CrowdStrike Inc., the leader in cloud-delivered next-generation endpoint protection, today announced new capabilities and features that provide customers with unmatched prevention against malware and malware-free attacks and a variety of unique product modules that further expand CrowdStrike’s suite of offerings. Among the innovative, new capabilities being introduced is enhanced endpoint machine learning that advances and augments CrowdStrike’s behavioral-based machine learning prevention in the cloud for complete and effective protection for all endpoints. With this new enhancement, even sensors completely disconnected from the cloud receive full antivirus (AV) protection against malware and malware-free attacks. Now, all customers have access to this groundbreaking functionality and its expanded lineup of features, capabilities, and reliability for fast turnaround and increased throughput.
Falcon’s prevention engine is powered by a record small 15MB machine learning model that is trained on more than 30 billion daily events processed in the CrowdStrike Threat Graph™. It sets a new standard in the industry for highly effective protection and ensures minimal false positives and extremely low performance overhead on the endpoint.
In addition, CrowdStrike introduced AV replacement functionality for MacOS that incorporates user-adjustable, cloud-based machine learning and blocking functionality into the CrowdStrike Falcon platform.
Product Repackaging with New and Enhanced Modules
With this product release, customers can now choose to implement a stand-alone capability to replace their AV or augment it with endpoint detection and response (EDR) and a threat hunting service for complete endpoint protection.
To drive flexible and efficient procurement of the CrowdStrike capabilities, the company has introduced and repackaged five integrated modules that run on the Falcon platform and are delivered through a single lightweight agent:
• CrowdStrike Falcon Prevent — CrowdStrike’s AV replacement module offers the most advanced next-generation prevention capabilities to stop malware and malware-free attacks without requiring signatures and the heavy updates that come with them. Leveraging CrowdStrike’s state-of-the-art file and behavioral-based proprietary machine learning and Indicator-of-Attack (IOA) methodology, the solution prevents attacks pre-execution and is particularly effective at stopping new, polymorphic or obfuscated malware, which is often missed by legacy AV solutions. Additionally, due to CrowdStrike Falcon’s cloud-native architecture, the technology can be fully deployed and operational in hours with zero maintenance costs or end-user impact.
• CrowdStrike Falcon Insight — Endpoint detection and response (EDR) capabilities ensure customers have comprehensive, real-time and historical visibility of everything that is executed in their environment. Falcon Insight provides extensive and instant detection, search, hunting, and response capabilities, eliminating the prospect of silent failure.
• CrowdStrike Falcon Discover — CrowdStrike’s security hygiene module provides real-time application usage and inventory and privileged user account monitoring. The data can be used to address the usage of inappropriate or unwanted applications. Future enhancements will cover other aspects of security hygiene such as system inventory to identify and remediate unmanaged systems. With Falcon Discover, customers can easily derive operational optimizations and cost reductions by more effectively managing software license costs. In addition, the module enables privileged account management capabilities by providing visibility into the use of administrator credentials across the enterprise.
• CrowdStrike Falcon Intelligence — Includes automated malware analysis, indicators and yara/snort signatures, technical and strategic reports for threat context, executive flash and periodic reporting to help customers better direct their cybersecurity resources and understand the threat environment in which they operate. With the Falcon Intel API, customers receive an automated, high-fidelity threat feed to help them ease and streamline management of security resources.
• CrowdStrike Falcon OverWatch — Managed threat hunting delivered by a global operation center, staffed around the clock by an elite group of cyber intrusion detection analysts and investigators, dedicated to continuously hunting for adversary activity in a customer’s environment. CrowdStrike OverWatch amplifies customers’ internal resources by notifying, prioritizing and escalating alerts, as well as responding and shutting down suspected intrusion activity, including malicious insiders.
Setting a New Standard in Endpoint Protection
CrowdStrike Falcon is the only platform that unifies next-generation AV, endpoint detection and response (EDR), and a 24/7 threat hunting service — all delivered via a single lightweight agent. With the introduction of the new product modules, customers now have the flexibility to replace their AV, augment it with endpoint detection and response capabilities and managed hunting, and easily scale their usage at the speed of business.
Recently named a Visionary in the 2017 Gartner Magic Quadrant for Endpoint Protection Platforms, CrowdStrike is setting a new standard for endpoint security — providing organizations with the only solution that can prevent, detect, respond and hunt for attacks via a single lightweight agent. The platform has achieved impressive success in the market replacing not only legacy AV solutions, but also a variety of next-generation AV point products. CrowdStrike Falcon has been independently tested and proven as an effective AV replacement, including verification from testing with AV-Comparatives and SE Labs.