In my cybersecurity strategy, I use CrowdStrike Falcon mainly as an EDR solution for us. Currently, we are using it as an EDR. We are also in discussion along with the CrowdStrike team where we can have a managed SOC integrated. In the online industry, we are using CrowdStrike Falcon, specifically in online classified, which you could call e-commerce.
We are protecting our endpoints, workstations, servers, and cloud workloads. This includes effective use of antivirus and detection and response capabilities. I am working at Arab Open University, and we are using CrowdStrike Falcon as our security product.
For our use cases, we are using it to collect IOCs, and we also are using EDR, with injection integrated with our SIM solution to create some use cases. What I find beneficial about CrowdStrike Falcon is that it performs effectively. We are focusing only on EDR and creating use cases regarding user processes or endpoints, particularly user behavior analytics.
As a security analyst, I primarily focus on creating rules, conducting investigations, and integrating new devices with our CrowdStrike system. After these integrations, I also check the status to ensure everything is functioning properly.
Our organization still uses Infoblox, and my role is a little bit different now. I am conducting the POC of new solutions, which we have to deploy in our infrastructure. I evaluate the new products, and then if we purchase them, we deploy them.
I am currently using CrowdStrike Falcon as an EDR, which is integrated with SIEM. We also work in a real-time environment with the product. As a Falconist, I perform investigation actions on it. There are three different kinds of alerts I deal with: one based purely on IOCs, another process-oriented IOA, and those based on machine learning alerts. This is what I work on, and it is actually a good tool. It has multiple features, including real-time connection to the RTR environment, allowing direct remote host connection through CrowdStrike. I have multiple options like host search and event search, enabling me to do everything I need. It's a comprehensive package. It's a challenging tool to explore, but once accustomed to it, it is quite excellent.
Trainee Engineer at COMPASS IT Solutions & Services Pvt.Ltd.
Real User
Top 10
2024-08-09T08:25:00Z
Aug 9, 2024
It gives an overview and insights into my AD accounts. It shows if any identity, like an AD user, is compromised, has a weak password, or is logging in from an unusual system. Any anomalies.
Manager, Security Operations Centre at Phillips Consulting Limited
Real User
Top 5
2024-07-26T15:04:08Z
Jul 26, 2024
We use the solution for endpoint security. We use the tool to ensure the endpoints are protected from abnormal activities, people don't run different scripts, and people don't compromise endpoints and use them to get into the network.
It also helps you with access, like we have dark web monitoring and admin protection management. So, the use cases can vary from organization to organization, but every organization has different value in it.
The tool helps to increase security because the threats we face keep changing, so we need better protection. In the past, we've faced some attacks on our network, and while we managed to deal with them, we realized we needed even stronger protection. That's why we decided to implement CrowdStrike Identity Protection.
CrowdStrike Falcon provides endpoint protection and threat intelligence using a cloud-based platform for real-time detection and response. Its minimal impact on system performance and ease of deployment are key benefits along with advanced logging and reporting for compliance and forensic analysis.
CrowdStrike Falcon is known for its efficacy in identifying malware, ransomware, and sophisticated cyber threats. The platform's cloud-native architecture and advanced AI capabilities ensure...
It help us relate an attack to an user. It also checks for misconfiguration on the active directory.
In my cybersecurity strategy, I use CrowdStrike Falcon mainly as an EDR solution for us. Currently, we are using it as an EDR. We are also in discussion along with the CrowdStrike team where we can have a managed SOC integrated. In the online industry, we are using CrowdStrike Falcon, specifically in online classified, which you could call e-commerce.
We are protecting our endpoints, workstations, servers, and cloud workloads. This includes effective use of antivirus and detection and response capabilities. I am working at Arab Open University, and we are using CrowdStrike Falcon as our security product.
I am using it for endpoint protection.
For our use cases, we are using it to collect IOCs, and we also are using EDR, with injection integrated with our SIM solution to create some use cases. What I find beneficial about CrowdStrike Falcon is that it performs effectively. We are focusing only on EDR and creating use cases regarding user processes or endpoints, particularly user behavior analytics.
As a security analyst, I primarily focus on creating rules, conducting investigations, and integrating new devices with our CrowdStrike system. After these integrations, I also check the status to ensure everything is functioning properly.
Our organization still uses Infoblox, and my role is a little bit different now. I am conducting the POC of new solutions, which we have to deploy in our infrastructure. I evaluate the new products, and then if we purchase them, we deploy them.
I am currently using CrowdStrike Falcon as an EDR, which is integrated with SIEM. We also work in a real-time environment with the product. As a Falconist, I perform investigation actions on it. There are three different kinds of alerts I deal with: one based purely on IOCs, another process-oriented IOA, and those based on machine learning alerts. This is what I work on, and it is actually a good tool. It has multiple features, including real-time connection to the RTR environment, allowing direct remote host connection through CrowdStrike. I have multiple options like host search and event search, enabling me to do everything I need. It's a comprehensive package. It's a challenging tool to explore, but once accustomed to it, it is quite excellent.
CrowdStrike Falcon is used for incident response.
It gives an overview and insights into my AD accounts. It shows if any identity, like an AD user, is compromised, has a weak password, or is logging in from an unusual system. Any anomalies.
We use the solution for endpoint security. We use the tool to ensure the endpoints are protected from abnormal activities, people don't run different scripts, and people don't compromise endpoints and use them to get into the network.
It also helps you with access, like we have dark web monitoring and admin protection management. So, the use cases can vary from organization to organization, but every organization has different value in it.
We use the solution for Windows and non-Windows infrastructure. We have Falcon clients on all our machines.
The tool helps to increase security because the threats we face keep changing, so we need better protection. In the past, we've faced some attacks on our network, and while we managed to deal with them, we realized we needed even stronger protection. That's why we decided to implement CrowdStrike Identity Protection.