External reviews
External reviews are not included in the AWS star rating for the product.
Best product in the market and nothing to worry about protection. I myself using it.
What do you like best about the product?
How detections show with a process tree. The detail view is easy to understand to any user.
What do you dislike about the product?
No dislikes actually. Favourite product of mine.
What problems is the product solving and how is that benefiting you?
No need to worry about malware. Easy to deploy and managed. Policies are easy to create. Nothing much to exclude. user friendly and no impact on user performances.
Recommendations to others considering the product:
One of the best product in the market and easy to manage. EDR feature is very helpful with the endpoint protection. Really can guarantee the protection with this product and I'm using this too.
- Leave a Comment |
- Mark review as helpful
Good but not optimal
What do you like best about the product?
It is a good and very intuitive solution to perform Threta intelligence and malware detonations in a sandbox
What do you dislike about the product?
Differently from the free solutions it offers just some little information more and the support
What problems is the product solving and how is that benefiting you?
We use it to perform malware analysis and threat intelligence, for example we insert the IoC in the solution and verify if it is malicious or not, continuing the investigation inside the solution given that it offers way to verify if some actors are connected to the IoC analyzed
Recommendations to others considering the product:
I suggest to perform a PoC of three solution to better choose the one best fit the company context, and for each perform a trial of 1 month
The best machine learning technology and the best anti malware tech
What do you like best about the product?
it has one of the most massive Deployments, grear enpoint protection
What do you dislike about the product?
vulnerability management is not that great, the small things are missing such as Ip determination etc
What problems is the product solving and how is that benefiting you?
i have delpoyed it for security solutions, and i have relaized that it has one of the best endpoint protections , extensive api's , great cloud visiblity
Recommendations to others considering the product:
go for it for the great endpoint protection and cloud visiblity and extensive api's, it has strong edr capabilities.it is highly customisable. thougj it dosnt have a lot of features it is one of the best in the markets., also the vulnerability management is not that great . however it is highly recommended
NGAV Crowdstrike Review
What do you like best about the product?
Falcon Complete gives you the peace of mind in terms of the new attacks in the market. Customer does not have to worry about the management of their NGAV. Everything is managed by Crowdstrike which gives you time to focus on other areas.
What do you dislike about the product?
Cost- Crowdstrike is too costly in comparision to others
What problems is the product solving and how is that benefiting you?
Scanless detection and Prevention
Recommendations to others considering the product:
Please go for the Crowdstrike, this will give you peace of mind.
CrowdStrike NGAV is complete enterprise solution. I like it more rather then any other SIEM solution
What do you like best about the product?
It is integrated with solutions against adversaries like MITRE and kill chain are really useful to prevent against any known or unknown malware or threat. and the best part is , I do not need to rely on signatures even if it's disconnected. and also investigation graph for deeper analysis.
What do you dislike about the product?
It does not comes with demo environment. they do not provide you any demo environment for lab training or something. neither it is paid or free. crowdstrike should provide free or paid demo console access to everyone not only on organization level like microsoft or aws.
What problems is the product solving and how is that benefiting you?
as a admin, it helps with real time response, sensor updates, keeping eye on dashboard for recent activites, event search through spl, reporting.
Falcon NGAV gave me an experience beyond words.
What do you like best about the product?
fantastic protection, effortless deployment
What do you dislike about the product?
Limited features in the free tier, which does not allow people to explore the product
What problems is the product solving and how is that benefiting you?
We deployed it at an enterprise level to cover more than 20k+ employees. It helped restrict significant exploitation attempts with Machine learning and artificial intelligence detections of unknown malware and ransomware.
Behavior-based indicators play an essential role in diagnosing unexpected issues.
Behavior-based indicators play an essential role in diagnosing unexpected issues.
Very easy to protect system from any type of attack
What do you like best about the product?
The best thing that I like about Crowdstrike tool is it gives us a complete picture about what all progress was executed which leads to detect the file as suspicious like it tell us attack pattern in case of true positive
What do you dislike about the product?
Sometimes it becomes difficult to fetch event logs or we are unable to fetch list of incident we got in particular time frame
What problems is the product solving and how is that benefiting you?
The benefits of using crowdstrike is that it is able to detect any suspicious activity carried out on specific device where crowdstrike is installed
This is a must have for corporations that are fighting against cyber attacks
What do you like best about the product?
Relatively easy to deploy and highly efficient, integration with other vendors is available using APIs.
What do you dislike about the product?
I think reporting is something Crowdstrike could invest more.
What problems is the product solving and how is that benefiting you?
We are constantly fighting against cyber attacks, Crowdstrike is one of the top tools we have in our toolbox.
Recommendations to others considering the product:
I highly recommend Crowdstrike epp; you'll reduce the number of machines you reimage because of cyber incidents. If you also use Proofpoint, make sure you enable the Integration between them. Your email gateway will be able to use Crowdstrike infrastructure to decide about block attachments.
I recommend the CrowdStrike to organizations to protect their endpoint devices from cyberattacks
What do you like best about the product?
1. Dashboard Flexibility - we can get a clear picture of what's going in the network environment. Mainly, the incident and detections widgets are very important. The overall scoring of incidents will be crucial to understand how safe the network is. Additionally, the mitre tactics will be clearly displayed. The home screen search gives flexibility for the analysts to quickly check for IP/hostname/file details within seconds.
2. Incident Scoring - it will trigger with an indication of critically scoring out of 10. The incident details are, with flow-based and behavioral-based pre-analysis will be given. Each stage of flow will be represented with a full description, block action, and mitre attack mapping.
3. Detection Mechanism - mainly focuses on file-based detection, which comes with a lot of filters where we can filter will hostname, filename, mitre tactic, block action, severity, etc.
4. Event Search - All the Investigate search fields help to search each and every event.
5. Overwatch alerting - are a more important part of monitoring. The critical true positive incidents will trigger as overwatch. The probability of getting true positive incidents is very high.
6. Finally, the Support team of crowdstrike will also keeps eye on the critical things happening in our environment and notify us.
2. Incident Scoring - it will trigger with an indication of critically scoring out of 10. The incident details are, with flow-based and behavioral-based pre-analysis will be given. Each stage of flow will be represented with a full description, block action, and mitre attack mapping.
3. Detection Mechanism - mainly focuses on file-based detection, which comes with a lot of filters where we can filter will hostname, filename, mitre tactic, block action, severity, etc.
4. Event Search - All the Investigate search fields help to search each and every event.
5. Overwatch alerting - are a more important part of monitoring. The critical true positive incidents will trigger as overwatch. The probability of getting true positive incidents is very high.
6. Finally, the Support team of crowdstrike will also keeps eye on the critical things happening in our environment and notify us.
What do you dislike about the product?
1. More focused on only file-based executions.
2. Machine Learning based detections throw more false positives. Unnecessary blocking of genuine executions will sometimes impact business.
3. For Endpoints protection, it can have the best alternatives with the best features like Microsoft ATP, Zscalar.
2. Machine Learning based detections throw more false positives. Unnecessary blocking of genuine executions will sometimes impact business.
3. For Endpoints protection, it can have the best alternatives with the best features like Microsoft ATP, Zscalar.
What problems is the product solving and how is that benefiting you?
1. File-based detections is the biggest positive in Crowdstrike.
2. Overwatch alerts will be the most probably true positive incidents. It will alarm in the CS console as well as in the mail.
3. We can see what all applications installed in the user's machine.
4. Almost 65% percent of work will be done by crowdstrike itself without analyst intervention.
2. Overwatch alerts will be the most probably true positive incidents. It will alarm in the CS console as well as in the mail.
3. We can see what all applications installed in the user's machine.
4. Almost 65% percent of work will be done by crowdstrike itself without analyst intervention.
Recommendations to others considering the product:
I strongly recommend the Crowstrike to organizations to protect their endpoint devices from cyberattacks. Almost all the major incidents can be mitigated with this Endpoint protection.
It is excellent cloud based NGAV with full proof protection..!!
What do you like best about the product?
It is reaaly good in manageability and monitoring entire organization in single console with very less effort.
What do you dislike about the product?
Crowdstrike Store must be more user friendly and product needs to display with full description with use case.
What problems is the product solving and how is that benefiting you?
It is work with less compute power and use unwanted disk operation. The endpoint works really well in terms of other peers competition.
showing 171 - 180