CrowdStrike Falcon delivers breadth and depth in an operator-first package
February 27, 2023

CrowdStrike Falcon delivers breadth and depth in an operator-first package

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Software Version

Falcon Enterprise

Modules Used

  • Falcon Insight
  • Falcon Prevent
  • Falcon Device Control
  • Falcon Discover
  • Falcon Intelligence
  • Falcon Sandbox

Overall Satisfaction with CrowdStrike Falcon

Crowdstrike Falcon is used to provide a comprehensive suite of endpoint detection and response capabilities across the enterprise. It is the primary platform for detecting and preventing malicious content and actions on endpoints. Additionally, we leverage Crowdstrike Falcon Intelligence as a primary source of cyber threat intelligence to further enhance our cyber security program capabilities. The complementary set of modules and capabilities provides a robust set of functionality that allows us to better control and protect the enterprise.

Pros

  • Detecting malicious endpoint behaviors
  • Providing thorough, timely cyber threat intelligence
  • Integrate effectively between modules and with other security platforms

Cons

  • Event Search is built on Splunk which requires some SPL knowledge to be effective
  • Detections sometimes lack important information (e.g. hash of payload vs. hash of executing application)
  • Overlap between modules (e.g. Insight and Discover for login activity) aren't always presented in a unified/integrated way
  • Increased endpoint telemetry to aid in detection and response to cyber incidents
  • Low management overhead (self-updating, SaaS platform, etc) drastically reduced overall sustainment costs
  • Threat Intelligence reporting has enabled us to keep senior leadership apprised of the cyber threat landscape (and what we're doing to defend against it)
We've replaced our traditional AV and legacy, GPO-based USB controls with Falcon Insight/NGAV and Device Control.
This gives security a much more consolidated and holistic operating view across the environment. It reduces the amount of manual correlation required to understand the overall security posture. It has also greatly reduced the amount of time and resources that go in to chasing low-quality AV alerts, freeing up resources for more impactful analysis.
The Falcon platform covering such a broad range of capabilities and challenges makes it much easier to rapidly address those challenges. Rather than a full procurement cycle, onboarding new technology, deployment overhead, new tools to learn and manage, we can typically work directly with our CrowdStrike customer success team to identify and scope the need and get something up and running in days instead of months. The breadth also helps to create an increasingly holistic view of our environment, because we can start to see all of the various pieces and aspect in one consolidated platform (instead of bouncing between 2-5 different consoles).
  • Using the Network Contain capability to isolate endpoints that aren't compliant with patch requirements
  • Using Real Time Response to support automation of deeper-dive forensics and analytics

Do you think CrowdStrike Falcon delivers good value for the price?

Yes

Are you happy with CrowdStrike Falcon's feature set?

Yes

Did CrowdStrike Falcon live up to sales and marketing promises?

Yes

Did implementation of CrowdStrike Falcon go as expected?

Yes

Would you buy CrowdStrike Falcon again?

Yes

There's a reason Falcon is the leader in this market space. Crowdstrike has built a very powerful combination of modules that cover a broad swath of the cyber security mission, especially as it relates to endpoint. While no security tool is a silver bullet, Falcon does a great job of tackling some of the most prevalent and impactful challenges in defending endpoints. Add in the best-in-class intelligence derived from their massive, global reach and you have a platform that pack a lot in. There will always be trade-off when it comes to UI/UX, and there is definitely a learning curve to mastering Falcon, but by no means worse than any major technology.

CrowdStrike Falcon Feature Ratings

Anti-Exploit Technology
6
Endpoint Detection and Response (EDR)
8
Centralized Management
8
Infection Remediation
Not Rated
Vulnerability Management
Not Rated
Malware Detection
7

Comments

More Reviews of CrowdStrike Falcon