How to Leverage Falcon Sandbox Analysis
Introduction This document and video will illustrate the power of Falcon Sandbox and how it differentiates itself from other solutions…
CrowdStrike for Security Operations
Introduction This document and video will demonstrate how the CrowdStrike solution empowers the Security Operations Center to detect and understand…
How to Remotely Remediate an Incident
Introduction This document and video will demonstrate how to use Real Time Response to access and remediate an endpoint with…
Adversary Extends Persistence by Modifying System Binaries
At the end of September 2018, the CrowdStrike® Falcon OverWatch™ team identified suspicious interactive activity on a Linux host within…
How to Gain Full PowerShell Visibility with CrowdStrike Falcon
Introduction PowerShell visibility is a necessity when investigating today's threats. CrowdStrike provides the most comprehensive solution to detect, discover, and…
How to Generate Your First Detection
Introduction In this document and video, you'll see how to generate your first detection. You will also see how Falcon…
Confessions of a Responder: The Hardest Part of Incident Response Investigations
It’s not the disk forensics. It’s not the log analysis. It’s not even the lawyers (we love working with law…
Big Data, Graph, and the Cloud: Three Keys to Stopping Today’s Threats
An edited version of this blog was published as an article in Teiss on December 12, 2018. Graph databases are…
MITRE ATT&CK: Why Detections and Tainted Telemetry are Required for an Effective EDR Solution
Following the MITRE ATT&CK™ Evaluation of endpoint detection and response (EDR) solutions, I've heard a lot of confusion surrounding the…
Article Stresses The Need For Strong Cybersecurity Governance at All Points in The Investment Chain
This article is republished by permission and is an excerpt from White & Case Private Equity Viewpoint magazine, Issue #2:…