My experience with CrowdStrike Falcon Endpoint Protection
February 23, 2022
My experience with CrowdStrike Falcon Endpoint Protection
Score 10 out of 10
Vetted Review
Verified User
Software Version
Falcon Complete
Modules Used
- Falcon Sandbox
- Falcon X
- Falcon Overwatch
Overall Satisfaction with CrowdStrike Falcon Endpoint Protection
The platform is installed on all endpoints and servers. I respond to alerts and check the "threat" chain down to activities, who, when, what, how, and why the action was reported/stopped. In addition, I use the sandbox ability of the system to triage suspicious content. While using the Sandbox, it could be either zip files, such as an archive, or individual files. I also know that there is an ability to triage URL's although I have not done so, I will do so when required. I also use other reports that are generated.
- Terminate suspicious activity
- Sandbox detonation
- RT reporting
- The user GUI; I had a hard time adapting to the look and feel of the platform
- Integration should have had additional user usage training
- Near Realtime protection
- Incident response
- ability to acquire forensic data
- I don't have this data, in Security, this is hard to detect
- we can know only after the incident
- The system does block malicious activity, which I did not see previously
It was a company decision to move based on the Gartner 4Quadrant to move towards CrowdStrike Falcon Endpoint Protection.
Do you think CrowdStrike Falcon delivers good value for the price?
Yes
Are you happy with CrowdStrike Falcon's feature set?
Yes
Did CrowdStrike Falcon live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of CrowdStrike Falcon go as expected?
Yes
Would you buy CrowdStrike Falcon again?
Yes