Cyber Security Operations Center
Cutting-Edge Advanced Adversary Intrusion Detection Services
CrowdStrike’s Cyber Security Operations Center (CSOC) is designed to provide our clients with cutting-edge advanced adversary intrusion detection services. Our operations center provides constant automated monitoring of CrowdStrike’s security products and security data feeds from other products to provide a holistic view of the cyber landscape.
CrowdStrike’s CSOC solutions can help reveal any existing compromised systems while providing counter-intelligence and recommendations. Our team is armed with the latest methodologies to counter even the most sophisticated of asymmetric or state-sponsored adversaries.
CrowdStrike focuses on incorporating intelligence collection and analysis into every aspect of our work. Our custom solutions assist your organization with a tactical response that can help you continually mature and evolve your Incident Response capabilities. Our two primary tactical solutions are StrikeDNS and StrikeEmail.
DNS Protect is a geographically distributed threat mitigation system constantly updated with the latest CrowdStrike Intelligence. This system looks for behavioral patterns as well as known malicious domains. Subscribers of this service will have suspicious and malicious DNS requests blocked or redirected. When requests are redirected, that traffic is saved for additional analysis by the CrowdStrike team.
- Monitor, log, and analyze DNS activity
- Identify infected machines that are beaconing out to adversary command and control servers
- Manage a “blacklist“ for DNS server(s) and conduct “sinkholing” as appropriate in order to attempt to provide protection to the your infrastructure
- Perform intelligence analysis on DNS records interacting with your network
- On request, block agreed-on top-level domains and subdomains of websites
Email Protect provides an additional layer of protection to help detect and mitigate the commonly used attack vector of spear phishing. The key to this service is that it is not based upon AV or SPAM protection. Email monitoring uses intelligence, gathered by CrowdStrike, to detect methods used by attackers.
- Identify behavioral patterns within emails and email attachments
- Customize unique configurations to your mail infrastructure and delivery platform(s)
- Leverage a cloud-based service with no onsite hardware required
- Work passively with other mail gateway solutions
- Gain access to real-time alerting of suspicious and malicious emails and/or attachments