CrowdStrike Falcon

Since CrowdStrike is a cloud-native platform, it reduces the need to maintain many servers on-premise and worldwide architecture. McAfee uses very high CPU and RAM resources on endpoints and servers.

It was a company decision to move based on the Gartner 4Quadrant to move towards CrowdStrike Falcon Endpoint Protection.

CrowdStrike Falcon Endpoint certainly comes in with a slight price premium compared to other offerings, but when you're talking about your last line of defense against malware it's well worth it. From a feature perspective, many players offer similar feature sets but what sets CrowdStrike apart is the ease of implementation. The management is simplistic in nature for the items we managed on our own (we were using Falcon Complete which is a managed solution).

Crowdstrike Falcon Endpoint protection is based on AIML enhanced technology,l. It's cloud-based so users don't need to connect to their office network to get their policy synchronization done from Server to endpoints agents. Also, the Crowdstrike Falcon agent size is small and it consumes fewer resources of the machine.

N/A

The features for Crowdstrike Falcon far outweigh the competition. From the cloud infrastructure, implementation, deployment, and even the support staff, Falcon is beyond anything that we have used. It's only going to get better from here on out and believe that we will be customers for a very long time. All the other solutions we have used and/or tested just don't compete at the same level as Falcon.

Our previous endpoint solution was Trend Micro. The trending product did not have half the newer detection capabilities of Crowdstrike which were very evident after the migration. In comparison to Symantec which is very cumbersome and requires a lot of care and feeding, Crowdstrike runs very efficiently and requires very little on-going maintenance from a management perspective.

There were no other products that worked as well as CrowdStrike [Falcon Endpoint Protection]. It was a must-have since it also kept web pages secure and allowed no viruses to enter into our network.

We decided on CrowdStrike [Falcon Endpoint Protection] because of the way we were able to significantly organize our devices in specific groups of devices and be able to manage the endpoints with strict policy enforcements. Other products didn't do as well of a job to organize devices.

CrowdStrike gives us real time visibility and insight into everything on our endpoints. We now have a single lightweight agent that actually records endpoint activity. CrowdStrike is now cloud native which helped us to drive costs down. We now have worldwide class intelligence to provide full pictures of attacks. Updates are added to our platform seamlessly and without having to re-architect or re-engineer our current solution.

[Because of] its cloud-based architecture, complete set of features, LDAP integration and massive deployment options. The open integration with another security solution and it's almost native with all Windows flavors including Windows Server. Its Incident Response Team is a one-and-only kind of solution that makes CrowdStrike a really different competitor and a natural leader in cybersecurity market.

It's easier to manage, less time to deploy, has more integrations and better understands the business needs. False positives, visibility, sensors management, device control, detections, preventions are pretty much the differentiators with other rivals. It will have more and more visibility and enhancements because it's Splunk based, so all data can be helpful

Crowdstrike [Falcon Endpoint Protection] blows [McAfee Endpoint Security] out of the water. At least when you compare their traditional AV to CrowdStrike. Operational and Security wise, leaps and bounds.

XDR and Crowdstrike were about even for us. Carbon Black was the agent we were replacing due to failures.

CrowdStrike is on another level compared to AV solutions.

I was not part of the selection process; however after speaking with the team that did make the call, the following where the key scenarios or features that ultimately made the decision.

1. The number one decision from the support team was the client deployment and management of agents. Other agents required multiple installations, reboots, exceptionally large footprints, etc. The less impact for the user, means easier management with less stress.
2. Scalability to quickly add new hosts into appropriate policies in bulk and not being restricted by static groupings.
3. There are a number of users that will need access to the CrowdStrike platform, so ensuring that only the appropriate people have access to what they need is a huge win.
4. Alert data is great; however what brings a SOC or IR team to the next level is analytics for threats. Having the Splunk backend allows an insane number of analytical capabilities.
5. For ease of mind for sysadmins allowing easy rollback and/or upgrade paths is a massive win. From a CS management perspective ease of administration to the white/black list keeps admins out of the console lining things up and allows them to spend the time where it is needed.
   
6. Network containment was absolutely required. Other key players could perform the option but it was haphazard or relied on the Windows Firewall which is insecure. CrowdStrike performs shimming into the TCP/UDP stack allowing "true" containment.
7. CrowdStrike was leading as a great vendor for overall threat prevention. To this day they have solidified that.

CrowdStrike Falcon Endpoint Protection goes way beyond signature-based detections. I've seen no other product that can do what this one does.

SentinelOne is Falcon's greatest competitor on the market at this time. The only real deficit comparing the two, is SentinelOne's ability to support legacy OS that CrowdStrike has chosen not to support. This decision results in an environment choosing to use Falcon with legacy OS present having to leverage a second product that supports legacy devices which have not been removed from the environment.

CrowdStrike was superior in every way to Symantec. This extends from the ease of use of the system to the helpfulness of the sales team. We struggled for years with a large amount of false positives and difficulty managing the Symantec software. Within weeks of pushing out CrowdStrike, we reduced our management time in half.

Panda and Crowd Strike were two products that blew me away when looking for a replacement for Sophos one we had the renewal quote. Crowdstrike handled Zero day malware amazingly. The only problem we had was the price point at the time, functionality was pretty much the same but Crowd Strike at the time was focused on the anti malware side of thing Panda had a little bit more flexibility for us as a business. I would not turn away from Crowdstrike again and will look at it when we are due for renewal again.

Overall I found CrowdStrike Falcon's EDR capabilities superior to their competitors. Also, the user interface has taken its time to mature and is very intuitive and has a natural flow. Policy configuration and assignment as well as the features and settings within the config were more complete and met all our requirements. Lastly, the agent plays nice with everything else running on systems. We hardly ever have issues of Falcon interfering with users or services, and false positives are kept at a minimum.

Crowdstrike has a much lower memory footprint than most traditional antivirus platforms and has a much more modern interface. The centralized portal gives data which feels like it actually represents reality. We feel we can be confident that Falcon actually works but we have literally never had any complaints about performance issues, something which has always been a problem with every other platform as they run memory/CPU intensive scans in the background.

Selected Crowdstrike because of its partnership with AWS

Evaluated SEPM but ended up going with Falcon. The response time is immediate with great customer service and tech support. Falcon has more features and also supports USB control. It is way more advanced in product functions and user interface.

Ease of use and proven track record led to adoption of CrowdStrike over others. No complaints from support of business teams so far with the use of this tool. The facility to remote contain the host has saved cycles for both SOC and the platform support teams. The cloud updates and policy management is a plus apart from exceptional customer support.