We are already using multiple modules of Crowdstrike Falcon. Have you used CS Falcon for IT in production and, if yes, what are your experiences?

Operations ManagementThreat & Vulnerability Management
307 viewscircle icon2 Comments
Sort by:
Associate Director, Information Security Management2 years ago

Yes, we are and have been for some time. On servers it’s a lightweight deployment:

Fast and easy
In almost all cases, no reboot required
Low resource consumption on the local OS
Low Network usage

We also find it’s quite effective at the behavioural side of blocking attackers when they get hands-on-keyboards (vs. scripted/automated) attacks. It’s an effective heterogeneous solution applying and performing quite well across Linux, Windows and macOS. Not all EDR/XDR tools are effective heterogeneous solutions.

Director of Information Security in Healthcare and Biotech2 years ago

Overall, we've had a great experience. It works well across platforms (Windows, Mac, Linux). The GUI can be a little cumbersome to navigate as not all the web pages are consistently laid out and they are constantly adding and renaming things so you have to keep up with it. Easy to deploy. Some extra steps to uninstall an agent on a device that stopped report in. And still supports some legacy OSes, albeit with a limited feature set.

Content you might like

Do your IT helpdesk staff receive more frequent training on social engineering attacks compared to other employees?

Yes77%

No22%

When it comes to the vulnerability management process, where can current AI capabilities provide the most value? Have you had success with using AI-enabled tools specifically for deduplication, false positive reduction, prioritization, etc.?

Read More Comments

What can organizations do to mitigate risks from Windows 10 devices that can’t be upgraded to Windows 11, like industrial control systems (ICS)?

Which cybersecurity assessments do you prefer to conduct internally?

Threat assessments23%

Risk evaluations45%

Control reviews42%

Policy reviews41%

Change management process assessments26%

Incident reviews23%

Training program validation13%

Issue remediation18%

Application assessments12%

System assessments12%

Baseline assessments15%

Other (I’ll explain in the comments)

View Results

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?