External reviews
External reviews are not included in the AWS star rating for the product.
Super Powerful!
I like how this product was very powerful. It was also very user friendly which made it easy to use.
- Leave a Comment |
- Mark review as helpful
Leader of next-gen AV & EDR
What do you like best about the product?
1. Extremely Lightweight (20-30 MB)
2. Very good user-friendly Dashboard for better management of security posture.
3. False Positives are less compared to other products in the market.
4. Detailed alerts provide a better solution approach for the detections.
5. Sandbox integration is a good add-on feature.
2. Very good user-friendly Dashboard for better management of security posture.
3. False Positives are less compared to other products in the market.
4. Detailed alerts provide a better solution approach for the detections.
5. Sandbox integration is a good add-on feature.
What do you dislike about the product?
1. Real-time Scan is not available unlike Microsoft Defender for Endpoint.
2. No AD Integration - hoping this would come soon.
3. Provided instruction articles need expertise to be worked on.
4. Can be a little expensive for a small-scale enterprise.
5. Doesn't work with Legacy Operating systems such as Windows XP, although this is a trend in the market to make them obsolete.
2. No AD Integration - hoping this would come soon.
3. Provided instruction articles need expertise to be worked on.
4. Can be a little expensive for a small-scale enterprise.
5. Doesn't work with Legacy Operating systems such as Windows XP, although this is a trend in the market to make them obsolete.
What problems is the product solving and how is that benefiting you?
In my organization with more than 15000 users, it's not advisable to just rely on conventional antivirus with virus definition signature updates. A real-time log and behavior analysis with AI & ML is the next-gen leap to prevent any malicious event at its origin. Crowdstrike bridges this gap between AV and EDR by combining it. There are several benefits it provides:
1. Blocking all malicious activities instantly.
2. Detailed alerts with a process tree to understand and take proper action.
3. Endpoint management is so easy (like triaging and isolating host from network etc.)
4. Malware hunting and analyzing with Sandbox Integration.
1. Blocking all malicious activities instantly.
2. Detailed alerts with a process tree to understand and take proper action.
3. Endpoint management is so easy (like triaging and isolating host from network etc.)
4. Malware hunting and analyzing with Sandbox Integration.
Crowdstrike and JumpCloud Work Awesome Together
What do you like best about the product?
I like the support that both parties bring to help administrators configure the connection between the two systems and how willing they are to make it work in case errors occur.
What do you dislike about the product?
I dislike that the instruction articles that both provide aren't very clear, and there's more than one article from each system that it can be hard to tell which article to follow.
What problems is the product solving and how is that benefiting you?
Crowdstrike is helping our company detect any malicious content on our user's JumpCloud enrolled devices so that we can provide accurate and timely protection that has been sorely needed.
Signatureless Antivirus
What do you like best about the product?
The main important feature of this product is the agent software size . It is around 20-30 mb maximum . Light weight agent .
What do you dislike about the product?
The console function changes every now and then because of product functionality changes .
What problems is the product solving and how is that benefiting you?
It works on machine learning . It doesn't block unnecessary files as the agent is very intelligent. It works on IOC's which gives a clear idea .
Effective Analysis using Falcon CrowdStrike
What do you like best about the product?
Detection & Prevention of Suspicious/Malicious Powershell scripts are way better than other EDR solutions.
The RTR feature enabled Analysts to grab the files for Investigation and run them on the Falcon Sandbox The Network containment helps in mitigating the Threat and observing the attack in place
The RTR feature enabled Analysts to grab the files for Investigation and run them on the Falcon Sandbox The Network containment helps in mitigating the Threat and observing the attack in place
What do you dislike about the product?
We have to depend on Event Search to identify the true source of the Alert
What problems is the product solving and how is that benefiting you?
Blocks Malicious/suspicious processes based on Signature/Machine Learning
New executables without any signatures/Inbuilt exe's are blocked if spawning unnecessary process based on Machine Learning
The RTR feature helps an Analyst grab the files required for Analysis and isolate device if Host is compromised
New executables without any signatures/Inbuilt exe's are blocked if spawning unnecessary process based on Machine Learning
The RTR feature helps an Analyst grab the files required for Analysis and isolate device if Host is compromised
Solution for Lack of visibility and threat hunting
What do you like best about the product?
1. Smaller or Mid-size companies does not have every single tool for incident analysis and incident response, so it’s not easy to find threat actor within their environment so Falcon Complete: Managed Detection and Response (mdr) can help the companies for analysis and incident response.
2. Falcon Complete Managed Detection and Response (mdr)’s Threat intelligence makes sure what’s going on inside and going outside of the company, MDR performs threat hunting to catch those little bugs in suspicious activity that’s going on in the company.
2. Falcon Complete Managed Detection and Response (mdr)’s Threat intelligence makes sure what’s going on inside and going outside of the company, MDR performs threat hunting to catch those little bugs in suspicious activity that’s going on in the company.
What do you dislike about the product?
Falcon Complete Managed Detection and Response (mdr)’s has access to your sensitive data or will have access to sensitive data to detect cyber-attacks or perform analysis and incident response.
What problems is the product solving and how is that benefiting you?
Smaller or Mid-size companies does not have that much budget to get every single tool for incident analysis and incident response, so it’s not easy to find threat actors within their environment so Managed Detection and Response (mdr) can help the companies for analysis and incident response.
Easy to use and works well as per the requirements
What do you like best about the product?
User-friendly solution with functionalities such as threat detection. Also, works well for zero-day attacks detection and prevents them. This solution can be integrated with other platforms.
What do you dislike about the product?
Knowledge base is an improvement area along with the Quality of support that they offer. There support people should be more trained. we are not of much help when required.
What problems is the product solving and how is that benefiting you?
Easy to use, light weight solution to help overcome malware and ransomeware attacks. It helps us with good threat hunting and behaviour-based analysis capabilities to prevent new threats.
Recommendations to others considering the product:
Use this product as we have repaced it with other platform in our infrastructure.
Worry Free Protection
What do you like best about the product?
No nag screens or intrusive messaging. It works in the background with low resource consumption. I only know it's there when / if it found something.
What do you dislike about the product?
There don't seem to be any downsides after 2.5 years of daily use.
What problems is the product solving and how is that benefiting you?
Crowdstrike solved the issue of safe browsing. In conjunction with solid firewall policy and user awareness, Crowdstrike Falcon silently patrols each action with minimal negative impact to each user's productivity.
CrowdStrike Review
What do you like best about the product?
It gives the Vulnerability on all the specific asset. very less chance of False Positive. The reporting part on the Crowd strike gives the exact solution. Plus the UI is good
What do you dislike about the product?
User Interface could be more better. It should provide more access to reports
What problems is the product solving and how is that benefiting you?
Only the user interface is tricky however we are able to segregate vulnerabilities based on severity
Recommendations to others considering the product:
The best platform to confirm if the asset is vulnerable. Very fewer chances of false positive
Automated threat protection for endpoints
What do you like best about the product?
Blocking malicious files automatically. very user friendly in access and management.The process tree features for the alerts help to get the detail explanation of the alert lifecycle and helps to understand them better. If the device is disconnected from network still it helps to protect the device.
What do you dislike about the product?
False positives counts are bit high sometimes which can raise a lot of tickets.
What problems is the product solving and how is that benefiting you?
It helps to block malicious executables automatically. It has a lot of data from different clients which is used to get update with the trends and tactics used by different adversary and help to protect in real time. Managing endpoints is very easy even if the count is more. The process tree features for the alerts help to get the detail explanation of the alert lifecycle and helps to understand them better.
Recommendations to others considering the product:
It comes under the golden quadrant for edr tools and it is very easy to use. It is one of the leading edr tools in the market
showing 121 - 130