Overview
What is CrowdStrike Falcon?
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents,…
A Comprehensive Look at the Fabulous EDR CrowdStrike Falcon
CrowdStrike Falcon review for companies
Fantastic reduction in EDR operations
Great product, great performance, you get what you pay for (not cheap but worth it)
We were using other solution and we were forced …
The do everything endpoint protection tool
- Default endpoint protection tool on all servers and laptops.Laptops
- local firewall, and device lockdown (USB drives blocked)
- Spotlight
- …
Strengthening cyber defenses with CrowdStrike Falcon
Crowdstrike at its best, with small gaps.
Very useful and easy to use security tool
CrowdStrike Falcon Review
One-stop solution for malware protection
Crowdstrike Falcon - Best in the Business.
CrowdStrike real review.
CrowdStrike Security made easy.
CrowdStrike Falcon Provides Superior Protection for Your Endpoints and Identities.
How CrowdStrike Falcon Differs From Its Competitors
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Automated protection and remediation
Improved threat intelligence
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Consolidation of Tools
But we are …
Breadth of Solutions
We have been lucky to have a decent security budget and headcount, but also efficient in exploiting the security arsenal that we are provided with.
As long as I have been with …
Consolidation of Tools
Breadth of Solutions
Consolidation of Tools
Breadth of Solutions
Introduction to CrowdStrike
Trial Experience
Introduction to CrowdStrike
Introduction to CrowdStrike
Introduction to CrowdStrike
Introduction to CrowdStrike
Trial Experience
Introduction to CrowdStrike
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Endpoint Detection and Response (EDR) (69)9.494%
- Malware Detection (69)9.393%
- Infection Remediation (67)8.989%
- Centralized Management (70)8.585%
Reviewer Pros & Cons
Pricing
Falcon Pro
$6.99
Falcon Enterprise
$14.99
Falcon Premium
$17.99
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Features
Endpoint Security
Endpoint security software protects enterprise connected devices from malware and cyber attacks.
- 8.9Anti-Exploit Technology(63) Ratings
In-memory and application layer attack blocking (e.g. ransomeware)
- 9.4Endpoint Detection and Response (EDR)(69) Ratings
Continuous monitoring and response to advanced internet threats by endpoint agents.
- 8.5Centralized Management(70) Ratings
Centralized management supporting multi-factor authentication, customized views, and role-based access control.
- 8.2Hybrid Deployment Support(4) Ratings
Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.
- 8.9Infection Remediation(67) Ratings
Capability to quarantine infected endpoint and terminate malicious processes.
- 8.3Vulnerability Management(54) Ratings
Vulnerability prioritization for fixes.
- 9.3Malware Detection(69) Ratings
Detection and blocking of zero-day file and fileless malware.
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is CrowdStrike Falcon?
CrowdStrike Falcon Features
Endpoint Security Features
- Supported: Anti-Exploit Technology
- Supported: Endpoint Detection and Response (EDR)
- Supported: Centralized Management
- Supported: Infection Remediation
- Supported: Vulnerability Management
- Supported: Malware Detection
CrowdStrike Falcon Video
CrowdStrike Falcon Integrations
- Akamai Enterprise Application Access
- Cloudflare
- Attivo ThreatDefend Detection & Response Platform (a brand)
- Exabeam Fusion
- Splunk Enterprise Security (ES)
- Sumo Logic
- Swimlane
- AttackIQ Security Optimization Platform
- EclecticIQ Platform
- IntSights Cyber Intelligence, from Rapid7
- ThreatConnect SOAR (discontinued)
- Armis
- The Forescout Platform
- Claroty
- ThreatQuotient
- Panther
- Forescout
- Illusive Networks
- Netskope
- Okta
- Proofpoint
- Vectra
- zscaler
- ExtraHop
- Mimecast
- ServiceNow
- IBM Resilient Security Orchestration
- Automation and Response (SOAR)
- Arcsight Interset
- DF Labs
- LogRhythm
- Securonix
- Anomali
- Centripetal
- King & Union
- ThreatStop
- Dragos
- Medigate
CrowdStrike Falcon Competitors
CrowdStrike Falcon Technical Details
Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Windows, Linux, Mac |
Mobile Application | Apple iOS, Android |
Supported Languages | English, Japanese |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(235)Attribute Ratings
Reviews
(1-25 of 25)One-stop solution for malware protection
- Endpoint Detection and Response
- Great communication to the security operations teams for triaging a security event
- Customizable policies which can be globally applied
- Ease of integration with SIEM
- Ability to query endpoint logs within the Falcon portal itself
- Sandbox can get better in my opinion.
- Detection of source of infection in case of lateral movements recommended
- Browser based logs/ DNS queries for getting to the root of the issue
Great product
- Identifícate IOA
- Facilita to investigate
- Playbooks
- Vulnerability magnament
- Logscale
- Xdr
- It helps us to stop security breaches as well as prevent all types of attacks (including malwares, ransomwares and many other such attacks)
- It helps in Adversary Emulation Exercise
- it helps in Red Team / Blue Team Exercise
- should improve threat visibility
- its overall TCO should be reduced
- seamless integration with solutions like SIEM
It helps in Red Team / Blue Team Exercise.
Threat visibility is something where it is less appropriate.
1. To prevent Ransomware
2. Device Control
3. Protection of Workstations and servers
4. Advanced protection for Zeroday
4. To find malicious activities on systems
- Overwatch feature is amazing
- Accuracy to identify True Positive
- Powerful AL based detection method
- RFM issue
- Certificate Pinning, older sensor versions stops communicating
- Sensor Duplication
- Staff did a great job pointing our IT workers to areas that needed remediation.
- CrowdStrike Falcon Endpoint consistently blocks incursions from compromised websites and prevents PUPs from installing
- Complete Staff is very attentive and makes whitelist changes quickly which allows our staff to be productive.
- The Dashboard can become overwhelming at times, too much information to absorb
- Computers that may have made it out into the field without the endpoint sensor are very difficult to find
- As with all systems that rely on machine learning false positives occurr
CrowdStrike - good value for a good product
- Runs on clients without causing application issues
- matches files patterns/behaviors to look for unknown attacks
- contains potentially infected hosts
- The user interface is terrible
- permit users to see licensed products in the console
- less false positives. files such as Malwarebytes scanning modules should be known as safe
- make it easier to create scanning exclusions that actually work
Efficient and effective endpoint detection and response
- Efficiently picking up and preventing malware threats on endpoints
- Prompt notification capabilities on any issues
- Ability to "set and forget" with minimal maintenance required
- Falcon Spotlight integrations with automatic patching solution would be a good feature
- LogScale with SIEM functionalities would be an added feature
- Simplified one dashboard with all high-level information
Crowdstrike Falcon in Higher Ed
- Monitoring
- Notification
- Device Management
- Have an executive dashboard
- better reporting cadence
- ability to tag devices with end user names
CrowdStrike, the leader of EDRs
- Remote session
- Remediation killing quarantining the process/files
- Graphical process tree
- Splunk backend searches with all details
- Various dashboards
- Suppression to weed out false positives
- Can have some AI incorporated
- Support can be introduced
- Searching the related events require splunk knowledge which can be a show stopper
On the best automated threat protection solution
- The Log analysis is very detailed and easy to use.
- Prevent and block all type of malwares.
- Great threat intelligence which is very up-to-date with the recent cyber attacks
- very user friendly in access and management
- Automated feature of detecting, taking action and closing incidents using fusion workflow.
- The False positive alerts can be minimized
- The UI can be made better and easy to access.
- Customer support can be made better
EDR as it should be
- We have very few false positives
- We are alerted with a script runs, such as a powershell commands
- It blocks rogue software from running
- it looks for patterns such as items that spread
- More customizable dashboards for each admin user
With the majority of our users working in hybrid mode we needed a strong security control that could provide top-class protection with the minimum amount of False Positives (and, of course, of True Positives).
Falcon provides full visibility on processes, communication flows and all sorts of activities that are happening on the endpoints. It works smoothly with other tools that we have co-deployed, like DLP, DNS protection, SWG/CASB, App monitoring and Control.
Recently we added to our arsenal the Identity Protection and the Cloud Protection modules, driven by the business needs to reduce the number of vendors, tools and dashboards while achieving maximum protection and synergy/consolidation.
We believe that as a company, Crowdstrike sits on top of the range of security vendors that we work with, has the right vision and keeps delivering excellence.
We are quite happy with their Customer Success Management and Support Services and look forward to trialling their new functions: LogsScale and External Surface Risk Management.
- Endpoint Security
- Threat Detection, Protection, Reporting
- Malware Analysis
- Continuous fast delivery of new features and improvements
- Customer awareness, learning and support
- Device Control
- Identity Protection
- Identity Protection - plenty of small improvements which have been suggested by our side. Long list to mention them here. If needed I can forward you the email/presentation sent for the occassion to the Production team.
- They recognised our contribution / remarks , by providing a discount on the initial offer, which we were happy to accept.
- Our company went through an MnA with another pharmaceutical. Both companies had Crowdstrike EDR installed on endpoints, but on different Tenants.
- Unfortunately there was not an official technical solution for migrating the endpoints to a unique tenant. We had to Uninstall the existing agent from the acquired company and then Reinstall it again, which was laborious and time-consuming. I wish they had a solution for such cases :-)
- Attack Surface Management (demoed recently) doesn't seem to be fully matured yet, but they definitively are on a good path.
The learning curb is a bit steep, but if time can be dedicated to attending Workshops and Learning modules on Crowdstrike University, then 3-6 months is a realistic timeframe to yield expected outcomes.
Clear blueprints for product rollout are provided to customers based on your specific environment.
- Firewall rules and policy that are cloud-managed is great to ensure devices are in compliance.
- Low engineering time spent after implementation, we don't have to babysit the product. It just works.
- Low amount of false positives.
- I would like an option to be able to scan files/folders. I understand, however, that this isn't really the way the product is designed and that it is designed around actively running processes. But it would be great to have a way to scan incoming media before loading it on our systems.
Leader In Threat Pevention & Trusted Solution
- Threat Intelligence
- Prevention Controls
- Ability To Search For Logs
- With respect to API reporting capabilities
- Device control
- Protection against modern threats.
- Elimination of false positives.
- Very well-managed solution, the complete team is great to work with!
- Device control capabilities (USB device control) are easy to implement.
- The UI while very comprehensive is a bit cluttered.
- Could be a little more intuitive to set up device groups.
- A little clearer definition of what is available to admins in the complete offering would be nice.
CrowdStrike Falcon Delivers As Expected
- Initial detection through their various proprietary methodologies.
- The graphical display of the malware and the potential impact chain is fantastic.
- We realize sensor updating is necessary, but they seem to be very frequent.
- It is not a cheap solution.
- Massive Deployment.
- Online Endpoint Protection.
- Zero Day Attacks Protection.
- Less intrusive desktop notifications.
- Agentless protection.
- Less expensive protection bundles.
- Detections Management
- Compatibility with other Software
- Lightweight Sensor
- Device Control
- Legacy OS Support
- Integration with AD
- User Roles Management
- Provides actionable detection data.
- Lightweight and forgiving agent. We've had zero failures when deploying the agent across our organization.
- The searches in the Discovery module are extremely useful for reporting purposes. For us, it satisfies a lot of HiTrust requirements.
- Some search speeds are pretty slow. Having to wait a long time for results.
- Sometimes [ I feel] the data being presented in detection is not obvious as to why it is being considered malicious.
Don't call it AV!
- Malware detection
- Lightweight agent
- Easy installation
- Visibility into all modules
- VDI provisioning
- Phenomenal EDR capability
- Lightweight and easy to deploy sensor
- Impressive machine learning and IOA based detections
- Lots of add-on features add up the cost
- Requires some training to fully utilize
- Requires some false positive tuning initially
- Endpoint Protection
- Indication of Compromise Investigations
- Central Administration
- Firewall needs to have FQDN rules
A Complete EDR Solution
- It's strong with its EDR capabilities. It's able to collect very useful information for an investigation.
- Very lightweight agent doesn't interfere with user activities.
- Customizable to get the amount of alerts that can be investigated without getting overwhelming.
- CrowdStrike University doesn't have a lot of content, it can be completed in a few hours.
- Behavioral Detection
- Ransomware Prevention
- Always on Cloud connectivity for new pattern detections
- Low maintenance
- High network bandwidth usage occasionally
- Infrequent false positives
CrowdStrike will save your company
- Detects and automatically blocks dangerous behavior on endpoints that could be indicative of malicious activity, like executing programs from the deleted items folder, executing a SSH command in silent mode from different places in the OS, etc.
- Monitors endpoints continuously for known malware, evaluates dangerous behaviors and blocks execution based on risk tolerance settings, uses AI to draw correlations on multiple attack vectors, and has a human malware hunting element to detect known or newly detected attack vectors.
- Is easy to deploy across a large organization and manage centrally by as few as 1 person part time.
- This was the fastest and easiest implementation of an enterprise grade security system I have ever done. I pushed software to the endpoints on a Friday afternoon, and was complete by Noon on Monday, as each workstation came online, the installer completed, and we were protected.
- We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.