← EDR / XDRCrowdStrike Falcon

StrongStrongStrongStrong

4.7

Vendors › EDR / XDR › CrowdStrike Falcon

CrowdStrike Falcon

Name: CrowdStrike Falcon
Rating: 4.72 (3138 reviews)
Author: CrowdStrike

CrowdStrike

Founded 2011·US·Public

4.7

Combined score

4.7290

Gartner

4.82,528

⚠

Security incident on record — July 2024 Falcon sensor update caused global outage affecting ~8.5M Windows devices

▪ Editorial verdict

CrowdStrike Falcon is the endpoint detection benchmark. A 100% MITRE ATT&CK detection rate across six consecutive evaluations, the largest threat intelligence dataset in the category, and the broadest integration ecosystem make it the default choice for enterprises that need the highest ceiling for endpoint security. The July 2024 global outage is the only meaningful mark against a 13-year track record of detection leadership.

The July 2024 event matters and buyers should address it directly. CrowdStrike has made architectural changes to prevent recurrence, but any organisation for which a sensor content update causing device downtime is an unacceptable risk should evaluate those changes in detail before committing to the platform.

The verdict: CrowdStrike Falcon is right for enterprises that need the highest detection fidelity, the richest threat intelligence, and the broadest integration ecosystem. Organisations for which the July 2024 outage is a disqualifying concern should evaluate SentinelOne Singularity or Palo Alto Cortex XDR.

Last reviewed: May 2026

4.7290 reviews

Gartner

4.82,528 reviews

PeerSpot

8.9320 reviews

Gartner MQ: Leader (EPP MQ — furthest Completeness of Vision)

EDR / XDR assessment

PROTECTIONStrong

Endpoint detection

5 / 5

100% detection rate in 2024 MITRE ATT&CK Evaluation — zero missed techniques. 2,528 Gartner reviews averaging 4.8/5 with consistent praise for detection quality. Industry benchmark for endpoint detection.

Sources: MITRE ATT&CK Evaluations 2024, Gartner Peer Insights

Extended XDR coverage

4 / 5

Strong XDR across endpoint, identity, and cloud. Scored 4 rather than 5 because network detection and email telemetry integration are less mature than endpoint-native capabilities.

Sources: CrowdStrike platform documentation, Gartner MQ EPP 2024

OPERATIONSStrong

Automated response

4 / 5

Automated containment via Falcon Fusion — host isolation, process kill, network quarantine without manual steps. Scored 4 because some enterprise customers prefer analyst-gated automation over fully autonomous response.

Sources: CrowdStrike Falcon Fusion documentation, G2 reviews

Deployment & management

4 / 5

Lightweight cloud-native agent with minimal performance impact. Scored 4 because advanced tier features (Overwatch, Discover) are separately licensed, adding complexity to management.

Sources: CrowdStrike agent documentation, G2 reviews

ANALYTICSStrong

Threat hunting UX

5 / 5

Falcon Investigate and Threat Graph provide excellent threat hunting capabilities with entity pivoting and pre-built queries. Top-rated threat hunting UX in the category.

Sources: CrowdStrike Threat Graph documentation, G2 reviews

TRUST & ECOSYSTEMStrong

Ecosystem integrations

5 / 5

1,000+ integrations via CrowdStrike Store. Best-in-class SIEM, SOAR, and cloud platform integration breadth in the EDR category.

Sources: CrowdStrike Store, CrowdStrike integration documentation

Strongest: Endpoint detection

Watch out for: Deployment & management

Strengths & limitations

Strengths

●100% detection in 2025 MITRE ATT&CK evaluation

●4.8/5 Gartner with 2,528 reviews — most-reviewed EDR

●Lightweight cloud-native agent — minimal performance impact

Watch out for

●Premium pricing — most expensive per-endpoint

●July 2024 global outage affecting 8.5M Windows devices

●Advanced features locked to higher-priced tiers

Best for

Mid-market and enterprise organisations wanting highest detection rate and willing to pay premium for industry-leading EDR.

Not suitable for: Very small businesses under 5 endpoints

Compliance coverage

●Essential Eight

●AU Privacy Act

●SOC 2

●HIPAA

●NIST CSF

●PCI-DSS

●CMMC

●GDPR

●NIS2

●ISO 27001

●CIS Benchmarks

○DORA

Switching intelligence

Switching from

Common migration paths based on review data

Symantec
McAfee
Cylance
Carbon Black

Also considering

Vendors typically shortlisted alongside

Also in our database

CrowdStrike also appears in:

MDR / Managed SOC →Cloud Security Posture Management →SIEM →Vulnerability Management →ZTNA / Zero Trust Network Access →Threat Intelligence →

← Back to EDR / XDR Compare with other EDR / XDR vendors →

Quick facts

Pricing modelper endpoint/year subscription

Pricing range$59-$185/endpoint/year depending on tier

Free trialNo

Min seats5

Deployment time< 1 day

Complexity2 / 5

Pricing transparency3 / 5

AU presenceYes

IRAP assessedYes

Open sourceProprietary

Deployment

ModelsSaaS

OS supportWindows, macOS, Linux

CloudAWS, Azure, GCP

Support24/7 Phone, Email, Dedicated CSM

Data residencyUS, EU, AU

Company

CrowdStrike

Founded 2011 · 10,000+ employees · Public

HQ: US

$3.95B revenue FY2024

Certifications

FedRAMP High, ISO 27001, SOC 2 Type II, PCI-DSS, IRAP PROTECTED

Integrations

Microsoft SentinelSplunkOktaAzure ADPalo AltoServiceNowJiraZscaler