產品介紹

端點進階威脅偵測與防禦系統(EDR)、情資及沙箱 ~ CrowdStrike









64febbd4e705f6c64289f1004b1e5e69.pngCrowdStrike Named a Strong Performer for External Threat Intelligence Services by Independent Research Firm

Forrester Wave™: 2018年CrowdStrike 是EDR(Endpoint Detection and Response)領導者。

b4d70e46b2d6f647ca47479fb1d721e7.png 
1b5ace331715ee7ead00b2fbed55f454.png

CrowdStrike是第一個也是唯一一家能夠統整次世代防毒(Next-Generation Anti-Virus)、端點偵測與回應(Endpoint Detection & Response)和24/7全天候管理的威脅獵捕(Threat Hunting)服務的資安公司。


防止現有資安工具無法防範的攻擊

只有CrowdStrike可以為您提供主動和持續的保護,抵禦日常威脅以及複雜的攻擊,這是傳統以惡意程式為中心的資安防護工具所做不到的事情。透過強大的圖形分析和關聯全球客戶數十億筆的事件,CrowdStrike Threat Graph™源源不絕地更新這些攻擊與威脅的資料,並在背後不斷的工作來檢測這些難以檢測的攻擊事件,持續精進次世代端點防護系統的能力。

大數據 AI 分析,幾秒內查知有無入侵,立即阻斷。

Real-World Protection Test July-November 2017報告,0誤判。

情資模組,提供入侵駭客及手法,分析是否有針對性及預測入侵標的。

Falcon Overwatch是一個全球性的運營中心,由一群頂尖的網路入侵檢測分析與調查專家每天24小時、每周七天,全年無休的為您工作。 

整合威脅情報與資安事件應變(IR)服務 ~ CrowdStrike整合內部團隊來提供最佳的威脅情報,以及全面的資安事件應變服務─從問題發生前,一直到事後處理,全天候為您提供支援。專業的服務團隊提供您需要的資料來防禦與應變資安事件、阻止入侵事件以及加速您修補漏洞的速度。

CrowdStrike Falcon Prevent — CrowdStrike’s AV replacement module offers the most advanced next-generation prevention capabilities to stop malware and malware-free attacks without requiring signatures and the heavy updates that come with them. Leveraging CrowdStrike’s state-of-the-art file and behavioural-based proprietary machine learning and Indicator-of-Attack (IOA) methodology, the solution prevents attacks pre-execution and is particularly effective at stopping new, polymorphic or obfuscated malware, which is often missed by legacy AV solutions. Additionally, due to CrowdStrike Falcon’s cloud-native architecture, the technology can be fully deployed and operational in hours with zero maintenance costs or end-user impact.

CrowdStrike Falcon Insight — Endpoint detection and response (EDR) capabilities ensure customers have comprehensive, real-time and historical visibility of everything that is executed in their environment. Falcon Insight provides extensive and instant detection, search, hunting, and response capabilities, eliminating the prospect of silent failure.

CrowdStrike Falcon Discover — CrowdStrike’s security hygiene module provides real-time application usage and inventory and privileged user account monitoring. The data can be used to address the usage of inappropriate or unwanted applications. Future enhancements will cover other aspects of security hygiene such as system inventory to identify and remediate unmanaged systems. With Falcon Discover, customers can easily derive operational optimizations and cost reductions by more effectively managing software license costs. In addition, the module enables privileged account management capabilities by providing visibility into the use of administrator credentials across the enterprise.

CrowdStrike Falcon Threat Intelligence — Includes automated malware analysis, indicators and yara/snort signatures, technical and strategic reports for threat context, executive flash and periodic reporting to help customers better direct their cybersecurity resources and understand the threat environment in which they operate. With the Falcon Intel API, customers receive an automated, high-fidelity threat feed to help them ease and streamline management of security resources.

CrowdStrike Falcon OverWatch — Managed threat hunting delivered by a global operation center, staffed around the clock by an elite group of cyber intrusion detection analysts and investigators, dedicated to continuously hunting for adversary activity in a customer’s environment. CrowdStrike OverWatch amplifies customers’ internal resources by notifying, prioritizing and escalating alerts, as well as responding and shutting down suspected intrusion activity, including malicious insiders.

CrowdStrike Falcon Spotlight – Falcon Spotlight™, built on the CrowdStrike Falcon® platform, is the industry’s first scan-less, agent-based vulnerability management solution, offering security teams a continuous and real-time assessment of the vulnerability exposure of their endpoints. Native integration in the Falcon platform enables customers to operationalize vulnerability management within a complete endpoint protection framework, resulting in a stronger security posture and unparalleled incident prevention, detection and response.

CrowdStrike Falcon X - Falcon X enables customers of all sizes to better understand the threats they face and empowers them to use that knowledge to defend against future attacks — making proactive security a reality.  Falcon X combines the tools used by cyberthreat investigators into a seamless solution and performs the investigation automatically. The integrated toolset includes malware analysis, malware search and threat intelligence.

CrowdStrike Falcon Search Engine - Falcon Search Engine brings game-changing speed to your Security Operations Center by leveraging the Falcon platform. CrowdStrike sees over 110 billion unique security events per day from its install base that spans 176 countries, and has amassed the industry's largest collection of searchable malware. Patent pending indexing technology puts all of this at your fingertips and delivers real-time search results with Falcon MalQuery.

CrowdStrike Falcon Sandbox - Falcon Sandbox performs deep analysis of evasive and unknown threats, enriches the results with threat intelligence and delivers actionable indicators of compromise (IOCs), enabling your security team to better understand sophisticated malware attacks and strengthen their defenses.

CrowdStrike Falcon Device Control - Falcon Device Control provides the visibility and granular control required to enable safe usage of USB devices across your organization. Automatically delivers the complete visibility you need, allowing you to monitor how USB devices are used in your environment. Enables you to determine precisely what devices are allowed or restricted, and the granular level of access granted to each device.

a3fc3740be88a8756392987bd48ca5e8.png  7308e1d47795487ebc5b5d5e142e1560.png

Falcon Platform Module Overview:

Cloud-delivered Endpoint Protection Overview


CrowdStrike Falcon MalQuery – The Faster, More Complete Malware Search Engine


How Falcon Sandbox improves threat response


CrowdStrike Falcon Intelligence walkthrough


How Falcon OverWatch Proactively Hunts for Threats in Your Environment


Falcon Use Case Videos:

How CrowdStrike Falcon prevents infection and spread of the destructive NotPetya attack
How CrowdStrike Falcon protects against Ransomware
How machine learning on the Falcon sensor provides better protection
How to Get Five Second Visibility Across Your Organization with Falcon Host Endpoint Protection
How to replace traditional AV with CrowdStrike
How Falcon protects off-line hosts from new threats
How Falcon prevents script-based attacks
How CrowdStrike stops malicious PowerShell downloads
How to block zero day and file-less exploits with CrowdStrike Falcon
How to Prevent Malware-Free Attacks with CrowdStrike Falcon Host Endpoint Protection
How to Hunt for Threat Activity with Falcon Host Endpoint Protection


DataSheet 產品型錄

Datasheet_Falcon_Device_Control
Falcon_Intellingence Datasheet
White Paper- Indicators of Attack vs Indicators of Compromise
White Paper -Threat Intelligence


eDM相關資料: