One of the best endpoint security solution
Overall, I am thoroughly impressed with Falcon, with its ease of use and commendable anomaly detection.
Detailed analysis of processes, logon attempts, and great ability to sync with Splunk and Active Directory. Great dashboard to add to the best parts. The falcon complete team does a great work to ensure endpoint security is well
The falcon complete team sometimes does not provide additional details about False Positive events or why a software was classified malicious.
Good EDR, lot's of features and integration
We liked it. There are a couple features only available to Windows endpoints, but those features are slated to be on Mac OS X shortly. We are waiting on that.
As a Splunk user, the integrated Splunk dashboards in the Falcon console are really nice and easy to use.
Good interface, lots of Splunk dashboards integrated in the dashboards. Good drilldown capability. Love the process execution tracking functionality
The interface took a couple hours (tops) to get used to, but it wasn't bad. There was a little snag with Mac OS X Catalina, but that's been resolved.
Is that scanning?
Pretty easy to use, and it is very light installation on the client, specially if you do not have a very actual and robust configuration on your computers. I am still missing some features that we have on more traditional virus solution, but on the future, I believe that all the antiviruses solutions will follow this standard.
Very light solution to run on the computers, it is just a client that alerts the portal about the virus on computers and take some actions based on what were configured inside the portal.
Easy to install/deploy, not so many options to choose, it is very straight to the point, also the options and configurations inside management portal are pretty easy to use.
However, it updates automatically on the computers and servers.
Sometimes it is not update automatically, and I had some problems to remove the software, the key that is used to install/remove fails sometimes. I can mention that the computers take some time to appear inside the management portal, and you do not know if it is working properly or not. Another thing that you can miss, you cannot run a scan on your computer manually, to find viruses or other malicious files, it is supposed to be monitored all the time through the portal.
Crowdstrike is top security product on the market
CrowdStrike by Falcon
Customer support is good and they are working on specific issues we've brought to their attention.
Crowdstrike is a modern endpoint protection software. Instead of guarding against a known set of viruses, it detects malicious behavior as well as protecting endpoints from known viruses, ransomware and malware. The admin console is logically and thorough.
Support for Mac and endpoints in steady state environments needs more development. There are some unknowns about duplication of endpoint entries in the console for Macintosh clients.
Diagnosing malware threats, attack vectors and root-cause was never easier
It performs awesome, just the way we expected.
It's really easy and fast to install the Falcon Sensor in the protected hosts.
Its resource consumption is barely noticeable -this was the very specific problem we had with our traditional AV security which motivated us to look into new generation technologies.
Whenever we have some malware detected, we have all the information we need about how it got into the host and what it attempted to do -whether processes were spawned, files or registry attempted to be seen or modified, if it tried to establish network connections, etc.- so our IT, servers and security teams have all the information they need to improve the systems hardening.
Falcon provides only the antivirus / antimalware capabilites, so all the other functions we had with the previous technology are not available, like firewall, IPS, DLP, mail filtering, web filtering, etc. So, in the end we kept the McAfee agent to retain some of them, which means we are spending a little more on technology, but it gets balanced because less work is needed for malware diagnose.
Next Generation Anti virus ideal for enterprises
Crowdstrike is an endpoint protection with EDR which has most advanced features to protect from latest malwares with overall visibility on endpoints. It supports almost all types of endpoint operating systems with lightweight agent installation. Crowdstrike has gone beyond traditional signature based anti viruses. Informative dashboards are nicely presented graphically to understand even for non-technical people as well. For enterprises this is the ideal tool to protect endpoints.
Crowdtsrike falcon agent is very lightweight and has lower resource utilization in endpoints. Further it supports all the endpoint operating Systems. Interfaces are simple and even non-technical people can understand. Dashboards are informative and graphical representation is perfect with breakdown approach. It provides remote control of the endpoint through the command line and one of the most needed options which most other Anti viruses don't have. It has threat intelligence with correlation and can map endpoints with an incident to provide the big picture.
Crowdstrike falcon sensor update is frequent and bandwidth utilization is a bit high since each and every node needs updates. When you are in a limited bandwidth with a higher number of PC’s this will cause too high bandwidth utilization and can interrupt your operation. When you. Connecting through proxy server machine detection is taking long.time Crowdstrike doesn’t support Windows XP. So if you have windows XP PCs in your environment you need some other antivirus to protect them.
Best protection for ransomware
Test against few known ransomware and all were detected in the first 2-3 seconds it starts to run.
Small Application to install in endpoints. No virus signatures to download. just a sensor to monitor all the process that's running.
All policies has to be managed using the cloud portal. Need internet to everytime I needed to change a policy.
Great solution but expensive
Good overall endpoint protection. They also offer sort of SOC services in which they monitor your environment for threats and report on it.
Very expensive solution...the most expensive I've seen in the market. The solution only supports OS that are newer and does not work with legacy OS like server 2003 and XP
Very good next gen anti virus
We are constantly trying to improve our security portfolio. This product helped us to identify our vulnerabilities very quickly.
The user interface is very intuitive and easy to use yet very comprehensive. Every detail about your environment is readily available along with any vulnerabilities there may be.
I can't honestly think of any cons at the moment. I've used the product for several weeks now and it has covered every need I have.