CrowdStrike, the leader of EDRs
April 09, 2023

CrowdStrike, the leader of EDRs

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Software Version

Falcon Enterprise

Modules Used

  • XDR
  • Falcon Insight
  • Falcon Prevent
  • Falcon Overwatch
  • Falcon Complete
  • Falcon Intelligence Recon
  • Falcon Intelligence
  • Falcon Zero Trust

Overall Satisfaction with CrowdStrike Falcon

We use CrowdStrike Falcon to analyze alerts originating in our client's environment. These are purely security alerts based on information security use cases such as identifying persistence, exploits, lateral movement, pup based attacks and a lot other categories. Falcon does a great job in identifying these and provides various ways to analyze these some of which are checking out the process tree, checking out the parsed fields on osint like hashes on vt, ips on abuse db, file names, path parent processes, child processes, etc. We also use this product to take a remote session of endpoints to triage and remediate in case of attacks.

Pros

  • Remote session
  • Remediation killing quarantining the process/files
  • Graphical process tree
  • Splunk backend searches with all details
  • Various dashboards
  • Suppression to weed out false positives

Cons

  • Can have some AI incorporated
  • Support can be introduced
  • Searching the related events require splunk knowledge which can be a show stopper
  • We provide cyber security services so it plays a super important role
  • Identifying attacks and intimidating customers helps us to be in the good books and reputation
  • Word of mouth is also great when we tell we use edr in the market which is new tech compared to siem
  • Remote shell
  • Remediation of attack
  • Suppression of rules
Pricing was less, it had better ratings as well as word of mouth in the market. Works on agent-based solution rather than remote access. Finds zero day attacks very soon recently CrowdStrike found the 3cx attack which is now a critical supply chain attack. CrowdStrike falls under the leader category.

Do you think CrowdStrike Falcon delivers good value for the price?

Yes

Are you happy with CrowdStrike Falcon's feature set?

Yes

Did CrowdStrike Falcon live up to sales and marketing promises?

Yes

Did implementation of CrowdStrike Falcon go as expected?

Yes

Would you buy CrowdStrike Falcon again?

Yes

Very well suited in remote session scenarios which can be used to fetch files or perform other desired operations. Also suited in identifying the root cause of the attack, CrowdStrike was among the first of its competitors the EDR does its work they introduce new features regularly like fusion workflow which we use for tuning it will be great to see what they do in the future.

CrowdStrike Falcon Feature Ratings

Endpoint Security
8.6
Anti-Exploit Technology
9
Endpoint Detection and Response (EDR)
10
Centralized Management
8
Infection Remediation
8
Vulnerability Management
Not Rated
Malware Detection
8

Comments

More Reviews of CrowdStrike Falcon

  1. Home
  2. Endpoint Security Software
  3. CrowdStrike Falcon Reviews
  4. User Review of CrowdStrike Falcon