CrowdStrike Falcon Platform

We use AWS  to manage CrowdStrike Falcon . CrowdStrike Falcon  is a cloud-native solution, and from the user side, we do not directly manage or choose the cloud provider. CrowdStrike handles the back-end infrastructure. As per my understanding, we simply access the CrowdStrike Falcon console in our cloud and deploy the endpoint agent. So from our perspective, we use it as a cloud-based service without directly interacting with the underlying cloud provider.

The features that stand out are its lightweight agent, which doesn't slow down the system, and it is easy to use across multiple devices. This makes it easy for our team.

CrowdStrike Falcon's dashboard and reporting capabilities are very useful in daily operations. The centralized dashboard gives a quick overview of all alerts and system activities in one place. I also support customizable dashboards, so different team members can view the data they need. The reporting provides detailed insights, which helps with management. Overall, the combination of easy-to-use dashboards and detailed visibility with automatic reporting makes it very efficient for day-to-day security operations.

From a security perspective, it has significantly improved our ability to detect threats in real-time and respond quickly before they affect multiple systems. It has also made our work more efficient. Earlier, we had to manually check systems and investigate issues, which was time-consuming. With CrowdStrike Falcon, most of the detection and alerting is automated, so we can focus more on critical incidents instead of routine monitoring. Overall, it has helped us save time, reduce risk, and improve response time.

I have seen a noticeable improvement in time and efficiency with CrowdStrike Falcon. I can estimate that our team saves around thirty to forty percent of their time compared to our earlier processes. For example, earlier, it would take a significant amount of time to identify and investigate a suspicious activity, but now with CrowdStrike Falcon, we can detect and respond in minutes. This has significantly improved our response time and overall productivity.

While CrowdStrike Falcon is strong overall, there are a few areas where it could be improved. First, the user interface can be a bit complex for new users. Sometimes, navigating through different sections and understanding detailed alerts takes time, especially for teams without deep security expertise. The cost is also something to consider, as the features and additional modules can increase pricing, which may be a challenge for smaller teams. Additionally, some integrations with simpler reporting would be helpful.

The onboarding process for new users is a bit challenging for beginners to understand all features and workflows in the product. More simplified documentation, step-by-step guides, and real-world examples could help new users get comfortable faster. A structured onboarding or basic training module would be very useful for teams who are new to endpoint security tools. In addition, having more in-product guidance and tooltips within the dashboard could make navigation easier and reduce the learning curve. Overall, improving training resources and onboarding support would make the platform more user-friendly, especially for new users.

I have been using CrowdStrike Falcon for around six months to one year.

We have definitely seen a return on investment with CrowdStrike Falcon in terms of time-saving and operational efficiency. While I don't have exact company-specific financial numbers, based on our experience and industry benchmarks, I can say that we have seen around a thirty to forty percent improvement in time spent on endpoint security operations. It has also reduced the risk of security incidents.

The pricing typically depends on the number of endpoints and the features or modules selected. It is licensed per endpoint on an annual subscription basis. The pricing can vary depending on the subscription chosen. For example, the basic plan starts at a certain price per endpoint per year, while advanced plans with more features cost higher.

In a recent situation while using CrowdStrike Falcon, we saw a suspicious process in the console. We checked the details and the system was showing it in quarantine. We found that the user was trying to access some suspicious link. The system generates alerts if there is suspicious activity. I rate this product an eight out of ten.

Our company has been using CrowdStrike Falcon  for about 2 years. During that time, it has been a great help in detecting and responding to various security threats. We mainly use it for endpoint security management.

CrowdStrike Falcon  is used in various ways in our company. It has been especially effective in detecting and blocking unknown malware or ransomware attacks in real time. For example, recently CrowdStrike Falcon immediately detected a phishing link that came in via an employee's email and prevented it from spreading across the entire network. It also plays a big role in monitoring the security status of remote workers' devices and consistently applying security policies.

We have had real experiences with threat detection. At one point, CrowdStrike Falcon's behavioral analysis detected activity in our system that was different from normal patterns and flagged it as suspicious. Investigation revealed that it was part of a new type of APT attack, and fortunately, we were able to block it in the early stage. In that process, I felt that CrowdStrike Falcon's behavior-based detection technology played the biggest role. It would have been difficult to detect using traditional signature-based methods.

After that incident, we strengthened our internal response process for phishing attacks. We started to immediately analyze threat information detected by CrowdStrike Falcon and set up additional automated rules to proactively block similar types of attacks. Compared to before we adopted CrowdStrike Falcon, the biggest improvement has been in visibility into security threats and response speed. In the past, we had to manually analyze logs from multiple security solutions, but now we can see all threat information at a glance and respond quickly from a single CrowdStrike Falcon console.

Thanks to CrowdStrike Falcon's cloud-based architecture, deployment and management were very lightweight. With our previous solutions, the agents were heavy and sometimes affected system performance. But we had no such issues with CrowdStrike Falcon. In terms of cost, although there was some initial investment, by consolidating multiple security tools into one and increasing operational efficiency, I feel it is definitely worth the investment in the long term.

CrowdStrike Falcon's greatest strength is its real-time threat detection and response capabilities. In particular, its detection method based on indicators of attack is very effective at blocking even unknown threats. Another big advantage is that because it uses a lightweight agent and a cloud-native approach, it provides strong security without performance degradation.

The integrated threat intelligence feature in CrowdStrike Falcon provides detailed background information on detected threats, the attacker's tactics, and correlations with other attacks, which greatly helps our analysis team quickly understand the severity of threats and respond appropriately. The user interface is intuitive, so new team members took very little time to adapt to CrowdStrike Falcon.

CrowdStrike Falcon is a very powerful tool, but at times the high initial adoption cost can be burdensome. To get the maximum benefit, as in our case where we integrate it with other security systems, a certain level of expertise is required, which is somewhat disappointing. Sometimes updates can cause unexpected issues in the system, so rigorous pre-testing is essential, and that is another point of concern.

In the future, I would like to see even smoother integration with other security tools. If more flexible pricing models or SMB-focused packages were introduced so that small and medium-sized businesses can adopt it without too much burden, I think many more organizations could benefit.

I have been working in this field for about 5 years. I started as a security engineer and now I mainly handle analysis work.

CrowdStrike Falcon's stability is rated very highly. During the period we have used it at our company, we have not experienced any system downtime or unexpected errors caused by security-related stability issues. However, as I mentioned earlier regarding updates, we are always mindful that content configuration updates can potentially cause problems. I believe thorough pre-testing and phased rollout are essential.

We also have experience with scalability. As our company grew and the number of endpoints increased, CrowdStrike Falcon scaled without any issues. Because it is cloud-based, we were able to integrate many devices in real time without installing additional hardware, and we did not notice any performance degradation. We gained confidence that we could maintain stable security even as the organization grew.

I have experience with CrowdStrike's customer support. When we introduced CrowdStrike Falcon, we needed technical support due to integration issues with our existing systems, and the support team responded very quickly and professionally. They understood our special network configuration and provided tailored solutions, which allowed us to resolve the issue quickly. Overall, satisfaction with customer support is quite high.

I would give the customer support service an 8. The professional help was very useful, but occasionally the wait time was longer than expected.

We used a few other solutions before adopting CrowdStrike Falcon. We evaluated traditional antivirus programs and other EDR products. The decisive reason we switched to CrowdStrike Falcon was the real-time threat detection capability and overwhelming analysis speed. In particular, CrowdStrike Falcon's behavior-based detection technology was far superior to other products, and the lightweight agent allowed us to strengthen security without worrying about system performance degradation, which was important.

I would like to mention CrowdStrike Falcon's API extensibility. We have integrated CrowdStrike Falcon with our existing Security Information and Event Management  system, that is, SIEM , so we can centrally manage and analyze security alerts. This has greatly improved the efficiency of our security operations.

The automation feature that helped the most when integrating with SIEM was the process where a critical alert in CrowdStrike Falcon automatically creates a ticket in the SIEM and sends a notification to the person in charge. This greatly reduced response delays. The difficult part of the integration process was aligning the log formats of the different systems, but thanks to the documentation and support provided by CrowdStrike, we were able to resolve it relatively smoothly.

CrowdStrike Falcon has had several positive impacts on our company. First of all, it has greatly reduced the time required to analyze and respond to security threats, allowing team members to focus on more important and strategic security tasks. By preventing actual security breaches, we were able to avoid potential business losses and raise our security level to a higher tier.

Based on our internal analysis, our average threat response time has been reduced by about 30 percent compared to before. The false positive rate, that is, the number of false alarms, has dropped significantly, while the number of valid alerts that the security team actually has to handle has decreased by more than 50 percent. This prevented unnecessary resource waste and allowed us to respond more efficiently to security threats.

We also saw effects in workforce optimization. As the false positive rate decreased and analysis efficiency increased, the security team was able to safely manage more endpoints than before with fewer people. Thanks to that, we could reassign the freed-up staff to other important tasks such as threat hunting and strengthening security policies.

As I mentioned earlier, the initial adoption cost is somewhat high, and there is a certain level of difficulty involved in integrating it with other security systems, which is a drawback. Sometimes unexpected issues can occur after updates, so rigorous pre-testing is essential—this is another aspect I would like to see improved.

In terms of pricing, we use the enterprise bundle, and while the initial cost was somewhat high, considering the wide range of features and the security benefits, we determined that the investment was worthwhile. We contracted licenses based on the number of users, and it was nice that they could be flexibly adjusted to fit our company's size.

There were solutions we compared. For example, Microsoft Defender for Endpoint  had the advantage of good integration with existing Microsoft environments and was cost-effective. SentinelOne, on the other hand, had excellent AI-based automation, but we felt it consumed a lot of system resources. CrowdStrike Falcon struck the best balance between performance and efficiency, and we gave it the highest score especially in its ability to detect unknown threats.

If I were to advise other companies considering adopting CrowdStrike Falcon, I would say they should not only look at its powerful security features but also thoroughly evaluate whether it fits their current environment and threat profile. In particular, it is essential to develop a thorough integration plan with existing systems and to establish an update management process to ensure stable operations. I would also recommend actively leveraging customer support if needed. My overall review rating for CrowdStrike Falcon is 9.