Threat Intelligence the CrowdStrike Way
Introduction This document and video will provide an overview of CrowdStrike’s Intelligence services and the importance of consumable intelligence. Video…
How to Contain an Incident
Introduction This document and video will define breakout time and a challenge for companies to quickly detect, understand and eradicate…
How to Leverage Falcon Sandbox Analysis
Introduction This document and video will illustrate the power of Falcon Sandbox and how it differentiates itself from other solutions…
CrowdStrike for Security Operations
Introduction This document and video will demonstrate how the CrowdStrike solution empowers the Security Operations Center to detect and understand…
How to Remotely Remediate an Incident
Introduction This document and video will demonstrate how to use Real Time Response to access and remediate an endpoint with…
Adversary Extends Persistence by Modifying System Binaries
At the end of September 2018, the CrowdStrike® Falcon OverWatch™ team identified suspicious interactive activity on a Linux host within…
How to Gain Full PowerShell Visibility with CrowdStrike Falcon
Introduction PowerShell visibility is a necessity when investigating today's threats. CrowdStrike provides the most comprehensive solution to detect, discover, and…
How to Generate Your First Detection
Introduction In this document and video, you'll see how to generate your first detection. You will also see how Falcon…
Confessions of a Responder: The Hardest Part of Incident Response Investigations
It’s not the disk forensics. It’s not the log analysis. It’s not even the lawyers (we love working with law…
Big Data, Graph, and the Cloud: Three Keys to Stopping Today’s Threats
An edited version of this blog was published as an article in Teiss on December 12, 2018. Graph databases are…