CrowdStrike Falcon Reviews & Insights

Score9.1 out of 10

299 Reviews and Ratings

Community insights

TrustRadius Insights for CrowdStrike Falcon are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Pros

AI/ML-based detections: Users have consistently praised the clear presentation on the dashboard and easy filtering options based on various criteria like hostname, detection name, severity, date, and time. Many users find this feature to be highly intuitive and effective in managing security alerts.

Full process chain tracing: The ability to trace the complete process chain instead of just showing the source file or script is highly valued by reviewers as it significantly aids in identifying and addressing main security concerns promptly and accurately.

Enhanced security measures: Users appreciate the network segmentation for hosts and servers using firewall capabilities, USB blocking by the sensor, and IDP alerts from different domains. These features are seen as beneficial for strengthening overall security measures within their environments.

Reviews

99 Reviews

CrowdStrike Falcon: Cybersecurity’s AI-native platform

Rating: 10 out of 10

Incentivized

February 20, 2025

Use Cases and Deployment Scope

CrowdStrike Falcon is very good product for all types of organizations.we use CrowdStrike Falcon primarily for endpoint security and threat response.CrowdStrike Falcon features - Lightweight agent,single Console for all modules,easy to use,implement in minutes.traditional antivirus often struggle to detect sophisticated threats like ransomware,fileless threat, zero day exploits .CrowdStrike Falcon gives you rapid response with AL and ML and behaviour monitoring and improve security posture. CrowdStrike Falcon provides you autonomous endpoint protection,threat hunting,auto remediation.So overall CrowdStrike Falcon is value for money product.

Pros

Threat detection in real time.
Rapid response
comprehensive visibility
User friendly Interface
easy to deploy
Innovative road map

Cons

Make single policy for all os
costly for SMB
Need improvement in data protection

Likelihood to Recommend

CrowdStrike Falcon is very good product for detecting and response for sophisticated threat like ransomware ,fileless attack in compare for legacy anti virus .CrowdStrike Falcon is very suitable for endpoint protection but less suitable in data protection because it support only for windows and protect only two channels web and USB and customs regex in bit complicated.

Verified User

Engineer in Information Technology (501-1000 employees)

Vetted Review

3 years of experience

CrowdStrike ROCKS!!

Rating: 10 out of 10

Incentivized

February 12, 2025

Use Cases and Deployment Scope

We use it for end point protection for the most part. It keeps us in a safe environment with a very small footprint on each device. We also use identity protection and their new SIEM product as we view them as superior to others we have had in the past. Although more expensive than most they have worked with us to get us to a reasonable cost for what you get out of the product.

Pros

Great endpoint protection
Real time support and monitoring
Identity protection

Cons

There SIEM product needs to keep improving to be more rebust
Reporting could be better within their platform
More cost effective options

Likelihood to Recommend

Its very easy to deploy on the endpoints and it does a great job finding issues before they spread. It also can get you out of the weeds if you are ever in trouble and don't have the product from the start. It's a first class program that really helps when needed and keeps you secure in your environment.

Verified User

C-Level Executive in Information Technology (1001-5000 employees)

Vetted Review

25 years of experience

CrowdStrike Falcon

Rating: 9 out of 10

Incentivized

December 9, 2024

Use Cases and Deployment Scope

We use the CrowdStrike Falcon XDR platform with some of the addons, like IdP and spotlight, and find it works well as a complete solution for endpoint protection, as well as a SIEM. The IdP module integrates well with AD and Entra ID, and the workflows also integrate well enough with everything else via webhooks.

Pros

Endpoint Protection
Identity Protection
SIEM

Cons

Vulnerability and Patch Management
Integration with a lot of cloud services, like Meraki, require a local syslog server as a forwarder
All help articles and the knowledge base require a login every time

Likelihood to Recommend

Good for medium to large businesses, but small businesses would find it a bit too complex to set up and manage. You need to take the time to fine tune the settings and to manage and respond to detections, as well as build up a number of automated responses based on your particular risk strategy.

Verified User

Employee in Information Technology (51-200 employees)

Vetted Review

3 years of experience

Best EDR on the market.

Rating: 9 out of 10

Incentivized

October 17, 2024

Use Cases and Deployment Scope

We utilize CrowdStrike Falcon to secure our endpoints (Mac, Linux, Windows). We are using both the endpoint detection and response capabilities as well as device control.

CrowdStrike Falcon addresses the problem of attack/exploitation on endpoints. Maintaining 100% patch compliance at all times on all hosts is a difficult pursuit; having CrowdStrike Falcon on the devices provides peace of mind that systems have a strong level of protection during the patch deployment windows.

Pros

Detection of suspicious and malicious activity.
Device control to prevent data exfiltration.
Low rate of false-positives.

Cons

CrowdStrike Falcon keeps adding new product lines. In my opinion, some of these are not up to the same standard of quality as Falcon. Focus on core products.
QA testing of channel files
Broaden the inventory discovery capabilities to include browser extensions.

Likelihood to Recommend

CrowdStrike Falcon helped pioneer the modern next-gen antivirus market and hs done a great job of building the market. In addition to EDR, CrowdStrike Falcon has built an ecosystem of partner companies who are all leading the cybersecurity product space.

CrowdStrike Falcon's detection and prevention capabilities are best-in-class ensuring businesses remain protected while avoiding burnout due to false positives.

Verified User

Director in Information Technology (51-200 employees)

Vetted Review

7 years of experience

CrowdStrike Falcon for the win!

Rating: 10 out of 10

Incentivized

July 20, 2024

Use Cases and Deployment Scope

We use CrowdStrike Falcon to keep our endpoints secure in real time. CrowdStrike Falcon takes the guesswork out of endpoint detection and response by giving a full playbook of the threats detected.

Pros

Real time monitoring
Threat analysis
Intelligence

Cons

More suggested actions

Likelihood to Recommend

CrowdStrike Falcon has been the best endpoint detection we have used to date. The features are far more robust and intuitive than our previous solutions. CrowdStrike Falcon is well suited for all systems even if they are not domain joined.

Verified User

Administrator in Information Technology (501-1000 employees)

Vetted Review

1 year of experience

CrowdStrike Falcon - low overhead EDR solution

Rating: 9 out of 10

Incentivized

June 17, 2024

Use Cases and Deployment Scope

We use CrowdStrike Falcon as our EDR platform to protect the business against the risks that a modern technology business faces. We use CrowdStrike Falcon on all our linux servers due to its low footprint and memory usage, which enables us to not have to scale up our server sizes to facilitate the overhead that some other EDR solutions have.

Pros

Low memory footprint
Low CPU overhead
Comprehensive coverage
Good communication
Quick support for new operating system versions

Cons

Pricing

Likelihood to Recommend

CrowdStrike Falcon is well suited to linux workloads where a low overhead is desired, compared to our previous vendor CrowdStrike Falcon allowed us to shrink our instance sizes as it reduced the memory overhead and CPU utilisation required.

Verified User

Engineer in Research & Development (11-50 employees)

Vetted Review

1 year of experience

Why CrowdStrike

Rating: 9 out of 10

Incentivized

May 31, 2024

Use Cases and Deployment Scope

We use a company called Act Zero as an XDR solution provider. The tool they use is CrowdStrike Falcon and we use it and they use it to help protect our environment. We wanted to provide greater security across our enterprise and evalauted different soltuions. We liked CrowdStrike and that is why we chose Act Zero - they were using tool we liked.

Pros

Protects our endpoints
Provide data that is actionable
Comprehensive toolset

Cons

Better looking dashboard - better graphics
Better reporting capabilities

Likelihood to Recommend

It is able to really identify the true issues we have with our endpoints. There is not a lot of noise with their tool. They provide a comprehensive toolset and they keep up to date in regards to the latest security scams/issues to protect our environment

The reporting and dashboards could be improved to provide more clarity and ease of understanding of the metrics

Verified User

Executive in Information Technology (201-500 employees)

Vetted Review

2 years of experience

Best EDR Tool

Rating: 10 out of 10

Incentivized

May 30, 2024

Use Cases and Deployment Scope

CrowdStrike Falcon is the best in class product with the ease of use and implementation. CrowdStrike Falcon sensors are installed in all our computers, servers. Easy to use and well optimized. It automatically detects any threats or files when any external source is connected, or any unknown file is downloaded from the web to keep secure the computer.It help to assure the right protection against hacker attacks and generally malicious activity which other tools wont detect like - Lateral movement, Kerberoasting, AD recon attacks etc.
The solution is almost transparent for the users and the machines but the effectiveness against the malicious activities is on the highest levels, the false positives are also very low in according the total number of blocks against bad links, bad services and bad files.

Pros

Infection remediation
Sandboxing feature
Broadview on detection

Cons

Single agent and console
Network Containment
Interactive Sandbox
Threat hunting

Likelihood to Recommend

CrowdStrike Falcon was able identify activity for kerberoasting which is critical as most of tools are not able to identify.Also its capability to DLL sideloading/hijacking is commendable.Interactive sandbox has helped a lot for getting to see how malware works. Great real-time visibility and reaction to all the endpoints.Offers a lightweight agent.

Verified User

Team Lead in Information Technology (10,001+ employees)

Vetted Review

5 years of experience

CrowdStrike Falcon: The most balanced and feature-rich XDR

Rating: 9 out of 10

Incentivized

May 30, 2024

Use Cases and Deployment Scope

CrowdStrike Falcon is the Extended Detection and Response (XDR) solution we use to secure our corporate assets and production servers. It single-handedly gives us the necessary protection and visibility into all our assets. I am security engineer and I use CrowdStrike Falcon everyday. My scope is to use it to investigate abnormalities in our assets and alerts it generates. The alerts comes with a great amount of details which is mostly helpful. Furthermore, it helps us keep an eye on unwanted applications installed by users and help get rid of it.

Pros

The detection is CrowdStrike Falcon is quite accurate. Based on how we configured we do get false positives but as per my experience it barely missed anything that is confirmed malicious. The way it understands the context of an artifact and classifies it being benign or malicious is brilliant.
CrowdStrike Falcon Real-Time-Response console is very powerful and usable too. It doesn't feel much different whether the endpoint that is being remote-accessed is using Mac, Linux, or Windows. It is quite resilient to spotty connections too.
The agents installed on the machines are quite silent and can be set to unobtrusive both in terms of computation and notifications to user.
The interoperability with other AVs or EDRs is amazing too. I have seen many instances where it worked together so well without contradicting that it was hard to remember the existence of the second EDR. It only fired up when the second EDR tried to access some sensitive locations.
The UI although a little complicated got many things right. It handles large amount of asset information quite comfortably. Doesn't lag or freeze the browser for a regular computer too.

Cons

CrowdStrike Falcon keeps on changing the UI of the Falcon Management Console quite frequently. It is very hard to create instructional documents as they get deprecated that fast.
They lack some basic AV features like running an On-Demand Scan for anything other than some Windows versions.
The alerts especially the Machine Learning ones sometime give too much information to investigate and doesn't point out what in particular is suspicious. It causes us to waste time looking up hundreds of DNS, IP, etc to find the culprit
They don't have a manual way of quarantining a file which is again basic.
The behavior-based rule creation got a sharp learning curve as it is based on Logscale/Humio query language. Need a good query builder.

Likelihood to Recommend

CrowdStrike Falcon is good for a mid-large size industry where there are many engineers and analysts are working. It got many modules and a lot of data to analyze and correlate with other tools. Also, the price vs features get justified for a mid-large company. The system is also designed for users with high technical skill level as it has a steep curve. Due to its not so good ML based detection engine it is also suitable for environment with not many lab/developer activity going on as it creates a lot of noise. The policy granularity isn't as detailed as in some other competitors like Cortex XDR.
It is not so well suited for small companies with small security team as it got too many features to manage and mostly an overkill as it will only operate on a small asset-set. Plus it is not cheap. It is also not suited for companies that does large scale development and testing involving network access or File manipulation in their environment simply because the policy options aren't much granular to tune accordingly. Cortex is definitely better in that aspect.

Verified User

Engineer in Information Technology (5001-10,000 employees)

Vetted Review

2 years of experience

Great Edr for companies

Rating: 10 out of 10

Incentivized

May 28, 2024

Use Cases and Deployment Scope

The Falcon agent is installed in all our computers, servers, tablet and mobile phones. It help to assure the right protection against hacker attacks and generally malicious activity, we also adopted the identity protection module to complete the user protection. The solution is almost transparent for the users and the machines but the effectiveness against the malicious activities is on the highest levels, the false positives are also very low in according the total number of blocks against bad links, bad services and bad files

Pros

Centralized efficient management
Infection remediation
Malware detection
Cloud native architecture

Cons

Limited coverage to endpoints
Legacy os support is very limited
Linux machines support is limited

Likelihood to Recommend

In a scenario with endpoints located worldwide, it can assure to all, the same necessary security level in real time and the highest efficiency for servers and computers. If there are too many legacy operating systems linked to industrial machines it has weakness that need to be covered with different solutions or architectures.

Verified User

Manager in Information Technology (1001-5000 employees)

Vetted Review

3 years of experience

Loading Reviews List....

CrowdStrike Falcon: The most balanced and feature-rich XDR

Rating: 9 out of 10

Incentivized

May 30, 2024

Use Cases and Deployment Scope

Pros

The detection is CrowdStrike Falcon is quite accurate. Based on how we configured we do get false positives but as per my experience it barely missed anything that is confirmed malicious. The way it understands the context of an artifact and classifies it being benign or malicious is brilliant.
CrowdStrike Falcon Real-Time-Response console is very powerful and usable too. It doesn't feel much different whether the endpoint that is being remote-accessed is using Mac, Linux, or Windows. It is quite resilient to spotty connections too.
The agents installed on the machines are quite silent and can be set to unobtrusive both in terms of computation and notifications to user.
The interoperability with other AVs or EDRs is amazing too. I have seen many instances where it worked together so well without contradicting that it was hard to remember the existence of the second EDR. It only fired up when the second EDR tried to access some sensitive locations.
The UI although a little complicated got many things right. It handles large amount of asset information quite comfortably. Doesn't lag or freeze the browser for a regular computer too.

Cons

CrowdStrike Falcon keeps on changing the UI of the Falcon Management Console quite frequently. It is very hard to create instructional documents as they get deprecated that fast.
They lack some basic AV features like running an On-Demand Scan for anything other than some Windows versions.
The alerts especially the Machine Learning ones sometime give too much information to investigate and doesn't point out what in particular is suspicious. It causes us to waste time looking up hundreds of DNS, IP, etc to find the culprit
They don't have a manual way of quarantining a file which is again basic.
The behavior-based rule creation got a sharp learning curve as it is based on Logscale/Humio query language. Need a good query builder.

Likelihood to Recommend

Verified User

Engineer in Information Technology (5001-10,000 employees)

Vetted Review

2 years of experience