Skip to main content
TrustRadius
CrowdStrike Falcon

CrowdStrike Falcon

Overview

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents,…

Read more
Recent Reviews
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features
  • Endpoint Detection and Response (EDR) (69)
    9.4
    94%
  • Malware Detection (69)
    9.3
    93%
  • Infection Remediation (67)
    8.9
    89%
  • Centralized Management (70)
    8.5
    85%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

Falcon Pro

$6.99

Cloud
per endpoint/month (for 5-250 endpoints, billed annually)

Falcon Enterprise

$14.99

Cloud
per endpoint/month (minimum number of endpoints applies)

Falcon Premium

$17.99

Cloud
per endpoint/month (minimum number of endpoints applies)

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.crowdstrike.com/endpoint…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Features

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

8.8
Avg 8.5
Return to navigation

Product Details

What is CrowdStrike Falcon?

CrowdStrike offers cloud-delivered endpoint protection. CrowdStrike aims to revolutionize endpoint protection by unifying next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.

The vendor states many of the world’s largest organizations use CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies.

CrowdStrike Falcon Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Infection Remediation
  • Supported: Vulnerability Management
  • Supported: Malware Detection

CrowdStrike Falcon Video

CEO George Kurtz discusses challenges organizations face using legacy cybersecurity solutions & how easy, fast & effective the CrowdStrike Falcon platform is by comparison.

CrowdStrike Falcon Integrations

CrowdStrike Falcon Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationApple iOS, Android
Supported LanguagesEnglish, Japanese

Frequently Asked Questions

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.

Reviewers rate Endpoint Detection and Response (EDR) highest, with a score of 9.4.

The most common users of CrowdStrike Falcon are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(235)

Attribute Ratings

Reviews

(1-25 of 73)
Companies can't remove reviews or game the system. Here's why
Chris Stutzman | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon as our exclusive EDR platform. CrowdStrike Falcon has been amazing! Not only is the application extremely lightweight, but it also catches all anomalous activity and can immediately stop it. It also gives you excellent visibility on the host machine and what has transpired. It has brought our organization great peace of mind!
  • Stopping malicious activity.
  • Provides great visibility into events.
  • Works as an extension of our IT team.
  • In dashboard filtering for all records, without needing to export.
CrowdStrike Falcon is well-suited for business that wants to take their virus protection to the next level. It is also great for IT departments that are smaller, or run leaner and don't have as much time to spend on endpoint security.
Humayoon Khan | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
I use CrowdStrike Falcon as the main source of monitoring threats originating from operating systems used by our servers, workstations, staff laptops and guest users machines.
Our organization being a university where thousands of students and hundreds of staff turn up daily, puts our critical assets at risk of being compromised by an insider. CrowdStrike Falcon helps us identify the source of a threat accurately, blocks the triggering file or script before it can cause damage. The AI / ML based detections are very helpful because they catch threats that other vendors may fail at. The scope of our use case is endpoint monitoring and threat management.









  • AI / ML based malicious activity detections
  • Detection information presented clearly and concisely on dashboard
  • Easy filtering of detections on hostname, detection name, severity, date, time, hash, technique etc
  • traces full process chain instead of just showing the source file or script which really helps in tracing the main security concern of machine
  • If some malicious app uses microsoft's signed binary like onedrive, cmd, wscript CrowdStrike would tag the microsoft binary as malicious and fails to provide the actual file that tried to execute these.
  • For example if a
  • malware.exe tries to run this command
  • cmd /c bitsadmin
  • CrowdStrike would tag cmd or bitsadmin as malicious and does not mention malware.exe at all sometimes
  • There are two different dashboards (updated and deprecated) which causes confusion among my team, all must be on same page and use single dashboard.
  • Support is very slow in responding to problems and depend on automated bots which really frustrates when a major issue arises.
It is best suited for organizations that have lot of machines and users, since CrowdStrike agent-based deployment is easy to manage and maintain.
CrowdStrike Falcon may be less appropriate for smaller organizations due to its cost, also a technical support team is required to install / remove agents from machines and monitor the dashboard for detections daily.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
It's been used as ERD solution. Great ability to achieve network segmentation via the host firewall. We also used the IdP module and Horizon for cloud security. Data protection is a product we're still testing but looking promising. The visibility and telemetric getting from each sensor is great and the CrowdStrike Falcon complete visibility is pretty reliable.
  • Network segmentation for host and servers using the firewall.
  • USB block by the sensor.
  • IDP alerts from our domain and different identities
  • Support response.
  • Sensor stability, sometimes the sensor fails on computers
  • Improve menus
Incident response containment works really well, we have contained a couple of machines during incidents and it works pretty well. Also telemetry from different devices is useful. Identity protection alerting also works very well for us, we get tickets and calls from CrowdStrike Falcon when users connects from suspicious countries.
Score 10 out of 10
Vetted Review
Verified User
Our EDR and its operations utilize CrowdStrike Falcon as the cornerstone of security. Currently, people are concerned about the protection of IDs.
  • Prompt response
  • Reliable follow up
  • High detection ability
  • Enhancement of Japanese language
  • Screen configuration that requires no screen transitions as much as possible
CrowdStrike Falcon can be operated with a low operational load, and we believe it can be used by various organizations. I think there are not many organizations for which he is not suitable. Instead, I think it depends on whether or not you can trust and implement this highly complete service.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
CrowdStrike is the corporate protection against known (and unknown) malware and bad people.
We were using other solution and we were forced to change it really quick.
The process has been really simple, and for the moment we are really happy with how it works and how it performs.
It can be used both on computers and servers, and it supports quite good both Windows & Linux
  • Protection against all kind of malware
  • Performance
  • Real Time Response
  • Custom IOC Management
  • Notifications to end users
  • Tray Icon
It can be used in combination with your current AV solution or even as an standalone product.
It seems to work pretty well and protects you from almost everything tested.
Maybe RFM can be improved, specially with patch Tuesdays, but nothing to worry too much about.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Default endpoint protection tool on all servers and laptops.Laptops
  • local firewall, and device lockdown (USB drives blocked)
  • Spotlight
  • vulnerabilities
  • Identity Protection - lateral movement, service account protection, insider threat
  • Threat Intel / Sandbox
  • EDR
  • Threat Intel
  • USB blocking
  • Complete team - triage and escalation
  • Better reporting
CrowdStrike Falcon is an all in one solution - One agent, low impact
James Dilley | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We deployed CrowdStrike Falcon across our organization to strengthen our cyber defenses. The use cases ranged from endpoint protection to threat intelligence, covering a broad spectrum of security needs. The deployment was organization-wide, safeguarding endpoints and critical systems against evolving cyber threats. The reduction in manual tasks and real-time updates contribute to time savings for our security team.
  • CrowdStrike Falcon's next-gen endpoint protection consistently outperforms traditional solutions.
  • The cloud-native architecture ensures seamless scalability and real-time updates, eliminating the need for manual interventions.
  • CrowdStrike Falcon's threat intelligence and hunting capabilities are unparalleled.
  • The advanced features may pose a learning curve for users unfamiliar with modern cybersecurity tools.
  • A more transparent pricing model could assist in budget planning.
  • Expanding compatibility with a broader range of security solutions would be advantageous.
I would highly recommend CrowdStrike Falcon to any organization serious about bolstering its cybersecurity defenses. The platform's effectiveness in threat detection, proactive mitigation, and scalability make it a valuable asset in today's ever-evolving threat landscape. Despite some learning curves and integration challenges, the return on investment and the overall security enhancement justify its strong recommendation.
Score 8 out of 10
Vetted Review
ResellerIncentivized
We use Crowdstrike to protect the company's servers and keep them safe from as many threats as possible.
  • Known malware detection.
  • Software detection with malicious behavior.
  • Identification of processes with anomalous behavior.
  • User management in cases where the service is provided as an MSP.
  • Clarity in console menus.
  • Integration with third-party EPP.
It is suitable for large companies with complex organizational structures that are managed by the company's own staff or by Crowdstrike. It is less suitable for small companies due to its high initial costs, especially if it is offered as a service from an MSP, since the management of MSP users is complicated and, in some cases, it cannot even be a real vision of the users that can manage each company.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon as our Security Solution for the Clients an the Server. Also we do vulnerability management with CrowdStrike Falcon. We also use the Identy Modul to secure oour Active Directory Accounts. We also use the multi factor autorisation of CrowdStrike Falcon. In the Future we plan to use CrowdStrike Falcon in our cloud envirements.
  • prevention
  • vulnerability management
  • sensor is very small
  • Client tray
  • On demand Scans
The deployment is very easy and very fast. You don't need an enviremont in your own data center. It is easy to use and you have a good on demand online traning. You can't see the status on the client easy. There would be a tray or somethimg like this very good.
November 06, 2023

CrowdStrike Falcon Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon to detect potential malicious activity on both end user computers and servers.
  • Detects suspicious activity
  • Shows exact location and processes involved in suspicious activity
  • Isolate computers with suspicious activity
  • Setting up on MacOS was more complicated than expected (as kernel extensions were being phased out)
  • Remediation is not always as automated as some other systems (e.g. Malware Bytes)
CrowdStrike has detected some malicious activity on computers that it has stopped successfully. It works on Windows, MacOS, and Linux which is helpful for organizations with multiple OS's. It hasn't always been as great at preventing more minor adware or annoyance software. It can still sometimes be difficult to figure out exactly what a user was doing that triggered an alert.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
CrowdStrike Falcon is used as an EDR agent and we also leverage Falcon Complete services for additional security operations assistance. Additionally, EDR logs are combined with SIEM logs to gather better insights about a security event which may or may not qualify for additional deep dive research. CrowdStrike Falcon is customizable and has a robust threat intelligence inbuilt.
  • Endpoint Detection and Response
  • Great communication to the security operations teams for triaging a security event
  • Customizable policies which can be globally applied
  • Ease of integration with SIEM
  • Ability to query endpoint logs within the Falcon portal itself
  • Sandbox can get better in my opinion.
  • Detection of source of infection in case of lateral movements recommended
  • Browser based logs/ DNS queries for getting to the root of the issue
CrowdStrike Falcon can be treated as a single source for endpoint protection. With additional features, CrowdStrike Falcon has a strong use case for preventing malware infection in the infrastructure security ecosystem. CrowdStrike Falcon's complete helps get the MSSP capabilities for SOC detection and incident response from a league of experts.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use endpoint protection, MFA anywhere and identity management to protect our organization. Falcon complete oversees all of the system to make sure we are protected at all times. We feel confident in the protection the platform provides and have nothing negative to say about the product. We have had great success.
  • MFA Everywhere to protect our systems from remote login connections.
  • Realtime endpoint protection that is updated regularly without intervention from our system administration team.
  • 24 x 7 x 365 monitoring of the system to provide protection at all times.
  • Walkthroughs of new features when added to the console.
  • Better instructions on how and where to add or change policies for various tools.
I have been in the industry for close to thirty years and this has been one of the best endpoint protection programs I have ever used. We feel confident as an organization that we are protected on the endpoints at all times. The Falcon Complete team is great for providing assistance whenever we need it.
November 01, 2023

CrowdStrike real review.

Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use it to protect all of our computers and servers.
  • Malware detection.
  • Bad behaviour detection.
  • Support on old Operatives Systems.
Protecting Windows, Linux, and MAC Operative Systems from all kinds of threats. Not only alerting but also preventing, using behavior detection and file analysis.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Fully Managed Security Service that investigates detections and either escalates or deals with them directly for us.
  • MDR
  • Vulnerability assessment.
  • Identity Protection.
  • Easier to use interface.
  • Log management.
  • Investigations
It is suited to small teams who require additional backup and assistance within the security area.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike as an end-point protection application. We also use CrowdStrike's Identity Threat Protection module, which allows us to gain greater insight into and secure our end user by tying into our IAM solution. This helps us achieve our new cybersecurity goals of providing a primary focus on protecting user's identities and not putting the main focus on protecting endpoints. By implementing CrowdStrike Falcon Complete, we are able to monitor security for our endpoints and our user identities 24/7. This is a big plus for us as we are not staffed 24/7 and can rely on a reputable SOC from CrowdStrike to oversee and monitor security for all of our endpoints and our identities.
  • Protection of end points.
  • Protection of user identities.
  • Providing quick response to any identified security issues.
  • CrowdStrike can be on the more expensive side of end point and identity management, but it's worth it.
I feel CrowdStrike Falcon is well suited for anybody who takes securing their systems and employees safe. They have a $1 million breach policy, which helps give peace of mind that they stand behind their product and really believe in it. This was the big determining factor for us. Not because we needed the $1 million policy but because it shows how much they are willing to invest in their products as the best on the market.
August 26, 2023

Great product

Score 10 out of 10
Vetted Review
ResellerIncentivized
we use the product to protect computers and servers. We have a 7x24 soc service, crowdstrike allows us to detect, investigate and respond to incidents in a few minutes.decreased and the facilities for sharing information and research have allowed the soc to reduce response times.playbooks have made it possible to respond on other platforms
  • Identifícate IOA
  • Facilita to investigate
  • Playbooks
  • Vulnerability magnament
  • Logscale
  • Xdr
the mdr service is very good, the response and remediation capabilities work very well. The growth of the platform and the new modules show the continuous innovation that the product has.It could improve the responses to support tickets.
Score 9 out of 10
Vetted Review
ResellerIncentivized
CrowdStrike Falcon is installed on all endpoints and Server VMs at our end.It helps us to stop security breaches as well as prevent all types of attacks (including malwares, ransomwares and many other such attacks)
  • It helps us to stop security breaches as well as prevent all types of attacks (including malwares, ransomwares and many other such attacks)
  • It helps in Adversary Emulation Exercise
  • it helps in Red Team / Blue Team Exercise
  • should improve threat visibility
  • its overall TCO should be reduced
  • seamless integration with solutions like SIEM
It helps in Adversary Emulation Exercise.
It helps in Red Team / Blue Team Exercise.

Threat visibility is something where it is less appropriate.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use Crowdstrike Falcon for the below points
1. To prevent Ransomware
2. Device Control
3. Protection of Workstations and servers
4. Advanced protection for Zeroday
4. To find malicious activities on systems
  • Overwatch feature is amazing
  • Accuracy to identify True Positive
  • Powerful AL based detection method
  • RFM issue
  • Certificate Pinning, older sensor versions stops communicating
  • Sensor Duplication
Unmatched AI capability to find security threats & seamless Customer Support
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon Complete to augment our IT staff. Using complete gives us the 24X7 protection we need without burdening our already time challenged staff. The combination of CrowdStrike Falcon on our endpoints and monitoring by Crowdstrike Falcon complete gives us the coverage we need.
  • Staff did a great job pointing our IT workers to areas that needed remediation.
  • CrowdStrike Falcon Endpoint consistently blocks incursions from compromised websites and prevents PUPs from installing
  • Complete Staff is very attentive and makes whitelist changes quickly which allows our staff to be productive.
  • The Dashboard can become overwhelming at times, too much information to absorb
  • Computers that may have made it out into the field without the endpoint sensor are very difficult to find
  • As with all systems that rely on machine learning false positives occurr
I am not sure there is a scenario where CrowdStrike Falcon is less appropriate, the software does a great job of showing where the problem came from and how it was stopped by the system. A report is generated letting your staff know that a problem was found and remediated. I think if you have users that are working 24X7 or multiple time zones having Complete will take care of alot of hassles. You can work with your team to decide what level of involvement you want your complete team to take they can go from just monitoring all the way up to seeing and resolving issues with your staff being notified after resolution
Score 9 out of 10
Vetted Review
Verified User
CrowdStrike Falcon Endpoint Protection is a complete cloud-native security framework to protect endpoints and cloud workloads. Falcon stops breaches and improves performance with the power of the cloud, artificial intelligence (AI), and an intelligent, lightweight single agent. The Falcon Platform is flexible and extensible. Best suitable for Hi-tech companies, Non air-gapped organizations andThin SecOps teams
  • Threat Inteligance
  • Low CPU and RAM usage
  • Malware mitigation
  • Vulnerability managment
  • Hunting
  • Ease of use
  • Identity protection
  • Air-Gapped networks
  • Mobile protection
Since it is easy to deploy and use, it can be deployed and protect small and large companies immediately. best suitable for Hi-tech companies and Thin SecOps teams Falcon X threat intelligence and Threat Graph cloud-based data analytics provide the ability to detect advanced threats and analyze user and device data to spot anomalous activity.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use it for endpoint protection from malware and viruses on all PC's and laptops within the organization for both on premises and work from home users. The product is small footprint on the clients and is not noticed by the end users. It looks for not only known malware but also for patterns/IOCs that may indicate a zero day attack.
  • Runs on clients without causing application issues
  • matches files patterns/behaviors to look for unknown attacks
  • contains potentially infected hosts
  • The user interface is terrible
  • permit users to see licensed products in the console
  • less false positives. files such as Malwarebytes scanning modules should be known as safe
  • make it easier to create scanning exclusions that actually work
I believe CrowdStrike could be a successful implementation in any organization, however, for any company that wants someone be on top of detections, exclusions, actions, etc. they would need a full time employee to manage the product. The price point is in line with other products and has integrations with more 3rd party SIEM, scanning and network monitoring solutions than any other vendor.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use Falcon to ensure we protect all our endpoint devices across the whole globally distributed organisation. We aim to utilise Falcon capabilities to prevent malware being distributed and exploited on all endpoint devices. Falcon Spotlight assists with getting visibility of the number of vulnerabilities we have on our endpoints to address by ensuring robust patch management capabilities.
  • Efficiently picking up and preventing malware threats on endpoints
  • Prompt notification capabilities on any issues
  • Ability to "set and forget" with minimal maintenance required
  • Falcon Spotlight integrations with automatic patching solution would be a good feature
  • LogScale with SIEM functionalities would be an added feature
  • Simplified one dashboard with all high-level information
Great product for endpoint detection and response for any sized organisations. Simple configuration and installation ensures its well suited for small and medium sized organisations.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Deployed CS Falcon in a higher education research environment. We needed to leverage a tool that can build a models and be on the advancement of technology due to the nature of higher education and BYOD. We installed the CS Falcon on all machines and worked with the CS team to build a Gov Cloud for research equipment that required a different set of cloud protocols.
  • Monitoring
  • Notification
  • Device Management
  • Have an executive dashboard
  • better reporting cadence
  • ability to tag devices with end user names
CS Falcon is suited for nearly all scenarios and deployment. The only challenge would be if devices contain protected data the need for the Gov Cloud installation would be necessary. This can split up your installation base but isn't anything that is very difficult to manage.
Itumeleng Thekiso | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon as an endpoint sensor to detect vulnerabilities throughout our organizations endpoints, in this day and age vulnerabilities come in all shapes and sizes from all different kinds of directions bet it from; an e-mail that contains a malicious link, an infected file you unintensionally downloaded from the web, existing programs with old or new vulnerabilities that are installed on our endpoints etc.CrowdStrike Falcon really addresses these issues on a wider proportion making sure we stay up to date with new CVEs and that our endpoints are secured.
  • Host machine vulnerability detection
  • Threat mitigation
  • Activity monitoring
  • Constantly releases alerts or notifications
  • Behavourial analytics
  • Endpoint manual scan
  • Malware analysis needs improving
  • Requires some level of expertise to use its features
CrowdStrike is really a wide reaching EDR solution for very large organizations, it makes economical sense to deploy CrowdStrike Falcon if your organization has a large endpoint footprint, threat hunting is 24/7 so meaning if most of the security team is on holiday CrowdStrike is able to mitigate a lot of threats without the help of the security team essentially and it also does send out alerts if necessary.

However, CrowdStrike isn't your typical anti-virus solution it does not provide you with the ability to control it manually like you would with some products out there.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use CrowdStrike Falcon to analyze alerts originating in our client's environment. These are purely security alerts based on information security use cases such as identifying persistence, exploits, lateral movement, pup based attacks and a lot other categories. Falcon does a great job in identifying these and provides various ways to analyze these some of which are checking out the process tree, checking out the parsed fields on osint like hashes on vt, ips on abuse db, file names, path parent processes, child processes, etc. We also use this product to take a remote session of endpoints to triage and remediate in case of attacks.
  • Remote session
  • Remediation killing quarantining the process/files
  • Graphical process tree
  • Splunk backend searches with all details
  • Various dashboards
  • Suppression to weed out false positives
  • Can have some AI incorporated
  • Support can be introduced
  • Searching the related events require splunk knowledge which can be a show stopper
Very well suited in remote session scenarios which can be used to fetch files or perform other desired operations. Also suited in identifying the root cause of the attack, CrowdStrike was among the first of its competitors the EDR does its work they introduce new features regularly like fusion workflow which we use for tuning it will be great to see what they do in the future.
Return to navigation