CrowdStrike will save your company
January 17, 2018

CrowdStrike will save your company

Mark Sauer | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with CrowdStrike Falcon Endpoint Protection

Crowdstrike (CS) is deployed globally to all workstations and a dozen critical servers. Crowdstrike is our only application for endpoint protection/security. We went with Crowdstrike specifically to address a rash of Ransomware we experienced back in 2016. Since installing, our problems completely disappeared.
  • Detects and automatically blocks dangerous behavior on endpoints that could be indicative of malicious activity, like executing programs from the deleted items folder, executing a SSH command in silent mode from different places in the OS, etc.
  • Monitors endpoints continuously for known malware, evaluates dangerous behaviors and blocks execution based on risk tolerance settings, uses AI to draw correlations on multiple attack vectors, and has a human malware hunting element to detect known or newly detected attack vectors.
  • Is easy to deploy across a large organization and manage centrally by as few as 1 person part time.
  • This was the fastest and easiest implementation of an enterprise grade security system I have ever done. I pushed software to the endpoints on a Friday afternoon, and was complete by Noon on Monday, as each workstation came online, the installer completed, and we were protected.
  • We get false positive detections when we run an email signature script for our users. These false positives can be a distraction. We've implemented a whitelist for those behaviors, but had some difficulty in figuring out how to configure CrowdStrike to recognize these executions since the file name and hash were always different (the executing file was firstname_lastname.exe, and that was too Vague to whitelist.
  • CS is fairly expensive for security software, but it works.
  • From an ROI perspective, if you could quantify the cost of a day or more of company downtime during a Ransomware event, plus the remediation time, and the fact that you will likely have some data loss, the cost is quickly justified.
  • CS keeps our business units (26 across the globe) up and running 24/7 with no incidents for 2 years and running.
  • Easy install, little time required to administrate and manage, makes this a security tool most CIO / CISO executives can love.
Trend Micro, Darktrace (I like Darktrace a lot too), Cylance.

Crowdstrike is as good or better than all the other products. Trend Micro AV/endpoint security is probably less mature, but CS and Darktrace are both excellent tools. Cylance is good too, but there has been some long-term concern expressed whether the Cylance algorithms can evolve as fast as malicious code.
It simply works. I do get alerts, but I know Crowdstrike is blocking the behavior or malware, so I don't lose any sleep. Since installing CS, we have not had a single security incident. Nice to focus on other value add tasks than remediating malware or Ransomeware.