At CrowdStrike, our mission is to stop breaches. For us to be successful in our mission, not only do we rigorously test our product internally against the latest real-world threats discovered by the CrowdStrike® Intelligence and Falcon OverWatch™ teams, we also commit to testing the CrowdStrike Falcon® platform with the leading independent testing organizations. This means we continue to provide the necessary transparency on how our capabilities fare in close-to-real-world testing scenarios and provide confidence to our customers that we continue to deliver the best protection available.
For the most recent SE Labs publication, Breach Response Test — Protection Mode, the CrowdStrike Falcon platform was tested against a range of advanced attacks originally used by nation-state adversaries and APT (advanced persistent threat) groups to compromise systems and penetrate target networks.
SE Labs tested CrowdStrike Falcon’s ability to:
- Detect highly targeted attacks
- Protect against the actions of highly targeted attacks
- Provide remediation to damage and other risks posed by the threats
Legitimate files, applications and URLs were used alongside the threats and malicious activity to measure accuracy since mountains of false positive alerts negatively impact effectiveness. In short, these testing scenarios are representative of a real and present threat to businesses the world over.
The test covers 32 different attack scenarios, modeled after tactics and techniques observed in intrusions from four separate adversary groups targeting financial, U.S. retail and hospitality, natural resources, and banking.
- FIN7 (CARBON SPIDER)
- FIN4 (WOLF SPIDER)
- Silence (WHISPER SPIDER)
100% Detection and 100% Prevention in 100% of the Tests
CrowdStrike Falcon achieved complete detection and protection coverage against all attack scenarios, while allowing all legitimate applications to operate out-of-the-box and without any tedious tuning or custom configuration. This is an exceptional result in a very difficult test.
- AAA Rating for Breach Response, the highest rating awarded by SE Labs. This continues CrowdStrike’s impressive tradition of achieving nine AAA ratings in Enterprise Endpoint Protection dating back to March 2018.
- 100% detection and prevention across all 32 intrusion scenarios, proving Falcon’s ability to detect and prevent sophisticated threat actor activity.
- Zero false positive results, showing that not only is Falcon highly effective at surfacing malicious activity, it does so without causing alert fatigue for security teams and without stopping business-critical activity for users.
Transparency and openness are at the core of CrowdStrike values, and we continue our commitment to participating in third-party testing with published, consistent testing criteria.
Download a copy of CrowdStrike SE Labs Breach Response Test — Protection Mode results and learn more about details of this test.
- To learn what other industry analysts are saying about CrowdStrike, visit the Industry Recognition webpage.
- Learn more about the CrowdStrike Falcon platform.
- Get a full-featured free trial of CrowdStrike Falcon Prevent™ and see how true next-gen AV performs against today’s most sophisticated threats.