CrowdStrike Falcon

CrowdStrike Falcon is well-suited for business that wants to take their virus protection to the next level. It is also great for IT departments that are smaller, or run leaner and don't have as much time to spend on endpoint security.

It is best suited for organizations that have lot of machines and users, since CrowdStrike agent-based deployment is easy to manage and maintain.
CrowdStrike Falcon may be less appropriate for smaller organizations due to its cost, also a technical support team is required to install / remove agents from machines and monitor the dashboard for detections daily.

Incident response containment works really well, we have contained a couple of machines during incidents and it works pretty well. Also telemetry from different devices is useful. Identity protection alerting also works very well for us, we get tickets and calls from CrowdStrike Falcon when users connects from suspicious countries.

CrowdStrike Falcon can be operated with a low operational load, and we believe it can be used by various organizations. I think there are not many organizations for which he is not suitable. Instead, I think it depends on whether or not you can trust and implement this highly complete service.

It can be used in combination with your current AV solution or even as an standalone product.
It seems to work pretty well and protects you from almost everything tested.
Maybe RFM can be improved, specially with patch Tuesdays, but nothing to worry too much about.

CrowdStrike Falcon is an all in one solution - One agent, low impact

I would highly recommend CrowdStrike Falcon to any organization serious about bolstering its cybersecurity defenses. The platform's effectiveness in threat detection, proactive mitigation, and scalability make it a valuable asset in today's ever-evolving threat landscape. Despite some learning curves and integration challenges, the return on investment and the overall security enhancement justify its strong recommendation.

It is suitable for large companies with complex organizational structures that are managed by the company's own staff or by Crowdstrike. It is less suitable for small companies due to its high initial costs, especially if it is offered as a service from an MSP, since the management of MSP users is complicated and, in some cases, it cannot even be a real vision of the users that can manage each company.

The deployment is very easy and very fast. You don't need an enviremont in your own data center. It is easy to use and you have a good on demand online traning. You can't see the status on the client easy. There would be a tray or somethimg like this very good.

CrowdStrike has detected some malicious activity on computers that it has stopped successfully. It works on Windows, MacOS, and Linux which is helpful for organizations with multiple OS's. It hasn't always been as great at preventing more minor adware or annoyance software. It can still sometimes be difficult to figure out exactly what a user was doing that triggered an alert.

CrowdStrike Falcon can be treated as a single source for endpoint protection. With additional features, CrowdStrike Falcon has a strong use case for preventing malware infection in the infrastructure security ecosystem. CrowdStrike Falcon's complete helps get the MSSP capabilities for SOC detection and incident response from a league of experts.

I have been in the industry for close to thirty years and this has been one of the best endpoint protection programs I have ever used. We feel confident as an organization that we are protected on the endpoints at all times. The Falcon Complete team is great for providing assistance whenever we need it.

Protecting Windows, Linux, and MAC Operative Systems from all kinds of threats. Not only alerting but also preventing, using behavior detection and file analysis.

It is suited to small teams who require additional backup and assistance within the security area.

I feel CrowdStrike Falcon is well suited for anybody who takes securing their systems and employees safe. They have a $1 million breach policy, which helps give peace of mind that they stand behind their product and really believe in it. This was the big determining factor for us. Not because we needed the $1 million policy but because it shows how much they are willing to invest in their products as the best on the market.

the mdr service is very good, the response and remediation capabilities work very well. The growth of the platform and the new modules show the continuous innovation that the product has.It could improve the responses to support tickets.

It helps in Adversary Emulation Exercise.
It helps in Red Team / Blue Team Exercise.

Threat visibility is something where it is less appropriate.

Unmatched AI capability to find security threats & seamless Customer Support

I am not sure there is a scenario where CrowdStrike Falcon is less appropriate, the software does a great job of showing where the problem came from and how it was stopped by the system. A report is generated letting your staff know that a problem was found and remediated. I think if you have users that are working 24X7 or multiple time zones having Complete will take care of alot of hassles. You can work with your team to decide what level of involvement you want your complete team to take they can go from just monitoring all the way up to seeing and resolving issues with your staff being notified after resolution

Since it is easy to deploy and use, it can be deployed and protect small and large companies immediately. best suitable for Hi-tech companies and Thin SecOps teams Falcon X threat intelligence and Threat Graph cloud-based data analytics provide the ability to detect advanced threats and analyze user and device data to spot anomalous activity.

I believe CrowdStrike could be a successful implementation in any organization, however, for any company that wants someone be on top of detections, exclusions, actions, etc. they would need a full time employee to manage the product. The price point is in line with other products and has integrations with more 3rd party SIEM, scanning and network monitoring solutions than any other vendor.

Great product for endpoint detection and response for any sized organisations. Simple configuration and installation ensures its well suited for small and medium sized organisations.

CS Falcon is suited for nearly all scenarios and deployment. The only challenge would be if devices contain protected data the need for the Gov Cloud installation would be necessary. This can split up your installation base but isn't anything that is very difficult to manage.

CrowdStrike is really a wide reaching EDR solution for very large organizations, it makes economical sense to deploy CrowdStrike Falcon if your organization has a large endpoint footprint, threat hunting is 24/7 so meaning if most of the security team is on holiday CrowdStrike is able to mitigate a lot of threats without the help of the security team essentially and it also does send out alerts if necessary.

However, CrowdStrike isn't your typical anti-virus solution it does not provide you with the ability to control it manually like you would with some products out there.

Very well suited in remote session scenarios which can be used to fetch files or perform other desired operations. Also suited in identifying the root cause of the attack, CrowdStrike was among the first of its competitors the EDR does its work they introduce new features regularly like fusion workflow which we use for tuning it will be great to see what they do in the future.