CrowdStrike Falcon's main use case is endpoint security and threat detection, which are the primary purposes for which we are using it.

A day-to-day example of using CrowdStrike Falcon for endpoint security detection occurs when a user downloads suspicious files. The system detects this activity and triggers an alert to the administrator. CrowdStrike Falcon detects abnormal behavior of the system, and an alert is generated in a console. When I log into the console, I can see that some users are trying to access malicious files which are harmful for the organization. The security team isolates the endpoint based on this judgment. We can investigate using process trees and logs in CrowdStrike Falcon. Additionally, USB device control helps sometimes with USB blocking and data access via external storage.

The best features CrowdStrike Falcon offers are endpoint detection and response, cloud-native lightweight agent, AI-powered threat detection, threat hunting, and Falcon Overwatch.

The feature I use the most is endpoint detection and response, which you can call EDR. EDR makes the difference in this case because it provides real-time alerts for suspicious activity and full process tree visibility showing what ran, what spawned, and what is happening inside the LAN on the endpoint. It allows for quick investigation of endpoint logins and quick host isolation to stop the spread.

Using CrowdStrike Falcon typically leads to faster threat detection, quicker response, and better visibility across the endpoints. This means I can understand, or an administrator can understand the logs and situation, what is happening with the endpoint, and what suspicious behaviors are occurring inside the endpoints. It has reduced false positives and has a lightweight performance impact, resulting in no heavy use or heavy scans of the agent. User productivity is also increased on the endpoint side.

Regarding improvements in reports, when I try to pull a custom report, there are some mismatches, or it does not look professional. I hope CrowdStrike will improve their custom report or inbuilt report to look professional rather than appearing like just adding numbers. Based on the requirement, they should improve their custom reports.

I have been using CrowdStrike Falcon for around one year.

CrowdStrike Falcon is very stable.

The scalability of CrowdStrike Falcon is very good and very positive.

Customer support is also appreciated as it is very good. I have raised multiple tickets with technical support, and every time I have received a good response from customer support.

We did not use any kind of solution previously.

Before CrowdStrike Falcon, there were 40 to 50 alerts per day with many antivirus detections and time wasted validating non-issues. When we installed the CrowdStrike Falcon agent on the endpoint, there are now 10 to 15 meaningful alerts that we can work on and isolate the system. There is a 60 to 70 percent reduction in false positives, allowing us to disregard those. Additionally, higher quality behavioral detection based on pattern analysis is justified. The investigation time has been reduced from three to four hours to one to two hours, and per user, we used to take around 10 to 15 minutes, but now with the reduced false positives, we can troubleshoot or inspect users within five minutes.

The pricing is very straightforward and negotiable. The license is thoughtful and very fruitful. The licensing is pretty simple, so it has a very good impact with the licensing, setup cost, and pricing with respect to CrowdStrike Falcon.

Money is saved because if a user is receiving spam alerts or spam emails which are damaging the organization's privacy, the number of alerts, data threatening, DLP, data extraction, and everything has been reduced. There is a big impact on the organization's security posture as well as time saved while doing troubleshooting, allowing us to monitor that alert via one single console. The positive impact is significant, and the money saved is a very good effect for the organization.

We have not evaluated another option before choosing CrowdStrike Falcon.

I have been using CrowdStrike Falcon for the past two years. My main use case for CrowdStrike Falcon is endpoint protection, threat protection, and investigating suspicious activities on endpoints in my day-to-day work.

In one case, we received an alert about suspicious PowerShell activities detected on one of the endpoints, and CrowdStrike Falcon detected the issue and generated an alert on our SIM solution as well. We started investigating that endpoint using CrowdStrike Falcon, confirming through the process tree that there was suspicious execution, and we began isolating the endpoint device to prevent further impact. That is how we used CrowdStrike Falcon for monitoring and investigating endpoint devices.

We also use CrowdStrike Falcon for endpoint activities and for responding to malware alerts, which is a significant part of our process.

CrowdStrike Falcon offers several features that stand out to me, including a feature called Process Tree visibility, where we can see the entire attack history including how it started, how it initiated the connection, how it ended, and the intentions behind that particular incident. Additionally, it has great threat intelligence data, isolation automation, detailed process visibility, a real-time threat blocking system, and behavioral threat detection that helps in responding to incidents on endpoints. These are the best features I have ever used.

I wish more people knew about the Process Tree visibility feature because it helps to understand the full attack chain quickly, making it a very impactful feature I have ever used.

CrowdStrike Falcon has positively impacted my organization by improving endpoint security. Even if end users are doing something on their endpoints without their knowledge, such as receiving documents from vendors, the endpoints will scan attachments before delivery, and if they are malicious, it will detect them and provide notifications and alerts. It has positively impacted endpoint security and reduced the response time for incidents and alerts.

In my experience, I noticed that the Mean Time To Respond (MTTR) has reduced by around 30 to 40 percent due to faster detection and response achieved by the Falcon agents.

CrowdStrike Falcon requires experience and knowledge about tuning, as proper tuning is required. Improvement could focus on this aspect, as well as simplifying the user interface for new users and different department employees, since it sometimes generates a lot of false positives. They should concentrate on this as well.

They can work on better reporting and simplifying the interface to enhance the overall user experience.

CrowdStrike Falcon provides very good visibility into endpoint activity, including process execution and behavior. It is not only useful for the security department; it is beneficial for other departments as well. If something happens, even developers can log into CrowdStrike Falcon to check what is happening with their endpoints. Every tool should be built with this capability in mind, including CrowdStrike Falcon, which could also work on improving user interface design.

CrowdStrike Falcon is stable, with no major issues I have faced.

CrowdStrike Falcon is highly scalable.

The customer support is good, and I have reached out to them.

We were previously using SentinelOne and Microsoft Defender but switched to CrowdStrike Falcon for better detection capabilities, especially for a client handling numerous attachments and endpoint activities.

I have seen a return on investment due to strong detection and faster response capabilities of CrowdStrike Falcon.

The pricing, according to my knowledge, is subscription-based, depending on how many endpoints and modules the organization needs to use.

Before choosing CrowdStrike Falcon, we evaluated SentinelOne and Microsoft Defender because we needed better detection and visibility.

My advice for others looking into using CrowdStrike Falcon is to have a clear understanding of how to properly fine-tune and monitor the system to get the full benefits. If they are good at these aspects, they can confidently purchase it and start working towards endpoint protection.

CrowdStrike Falcon is a strong solution with faster responses to endpoint-related incidents and alerts. Overall, it is a very robust solution for organizations dealing with endpoint security, and they can confidently choose CrowdStrike Falcon and make it work effectively. I would rate this product a 9 out of 10.

I am using CrowdStrike Falcon because I want to secure my end-user devices.

I am using CrowdStrike Falcon because it works on signature-based and signature-less technology, which will prevent me from outside attackers and outside malware.

CrowdStrike Falcon will protect me from ransomware, and after the installation of CrowdStrike Falcon, I get full control on my endpoints and I am secure from outsiders.

CrowdStrike Falcon features are robust and reliable.

There are multiple features including real-time detection, real-time prevention, ATP, and IPS.

CrowdStrike Falcon makes my job easier because it will prevent me from outsider attacks and outsider detection; for example, if I want to stop any types of pen drive block or allow, it will prevent me from that as well.

It will impact my organization positively because if anybody wants to try to hit something, wants to take access, wants to perform CNC attacks, wants to do DOS attacks, CrowdStrike Falcon will protect me regarding real-time protection, PUA detection, scanning, and scheduler scanning.

I have seen on my portal, as the owner, that last week there were some detections about Trojan malware and some detections about CryptoGuard crypto malware. There are many detections, and I have seen that Trojans and malware have been blocked by CrowdStrike Falcon.

As of now, CrowdStrike Falcon does not have application control and web control. If CrowdStrike Falcon applies those types of features, it will be more reliable and stronger than any other antivirus or next-gen antivirus in the world or in the industries.

I am using CrowdStrike Falcon from last two years.

CrowdStrike Falcon is stable right now.

It is good; I can increase it any time.

Customer support is good for CrowdStrike Falcon; they have the best support.

I have used Seqrite, but I have switched because Seqrite does not have signature-less technology.

CrowdStrike Falcon has saved me money because if any attacker attacks, they can borrow money to decrypt the file, so it is the money saved and time saved.

Pricing, setup cost, and licensing is very good for CrowdStrike Falcon based on what I have seen.

I have evaluated Sophos.

As of now, I think CrowdStrike Falcon is better and it is working fine. I rate it 10 out of 10 because it is lightweight, it has real-time detection, and it has the more powerful signature-based and signature-less technology. I can advise others that if there are any opportunities, they should use CrowdStrike Falcon because it is a very lightweight agent with signature-based and signature-less technology. CrowdStrike Falcon has real-time scanning, real-time prevention, and multiple other features. My overall rating for this product is 10 out of 10.

I deal with endpoint security, firewall, and XDR solutions. I use Sangfor and work with Trend Micro and CrowdStrike. I use CrowdStrike Falcon for enterprise companies, which is what I typically recommend.

CrowdStrike Falcon has helped my customers predict and prevent potential breaches because of its proactive approach.

The most valuable features in CrowdStrike Falcon are its AI capabilities. The lightweight agent has a positive impact on system performance and visibility through ease of use. I utilize its Threat Graph for threat hunting.

To improve my recommendation to a perfect score, I would focus on better selling skills and improved integration with different vendors.

I have been working with CrowdStrike Falcon for approximately five years.

I have previously worked with a Total Information Management Corporation solution.

I work with competitors as well, and there is good competition to Sangfor at the moment.

I have experience with these products from prior use. I work with security vendors and some of my customers use Trend Micro and CrowdStrike as well. My experience has been positive and I have been satisfied. The pricing might be a little expensive, but I find it cost-effective. I do not find CrowdStrike Falcon to be the most expensive when comparing pricing with competitors. I would rate this solution an 8 out of 10.

We are using CrowdStrike Falcon because it has very low surface impact and minimal consumption of our resources, and we mainly use it for our endpoint protection.

CrowdStrike Falcon helps with endpoint protection by having very low memory utilization and processor usage, so it doesn't impact the computer system performance, and the computer system works very fast compared to all other endpoint protection solutions.

We find it very unique that CrowdStrike Falcon, which we deployed in many countries wherever our offices are, can be installed very quickly, maintained on a single console, single panel of console, and it's really easy to use and deploy. We primarily use it for endpoint protection.

The single panel console of CrowdStrike Falcon is very user-friendly, which is what we are looking for. Having multiple administrators between various offices with this single console gives us the ability to see all offices, branch offices, and partners, making it very useful to detect machines, identify machines, and check security risks. Everything in the single console is very useful.

CrowdStrike Falcon has positively impacted our organization in terms of efficiency because it's very lightweight, easy to deploy, easy to manage, and works very efficiently. It quickly detects issues and doesn't have a signature-based system, so it works fast and takes immediate action.

I don't think anything is missing in CrowdStrike Falcon, but if they can manage their SOC solution instead of users or the end users or customers doing that, it will be very useful, just as Sophos does.

We have been using CrowdStrike Falcon for the past seven years.

CrowdStrike Falcon is stable; I have not had any issues with reliability or downtime.

For scalability, CrowdStrike Falcon deserves a perfect score of ten out of ten.

Regarding customer support, our experience has been really positive as they are very quick to assist us.

The customer support deserves a rating of ten out of ten.

We were previously using Symantec Endpoint because we were not getting proper quotations, pricing, or support, particularly in India, which is why we wanted to switch.

In terms of return on investment, we find that CrowdStrike Falcon has ROI covered because less manpower is required. It's very easy to deploy without many IT admins, saving time, and while I cannot specify the money saved, the time saved is money in terms of manpower. This makes it very useful, quick to run, quick to install, easy to manage, and easy to deploy.

We do not find any price challenges or setup costs with CrowdStrike Falcon; everything is smooth.

We evaluated three products, which were Sophos, CrowdStrike Falcon, and Trend Micro, before choosing CrowdStrike Falcon.

In some cases, we have Excel files with VBA code inside, and CrowdStrike Falcon detects that it's a bit risky for us. When people download EXE files that are threats to our organization, it detects them very quickly. It also detects threats under ZIP files and can show us the path from where it came and where it goes, allowing us to easily see where the infection is and where it has spread.

My advice for others looking into using CrowdStrike Falcon is that as an endpoint protection solution, Falcon is always reliable, and I can recommend that this is the product you can deploy and forget all the worries.

We are an end user customer of CrowdStrike Falcon; we are not a partner or reseller, and we are not receiving any gift card or incentive for this review. We are just sharing our experience as an end user and as an IT Manager.

I rate CrowdStrike Falcon 9 out of 10.

I am a customer of CrowdStrike Falcon through a consultant, and our company is headquartered in India, while our consultant is a sister company also located in India.

We use CrowdStrike Falcon internally in our company.

I am using CrowdStrike Falcon for its purpose, which is to save the company from any attacks, viruses, or whatever threats are available.

The most useful feature of CrowdStrike Falcon is protection, though it cannot be described in one word.

Protection is the main purpose of CrowdStrike Falcon.

CrowdStrike Falcon has positively impacted my organization by providing good protection, logs, and reports, which I find very good.

One area for improvement in CrowdStrike Falcon could be the user interface and reports; it requires some improvements to be easily handled.

For the reporting in CrowdStrike Falcon, I need specific data because in most reports, some of the data is not with that importance for the collector, so the reports need to be more specific for each purpose.

I have been working with CrowdStrike Falcon for around three years.

Regarding stability and reliability, I find CrowdStrike Falcon to be stable; nothing has happened since we installed it, and there are no bugs or issues from the software.

I can say that CrowdStrike Falcon is sufficient in terms of scalability from my point of view; it is capable of working with our current infrastructure or setup, and I believe it's sufficient.

My interaction with technical support for CrowdStrike Falcon was fine; they supported me and provided a solution for my issue.

Based on my experience, I would rate the technical support for CrowdStrike Falcon an eight.

Before CrowdStrike Falcon, I used an application called Kaspersky, but not for the same purposes.

I did not evaluate other options before choosing CrowdStrike Falcon because it was a forced decision from our headquarters, from the mother company.

Currently, I do not remember exactly what version of CrowdStrike Falcon we are using because I'm managing the team, but I can check the right version later.

We are using the latest version of CrowdStrike Falcon.

CrowdStrike Falcon has not helped me predict and prevent potential breaches by itself, but with support from other applications such as Splunk and Windows Defender, it has contributed.

I integrate CrowdStrike Falcon with third-party tools.

I have to integrate CrowdStrike Falcon with other applications to get the most protection, and the integration is smooth and everything works well.

I am using the lightweight agent.

For the system performance, the lightweight agent is fine; it has not affected performance too much, and generally it's acceptable.

I rate CrowdStrike Falcon eight out of ten.

The main use cases for CrowdStrike Falcon from my customers are the lightweight agent, which is very easy to use, and it will protect the complete environment in a single dashboard.

A specific use case from my customers for CrowdStrike Falcon is that the SaaS-based single agent can protect all the platforms.

The best features of CrowdStrike Falcon are the single agent and the fact that there is no daily signature update.

There is no daily signature update because it operates as a signatureless solution.

Regarding the lightweight agent, all other solutions have multiple agents, which degrade system performance; however, this single agent has multiple features that increase system performance.

The elimination of on-prem infrastructure through CrowdStrike Falcon's cloud-native architecture has impacted my customers by reducing both cost and complexity, as they are now using the cloud-native solution.

I recommend that some deep-dive trainings are required for the NG SIEM, specifically for their next-generation SIEM module, as they need some basic trainings for that.

To clarify, deep-dive trainings are required specifically for the NG SIEM or next-gen SIEM.

For technical support, I would rate it as a nine out of ten.

There are no complaints about the support.

My customers have seen a return on investment with CrowdStrike Falcon.

While I do not have specific details currently available, those who purchased are very happy with the solution.

The price is reasonable when comparing it to other tools.

The license cost is typically per device.

Based on the modules customers purchase, the cost will increase, as they have more than 28 to 32 modules.

The feature called Threat Graph for threat hunting helps in terms of security to predict and prevent breaches by showing how threats are evolving and how we can protect the customer environment, which helps us build better security.

I have integrated CrowdStrike Falcon with existing SIEM solutions and security frameworks.

It helps to streamline incident response processes because it is very easy to integrate with SIEM solutions like IBM QRadar and HPE ArcSight; for the incident response, it helps us correlate with other solutions.

My customers using CrowdStrike Falcon are mainly from all industries, including ITES, finance, marketing, manufacturing, and health.

I recommend that those planning to use CrowdStrike Falcon should migrate from their old traditional antivirus to next-gen antivirus, which will help them protect their environment.

The biggest advantage of this solution for my customers is that it is a single solution that fulfills most of their security concerns while being easy to manage.

I rate CrowdStrike Falcon ten out of ten.

I am using CrowdStrike Falcon for laptop, desktop, our server, and VM, including Linux, Windows server, and Linux server.

The most beneficial features of CrowdStrike Falcon are that it is easy to install, easy to manage, lightweight, and it can stop breaches.

The impact of CrowdStrike Falcon lightweight agents on system performance and visibility is good, with only one agent required.

Speaking about the utilization of Falcon threat graph for threat hunting, it helps my security team to predict and prevent potential breaches.

Considering that CrowdStrike Falcon is a cloud-native architecture, the elimination of on-premises infrastructure makes cybersecurity maintenance cost and complexity minimal, because we only need to install it and then monitor from the dashboard.

In Indonesia for SMB companies, the price is higher than other solutions.

For SMB organizations, the price may be higher than others, which means they have to think twice about it, but for enterprise companies, the cost is not a concern.

I have been using it for about six years and do not have any problems. The pricing is the only issue.

I have been using CrowdStrike Falcon since 2019, before the pandemic.

In terms of deployment of CrowdStrike Falcon, it is quite easy and there are no challenges with deployment.

As for stability, I would rate it around eight because last year they faced some downtime with around eight thousand computers, but it will improve.

For scalability, I would rate it a nine because they can scale efficiently with many users.

Technical support from CrowdStrike Falcon is good because usually in Indonesia we have a partner, and if the partner cannot address the issue, we discuss with CrowdStrike directly.

I would rate technical support a nine out of ten.

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

CrowdStrike Falcon saves time and offers good value for money, especially for enterprise companies, because it can stop breaches.

I am not sure about the exact percentage of money it saves, as I have to calculate the risks, but we are satisfied because CrowdStrike Falcon has stopped breaches and prevented hackers.

I used McAfee before CrowdStrike Falcon for the same use case. I switched to CrowdStrike Falcon because McAfee did not have machine learning or AI capabilities at that time.

My rating for CrowdStrike Falcon would be eight points because there are many antivirus competitors. For those who want to use CrowdStrike Falcon, they should be mindful of the higher price compared to others.