This is a question I ask a lot of organizations that I speak with. While the obvious answer should be both, if you had to stack rank the two what would you choose first? If you chose malware as the first on your list, you might want to rethink your choice. On a daily basis, we see hundreds of potential attacks unfold, and the reality is that over 60% of all attacks are not malware-based. Even if you could stop 100% of the malware that might try to infect your organization, you will still likely fall short of preventing 100% of the breach attempts. To make matters worse, we all know that there is no technology or company on the planet that can guarantee 100% detection rates. Plain and simple: There is no silver bullet to slay the security dragons. Given the dynamic nature of the evolving threat landscape, perfection is not attainable; however, to quote Vince Lombardi, “If we chase perfection, we can catch excellence.” This is our mission at CrowdStrike, and given our winter release, I am proud to say we have meaningfully moved the ball forward with incredible new capabilities that stop breaches.
Our chief product officer, Dave Cole, outlines all of the great features and enhancements that we have delivered in our Falcon platform winter release. While I won’t go through every product detail, I do believe we are setting the bar for next-generation endpoint protection. One of the most exciting product evolutions is our CrowdStrike Threat Graph™. Our Threat Graph™ is really the brains behind how our cloud works. A massively scalable graph database model (custom built by our engineering ninjas) that allows us to process and correlate over 10 billion of events per day, orders of magnitude beyond what the largest Security Information Event Management (SIEM) systems can handle. What this means for our customers is that we continually look for evil by applying a combination of graph analytics and machine learning algorithms across our cloud. Our machine learning algorithms not only look at file features, but more importantly, they track the behaviors of every executable in our customer environment. This potent combination allows us to find the “unknown unknowns.” You will be hearing a lot more about our plans for allowing our customers to unlock the power of our cloud and interact with our Threat Graph™ directly.
We have also enhanced our next-generation antivirus capabilities by adding additional zero-day exploit mitigation techniques and important protection against CryptoWall ransomware. As David Giambruno, the CIO at Tribune Media says, “Falcon is not just a malware stopper, it is a stopper.” We have also bolstered our Endpoint Detection and Response (EDR) capabilities — our ‘DVR’ for your endpoint — allowing expanded search activities across your enterprise with a five-second response time. Tasks that would take days with a traditional IOC scan-centric approach are now effortless and nearly instantaneous. Backing up all this technology is our Falcon Overwatch team — team of hunters working on your behalf 24×7 trying to find any potential breach activity and stopping silent failure so you don’t have to.
To our customers, I hope you are as excited about our winter release as we are. We listened to your feedback and have delivered on what you asked for. Since we are cloud-delivered and managed, no infrastructure or console upgrades are necessary, saving you time and effort. The way endpoint security should be.
If you are interested in joining the endpoint revolution, please click here to set up a demo with our team.