CrowdStrike Falcon Endpoint Protection: The Cadillac of Exploit and Ransomware Protection
Randy Munroe | TrustRadius Reviewer
February 18, 2020

CrowdStrike Falcon Endpoint Protection: The Cadillac of Exploit and Ransomware Protection

Score 10 out of 10
Vetted Review
Verified User
Review Source

Software Version

Falcon Pro

Modules Used

  • Device Control

Overall Satisfaction with CrowdStrike Falcon Endpoint Protection

CrowdStrike Falcon Pro is installed on all enterprise machines, virtual and physical. We even have it installed on our private cloud servers used for web hosting. CrowdStrike is part of our layered defense strategy to mitigate breaches, ransomware and other types of malware. The ability to run on Windows, Mac, and Linux is a huge advantage that we couldn't find in every solution.
  • Ransomware protection. We ran a ransomware simulation with obfuscated executables to hide malware signatures and CrowdStrike found and stopped 15 out of 15.
  • Malware/adware detection. Packaged adware in official installers are instantly blocked without interfering with the install of the primary application.
  • The ability to do a system-level scan like a traditional AV is missing and isn't a feature CrowdStrike is planning on implementing. Old school IT guys are going to be curious about this.
  • Host management and deletion are clunky and take 45 days for a machine to fall off your subscription license.
  • While costing twice as much as our previous solution, our detection capability has at least tripled, and remediation is automated. This has saved us all time while detecting threats better.
  • Endpoint detections have gone up but have caused our firewall detections to go down overall. CrowdStrike is catching an attack earlier in the kill chain overall.
1. It had the best ransomware protection built into the base version of the software. This was our primary focus, with some companies in town being hit by ransomware every other week.
2. Better overall detection and response capability.
3. Central management is 100% cloud-based, and it makes it easy to get into a detection from anywhere and get it resolved.
Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.

Do you think CrowdStrike Falcon Endpoint Protection delivers good value for the price?

Yes

Are you happy with CrowdStrike Falcon Endpoint Protection's feature set?

Yes

Did CrowdStrike Falcon Endpoint Protection live up to sales and marketing promises?

Yes

Did implementation of CrowdStrike Falcon Endpoint Protection go as expected?

Yes

Would you buy CrowdStrike Falcon Endpoint Protection again?

Yes

There aren't many scenarios where I wouldn't recommend CrowdStrike. You'll have the ability to create protection policies for different parts of your environment so that sensitive machines have as much protection as possible, and low-risk machines aren't overly locked down. The only reason I can't see someone choosing CrowdStrike is over a matter of budget. It's not the most expensive, nor is it the cheapest.

CrowdStrike Falcon Feature Ratings

Anti-Exploit Technology
10
Endpoint Detection and Response (EDR)
10
Centralized Management
10
Infection Remediation
10
Vulnerability Management
8
Malware Detection
10