reviewers reporting mixed results. One reviewer noted a partial replacement of vulnerability scanners through the Exposure Management feature, while another indicated that the replacement of their existing vulnerability management and patch management tool was still under evaluation.

What are some unexpected or innovative ways that your organization has been able to use CrowdStrike Falcon?

14 answered

Organizations are leveraging CrowdStrike Falcon in several innovative ways beyond its primary security functions, primarily focusing on advanced threat detection and internal operational support. A notable application, cited by 4 of 14 reviewers, involves proactive threat hunting and in-depth analysis, utilizing the platform's capabilities to identify and investigate potential risks. Similarly, 4 of 14 reviewers highlighted its utility in enhancing endpoint security and control, enabling strict access policies and remote device management. Furthermore, the platform is being used to support internal IT investigations, a use case mentioned by 3 of 14 reviewers, by providing detailed logs and tracking capabilities. These extended applications demonstrate how organizations are maximizing their investment in CrowdStrike Falcon by integrating its robust data collection and real-time response features into broader security and operational workflows, moving beyond conventional threat prevention to more strategic and investigative uses.

Threat Hunting and Analysis

4 mentions

Reviewers frequently highlight CrowdStrike Falcon's utility as a proactive tool for threat hunting and deep analysis. F…

Reviewers frequently highlight CrowdStrike Falcon's utility as a proactive tool for threat hunting and deep analysis. Four of 14 reviewers specifically noted its ability to facilitate advanced threat detection through features like FQL queries and by correlating data from various sources to identify abnormal transactions, thereby enabling a more strategic approach to security.

Endpoint Security and Control

4 mentions

The platform is recognized for its advanced capabilities in endpoint security and control, allowing organizations to en…

The platform is recognized for its advanced capabilities in endpoint security and control, allowing organizations to enforce stringent access policies. Four of 14 reviewers appreciate its ability to block logins from non-whitelisted countries or non-compliant devices, alongside providing real-time access to endpoints for immediate action, regardless of their physical location.

Internal Investigations Support

3 mentions

CrowdStrike Falcon significantly aids organizations in conducting internal investigations due to its comprehensive logg…

CrowdStrike Falcon significantly aids organizations in conducting internal investigations due to its comprehensive logging and tracking features. Three of 14 reviewers specifically mentioned its value in supporting internal IT investigations by providing the necessary data and insights to analyze incidents and track activities.

Compliance and Audits

2 mentions

Organizations are also leveraging CrowdStrike Falcon to address compliance requirements and facilitate security audits.…

Organizations are also leveraging CrowdStrike Falcon to address compliance requirements and facilitate security audits. Two of 14 reviewers noted its role in compliance monitoring and mentioned that having CrowdStrike in place is viewed favorably during client security audits, indicating its contribution to regulatory adherence and stakeholder confidence.

Vulnerability and Risk Management

2 mentions

What positive or negative impact (i.e. Return on Investment or ROI) has CrowdStrike Falcon had on your overall business objectives?

14 answered

CrowdStrike Falcon generally contributes positively to business objectives, primarily by enhancing security posture and streamlining operations, though cost remains a significant consideration for some organizations. A substantial portion of reviewers, 29%, reported a significant reduction in security incidents, directly contributing to breach risk mitigation and preventing production disruptions. Similarly, 29% of reviewers noted improvements in operational efficiency, citing reduced employee bandwidth for analysis and time savings for security teams. The platform's ability to provide greater visibility into the environment and offer executive-level dashboards was also a positive impact for 29% of reviewers. However, the financial aspect presents a mixed picture, with 36% of reviewers acknowledging a strong return on investment through breach prevention and platform consolidation, while others found the licensing costs and entry point to be expensive, particularly for smaller organizations. Furthermore, 14% of reviewers expressed concerns regarding support and reliability, citing difficulties in contacting support during critical incidents and a perceived lack of customer focus.

Cost and Value

5 mentions

Reviewers hold mixed views on the cost-effectiveness of CrowdStrike Falcon. While some perceive a strong return on inve…

Reviewers hold mixed views on the cost-effectiveness of CrowdStrike Falcon. While some perceive a strong return on investment due to the prevention of cyber security breaches and the consolidation benefits of a single security platform, others consider the licensing fees to be high, especially for smaller organizations or those with fewer endpoints.

Operational Efficiency

4 mentions

The platform positively impacts operational efficiency by automating security tasks and simplifying data analysis. Revi…

The platform positively impacts operational efficiency by automating security tasks and simplifying data analysis. Reviewers, 29% of whom mentioned this benefit, reported that it reduces the need for extensive manual log pulling and analysis, allowing security teams to allocate their time to other critical projects.

Security Incident Reduction

4 mentions

CrowdStrike Falcon is credited with significantly reducing security incidents and mitigating critical threats. This dir…

CrowdStrike Falcon is credited with significantly reducing security incidents and mitigating critical threats. This direct impact on breach prevention helps businesses avoid costly disruptions and maintain productivity, as noted by 29% of reviewers.

Visibility and Posture

4 mentions

The product enhances an organization's security posture by providing improved visibility into the IT environment. Revie…

The product enhances an organization's security posture by providing improved visibility into the IT environment. Reviewers appreciate the clear and presentable dashboards that offer insights valuable for both executive and board-level reporting, a benefit highlighted by 29% of the reviews.

Support and Reliability Issues

2 mentions

A minority of reviewers, 14%, expressed dissatisfaction with the vendor's support and reliability. Experiences included…

A minority of reviewers, 14%, expressed dissatisfaction with the vendor's support and reliability. Experiences included difficulties reaching support during widespread outages and a general feeling of being underserved as customers, leading to a loss of confidence for some.

Besides CrowdStrike Falcon, what other software do you regularly use? How likely would you be to recommend it to a friend or colleague?

14 answered

Reviewers frequently identify specific security software solutions they utilize in conjunction with CrowdStrike Falcon, with Microsoft Defender being the most commonly cited. Three of 14 reviewers mentioned leveraging Microsoft Defender, specifically its Threat Intelligence and Cloud capabilities, to complement their security posture. Additionally, some reviewers noted the use of network security and access control solutions. Two reviewers each indicated using Cisco Umbrella for DNS-layer security and Netskope for Cloud Access Security Broker (CASB) and private access. The consistent positive sentiment across these mentions suggests that organizations are integrating a layered security approach, combining endpoint protection with other specialized tools to address various aspects of their cybersecurity needs. While the sample size is small, the pattern indicates a focus on robust threat intelligence, cloud security, and secure access management as key areas for supplementary software.

Microsoft Defender

3 mentions

Microsoft Defender was mentioned by 3 of 14 reviewers as a complementary security solution. Reviewers specifically high…

Microsoft Defender was mentioned by 3 of 14 reviewers as a complementary security solution. Reviewers specifically highlighted its capabilities in threat intelligence and cloud security, indicating its role in providing broader security insights and protection beyond endpoint detection and response.

Cisco Umbrella

2 mentions

Cisco Umbrella was cited by two reviewers as another regularly used software. Its inclusion suggests that organizations…

Cisco Umbrella was cited by two reviewers as another regularly used software. Its inclusion suggests that organizations value its DNS-layer security and secure internet gateway functionalities, which add an additional layer of defense against web-based threats.

Netskope

2 mentions

Netskope was mentioned by two reviewers, specifically for its Cloud Access Security Broker (CASB) and Private Access fe…

Netskope was mentioned by two reviewers, specifically for its Cloud Access Security Broker (CASB) and Private Access features. This indicates a focus on securing cloud applications and providing secure remote access, reflecting a broader trend towards hybrid work environments and cloud adoption.