• mosiacmango@lemm.ee
      link
      fedilink
      arrow-up
      17
      ·
      edit-2
      5 months ago

      No, but yes.

      Crowdstrike was one of the first companies doing EDR, and have a first mover advantage they have held onto. Lots of other companies offer good solutions now, but crowdstrike is still considered the gold standard, and they have worked hard to become the “default” for their market segment.

    • bushvin@lemmy.world
      link
      fedilink
      arrow-up
      10
      arrow-down
      3
      ·
      5 months ago

      What CrowdStrike is actually selling, is someone who actually looks at the system logs and who pushes a button when something pops up. Roughly.

      There are better solutions on the market. Unfortunately CrowdStrike has the more aggressive sales team.

      For those wondering, I’m referring to *nix based solutions like SElinux, appArmor, iptables, nftables, cgroups, … But you need to monitor your logs if you want to take appropriate action.