CrowdStrike Inc., the leader in cloud-delivered next-generation endpoint protection, today announced new capabilities and features that provide customers with unmatched prevention against malware and malware-free attacks and a variety of unique product modules that further expand CrowdStrike’s suite of offerings. Among the innovative, new capabilities being introduced is enhanced endpoint machine learning that advances and augments CrowdStrike’s behavioral-based machine learning prevention in the cloud for complete and effective protection for all endpoints. With this new enhancement, even sensors completely disconnected from the cloud receive full antivirus (AV) protection against malware and malware-free attacks. Now, all customers have access to this groundbreaking functionality and its expanded lineup of features, capabilities, and reliability for fast turnaround and increased throughput.
Falcon’s prevention engine is powered by a record small 20MB machine learning model that is trained on more than 30 billion daily events processed in the CrowdStrike Threat Graph™. It sets a new standard in the industry for highly effective protection and ensures minimal false positives and extremely low performance overhead on the endpoint.
In addition, CrowdStrike introduced AV replacement functionality for MacOS that incorporates user-adjustable, cloud-based machine learning and blocking functionality into the CrowdStrike Falcon platform.
Product Repackaging with New and Enhanced Modules
With this product release, customers can now choose to implement a stand-alone capability to replace their AV or augment it with endpoint detection and response (EDR) and a threat hunting service for complete endpoint protection.
To drive flexible and efficient procurement of the CrowdStrike capabilities, the company has introduced and repackaged five integrated modules that run on the Falcon platform and are delivered through a single lightweight agent:
- CrowdStrike Falcon Prevent — CrowdStrike’s AV replacement module offers the most advanced next-generation prevention capabilities to stop malware and malware-free attacks without requiring signatures and the heavy updates that come with them. Leveraging CrowdStrike’s state-of-the-art file and behavioural-based proprietary machine learning and Indicator-of-Attack (IOA) methodology, the solution prevents attacks pre-execution and is particularly effective at stopping new, polymorphic or obfuscated malware, which is often missed by legacy AV solutions. Additionally, due to CrowdStrike Falcon’s cloud-native architecture, the technology can be fully deployed and operational in hours with zero maintenance costs or end-user impact.
- CrowdStrike Falcon Insight — Endpoint detection and response (EDR) capabilities ensure customers have comprehensive, real-time and historical visibility of everything that is executed in their environment. Falcon Insight provides extensive and instant detection, search, hunting, and response capabilities, eliminating the prospect of silent failure.
- CrowdStrike Falcon Discover — CrowdStrike’s security hygiene module provides real-time application usage and inventory and privileged user account monitoring. The data can be used to address the usage of inappropriate or unwanted applications. Future enhancements will cover other aspects of security hygiene such as system inventory to identify and remediate unmanaged systems. With Falcon Discover, customers can easily derive operational optimisations and cost reductions by more effectively managing software license costs. In addition, the module enables privileged account management capabilities by providing visibility into the use of administrator credentials across the enterprise.
- CrowdStrike Falcon Intelligence — Includes automated malware analysis, indicators and yara/snort signatures, technical and strategic reports for threat context, executive flash and periodic reporting to help customers better direct their cybersecurity resources and understand the threat environment in which they operate. With the Falcon Intel API, customers receive an automated, high-fidelity threat feed to help them ease and streamline management of security resources.
- CrowdStrike Falcon OverWatch — Managed threat hunting delivered by a global operation centre, staffed around the clock by an elite group of cyber intrusion detection analysts and investigators, dedicated to continuously hunting for adversary activity in a customer’s environment. CrowdStrike OverWatch amplifies customers’ internal resources by notifying, prioritising and escalating alerts, as well as responding and shutting down suspected intrusion activity, including malicious insiders.
Setting a New Standard in Endpoint Protection
CrowdStrike Falcon is the only platform that unifies next-generation AV, endpoint detection and response (EDR), and a 24/7 threat hunting service — all delivered via a single lightweight agent. With the introduction of the new product modules, customers now have the flexibility to replace their AV, augment it with endpoint detection and response capabilities and managed hunting, and easily scale their usage at the speed of business.
Recently named a Visionary in the 2017 Gartner Magic Quadrant for Endpoint Protection Platforms, CrowdStrike is setting a new standard for endpoint security -- providing organisations with the only solution that can prevent, detect, respond and hunt for attacks via a single lightweight agent. The platform has achieved impressive success in the market replacing not only legacy AV solutions, but also a variety of next-generation AV point products. CrowdStrike Falcon has been independently tested and proven as an effective AV replacement, including verification from testing with AV-Comparatives and SE Labs.
George Kurtz, co-founder and chief executive officer of CrowdStrike
“The incumbent AV technologies are ineffective in ensuring that organisations are able to protect themselves against the rising tide of cyber threats. With our advanced threat prevention and security management functionality, coupled with the industry’s largest threat telemetry, CrowdStrike Falcon is the only platform that provides CIOs and their teams with control, visibility, and protection -- all through one lightweight endpoint sensor, leveraging the power of artificial intelligence and machine learning. We are already replacing legacy and next-generation AV solutions at a rapidly growing pace, and with today’s announcement, customers can take advantage of the Falcon platform in a modular fashion, allowing them to consume the technology in a flexible and frictionless manner to best meet their needs.”
Christina Richmond, program director, Worldwide Security Services, IDC
“The addition of on-sensor machine learning is a game-changer in the advanced threat prevention and analytics market. The company has created a platform that leverages both machine learning in the cloud as well as on-sensor, and is capable of providing full zero-day prevention while disconnected from the network. CrowdStrike’s machine learning approach leverages both file-based and behavioral models, and as such, the company is helping to drive the market in threat prevention. In addition, their modular approach gives customers the flexibility to start by replacing their legacy AV with CrowdStrike Falcon Prevent and add additional modules like EDR, as needed, for complete protection.”
Rich Fennessy, chief executive officer of Kudelski Security
“As attacker sophistication and enterprise complexity both continue to increase, our clients are repeatedly asking for new and advanced ways to help protect their environments. We’ve been impressed with CrowdStrike’s market shaping approach, their cloud delivery and the massive scalability of their product. We’ve chosen their AV replacement, EDR capabilities and EPP platform as key tools of our consulting and managed services solutions, and have seen strong adoption for their technology with our clients. We’ve appreciated the level of partnership we have experienced with CrowdStrike, both in the U.S. and in Europe, and expect their growth to continue.”
Steve Philpott, chief information officer at Western Digital Corporation
“CrowdStrike’s cloud-based endpoint protection is a game-changer. It offers advanced protection to prevent threats and enables companies to gain real-time, ongoing analysis of what is happening in their environment. As more and more organisations are looking for more effective solutions that can stop advanced, modern-day threats, I believe CrowdStrike Falcon is the answer.”