I have to say, it saved our ass a few months ago. Some hacker got access to one of multiple brands server infrastructure, started running PowerShell to weed through the rest and CrowdStrike notified us (the owning brand) that something was off about the PowerShell being ran. Turns out this small brand was running a remote in tool that had an exploit. Had Crowdstrike not been on that server we wouldn't have known until someone manually got in there to look at it.
fsloth|1 year ago
But the implementation (when running on user PC:s) is still half-baked.
My experience is using PC with Crowdstrike for daily software development. In that setting it’s quite terrible.
The server setting sounds a much more reasonable use.
crowdstriker|1 year ago
swells34|1 year ago