Looking for Real-World Feedback on CrowdStrike’s Security Modules

CrowdStrike's integration among runtime, CSPM, and container modules has room for improvement. Gaps can appear when trying to connect alerts between environments, and alert tuning is a must. ASPM is still growing but doesn’t quite match up to their established EDR or threat intel capabilities. If you're comparing it to Wiz or Upwind, it offers solid endpoint telemetry but lacks a bit in overall visibility.

If you’re into dashboards that boast about their visibility but hide a bunch of alerts in lengthy JSON logs, you’ll probably enjoy CrowdStrike. Just beware that the ASPM proof of concept feels like it still needs some love from quality assurance! But hey, at least the logo looks snazzy on your presentations.

Onboarding was okay, but don’t expect it to be plug-and-play. Integration is decent, though you might need to spend some time tuning alerts since the defaults can create quite a bit of noise. Support is generally responsive, but while the ASPM module is developing, it’s still behind compared to other offerings. When you compare it to Wiz, it all depends on whether you value deep telemetry or a straightforward user experience.

I guess it’s a good sign they haven’t had major breaks in over a year! Just a little reassurance as we use it.