External reviews
External reviews are not included in the AWS star rating for the product.
Crowdstrike Deep Protection for your Network
What do you like best about the product?
Spotlight gives us the ability to know immediately when software with known vulnerabilities are installed on endpoints. By drilling down you can see the risks associated with the suspected software as well as suggestion for remediation.
What do you dislike about the product?
Not really a dislike, but...
I was, at first, daunted by the Falcon portal, but once I went through the training and set thru a few webinars I realized it is not as complicated as it first seemed. Looking at it now I feel the setup is very logically arranged.
I was, at first, daunted by the Falcon portal, but once I went through the training and set thru a few webinars I realized it is not as complicated as it first seemed. Looking at it now I feel the setup is very logically arranged.
What problems is the product solving and how is that benefiting you?
By moving away from the traditional anti-virus that constantly scans on systems, eating their precious resources our system became noticeably faster after the transition to Falcon.
- Leave a Comment |
- Mark review as helpful
Exceptional Endpoint Protection
What do you like best about the product?
There are multiple facets to this question. The agent is compact, but that does not diminish the capabilities it offers. The "cloud" aspect of the tool is not for everyone but it does provide huge benefits on data collection and correlation. The platform is neat and the ability to pivot from one section to another is easy. It is all in a single one stop shop. Organizations also have a range of talent; the console presents data in such a way that even junior security analysts can handle while giving deeper capabilities to senior analysts.
What do you dislike about the product?
I personally am not a fan of the nickel and diming aspect. New offerings get slotted into whole new tables which requires a new contract. Also bummed by the "secret sauce" mindset that CS employs. Behavioral detections, signatures, etc are all locked away behind very high level descriptions which prevents architects, engineers, and senior analysts to extend the product in areas where there may be gaps. The product stands its ground due its capabilities, there is no need to lock this knowledge away.
What problems is the product solving and how is that benefiting you?
Business need is next generation endpoint protection. We are clearly realizing where static signature detections are the way of the past. Using CrowdStrike we have solved a number of security needs out of the gate from new asset identification, vulnerability management, etc. We have also extended the capabilities for general IT usage around software inventory and basic device details.
Recommendations to others considering the product:
Consider a proper bake off of the product in your environment and make sure that it meets the business need. If you have the capability to extend out for more modules, they are worth their value and give administrators and users alike the information they need to be successful. There are a few short comings so be sure to make sure they are not deal breakers for your organization. Roll out was exceptionally easy, and upkeep is easy considering other products.
Simple yet very powerful
What do you like best about the product?
CrowdStrike Falcon: Endpoint Protection is a great tool that quickly and easily enables advanced A/V capabilities through it's Endpoint Detection and Response agent. The platform is great for everyone from new users, through using their native console, to advanced users, through using the Event Search, which allows the users to use Splunk queries to search through the raw logs collected by the agents.
What do you dislike about the product?
There is a bit of a learning curve to learn how to use the platform to threat hunt using the available logs. However, there is documentation from the vendor to get you started.
What problems is the product solving and how is that benefiting you?
CrowdStrike Falcon: Endpoint Protection enables us to distribute a lightweight, yet very powerful next generation AV solution. Aside from just detection and blocking malicious software, the Endpoint Protection also looks at the behavior occurring on the system and is able to detect and block malicious/suspicious activity.
Recommendations to others considering the product:
When looking to add CrowdStrike Falcon: Endpoint Protection to your security stack, evaluate how it can integrate and provide value to your existing security stack.
Endpoint Protection Platform Done Right
What do you like best about the product?
The Falcon sensor is super lightweight and very easy to deploy. No impact to the overall stability of the system. No signature to download or rely on as it detects malicous activiites based on Machine Learnings and bahvior
What do you dislike about the product?
Reporting and metrics needs to improve. Currently there is no way to email reports and metrics. Exploit detections are difficult to troubleshoot and investigate. No phone number to call support unless it's a Priority-1 ticket.
What problems is the product solving and how is that benefiting you?
Protecting endpoints and having real time visibility into endpoint activiites.
Takes the work out of my hands
What do you like best about the product?
CrowdStrike is small, low CPU, and I have not had an infection in over 2 years with 1100 machine in the company.
What do you dislike about the product?
The cloud based part takes 20-30 min to make a change and have it go to the cloud, then propagate back down, there is no instant fix.
What problems is the product solving and how is that benefiting you?
As I said above I have not had an infection of any kind in 2 years and 1100+ machines. It does the work and I don't have to stay safe.
Recommendations to others considering the product:
If you have not tried it, do he Demo and you will become a user!!!
Complete EDR Solution
What do you like best about the product?
A leader in malware protection and the best in-class ransomware protection an enterprise can get. The product offerings is a complete solution for endpoint protection, or you can invest into their managed service offerings like Overwatch. Overwatch is a great addition to ensure protection from adversaries and their attacks on an organization. CrowdStrike’s UI and module offerings is powerful.
What do you dislike about the product?
The product is not a cheap solution. It’s expensive, but of course to get the best in industry don’t expect it to be cheap. There is a reason why CrowdStrike is the leader in EDR, but the cost is high. Today its more expensive to deal with a breach, but that is something you always have to balance when you look at breach costs separately.
What problems is the product solving and how is that benefiting you?
The threat landscape is large and CrowdStrike provides that elastic-like protection no matter where devices are located today.
Crowdstrike: The Leading Endpoint Protection Platform
What do you like best about the product?
Having been a customer of Crowdstrike for 5 years I was initially highly attracted to the ease of deployment by a small team. Having most recently deployed the platform in a larger enterprise, I enjoy the reliability in which Falcon responds to threats. The ability to directly interact with a protected endpoint using Real Time Response at the CLI level and remediate problems has been a lifesaver. Crowdstrike's growth and acquisitions are done in a sensible means which deliberately stand to enhance the platform's capabilities and consolidate other operator toolsets into a single unified platform. Having been a part of key boards within the company, as a customer I have been able to shape and contribute to the success of the platform's evolution and development.
What do you dislike about the product?
Honestly nothing at all. If there have been times in which customer's are unhappy with a feature or function change, Crowdstrike is very responsive to customer feedback and works quickly and proactively to improve the Falcon platform based on feedback.
What problems is the product solving and how is that benefiting you?
We are solving more problems that foreseen on the initial investment. We started with endpoint protection and have added most of the remaining Falcon stack elements over time. A distinctive capability of this tool is the ability to have choice roles assigned to administrators based on their needs (and lack thereof) and scaling back capabilities of an administrator as they learn to use the platform.
Recommendations to others considering the product:
Ask for reference calls with customers in your industry to understand how Crowdstrike Falcon can best serve your organization. The proof of concept is enough to convince the most skeptical to consider using the Falcon platform.
CrowdStrike: The Best Endpoint Protection Suite I have ever used!
What do you like best about the product?
I love utilizing the process chart. It allows me to understand exactly what event occurred on a machine that was identified as suspicious. I do really like that training videos that are provided.
What do you dislike about the product?
I would say the thing I like the least is having to create exceptions for false positives. This is not strictly for this application and is something that usually has to be training into a software like this. The platform is really awesome and powerful but it is a little intimidating
What problems is the product solving and how is that benefiting you?
Issues with users infecting their machines by plugging devices into their company devices, advanced scanning and monitoring to be alerted of suspicious activity before it causes damage to the end user or the company.
CrowdStrike Review
What do you like best about the product?
CrowdStrike does an efficient job with saving time while investigating detections. It provides useful information that would otherwise have to be manually collected. The incidents section of CrowdStrike also does great at providing a list of IOCs for machines. This helps streamline the process of investigations too since we don't have to manually put together the bits and pieces that may point towards a machine being compromised.
What do you dislike about the product?
CrowdStrike doesn't have a way to easily remove malware from the machine, instead it just has you blacklist the hash. You can use real time response and remove malware that way, but a simple button in the UI to do that would speed up the process. Additionally, there isn't an option to automate the detection rules for certain detections. For example, there may be a detection we chose to ignore, but don't want to block the process. The detection will keep triggering alerts.
What problems is the product solving and how is that benefiting you?
CrowdStrike helps prevent malicious software from being installed on machines. We also have used it to prevent non-standard software from being blocked. The benefits are mainly related to saving time while investigating any threats CrowdStrike uncovers.
great product and quite detailed insights
What do you like best about the product?
The UI is really easy to use and navigate. Best part of EDR is having maintained list of alerts and incidents. Navigation across each alert and incidents is easy to troubleshoot and triage.
What do you dislike about the product?
Quite detailed and in depth traces which are sometimes hard to understand for someone like me who is not that much into security but security experts would be quite delighted to get this details
What problems is the product solving and how is that benefiting you?
Alerting is quite comprehensive and detailed.
Graphs and step by step process breaking is easy to understand
Graphs and step by step process breaking is easy to understand
showing 231 - 240