X

Our website uses cookies to enhance your browsing experience.

CONTINUE TO SITE >

Expanding Protection with Remote System Control

Introduction

Sinkholes can be used by both bad actors and system administrators alike. Bad actors can redirect systems to malicious domains and security admins can stop systems from reaching those domains. If remote employees are not using the corporate VPN, do security teams have the ability to manipulate system redirects and sinkhole malicious domains? 

Video

Remote system control is more important than ever

Remote workers can directly access cloud-based applications or use the internet to complete various tasks. This direct access minimizes the need to use the corporate VPN which can provide some level of protection against malicious domains. Since a remote system is not using the corporate firewall and may not always be connected to the VPN, there’s a greater risk of connecting to or being redirected to a malicious domain. An organization’s ability to protect that endpoint can be challenging.  

When traditional security solutions – from a firewall to a web gateway – are not available for controlling and directing traffic, security admins and responders need alternative options. One option is to sinkhole the malicious domain and prevent systems from connecting to, or redirecting to it, regardless of the links that remote users click.

Security teams need comprehensive response capabilities to protect endpoints and prevent them from accessing known malicious domains. 

Solution

CrowdStrike Real Time Response (available with Falcon Insight™ and Falcon Endpoint Protection Pro) enables responders to directly access remote endpoints and run a wide variety of commands including kill processes, remove files or directories, manipulate the Windows registry or even run custom scripts. With a simple script, responders can sinkhole a malicious domain to provide some network level security and protect users from navigating to it.

Closing

Get immediate time to value, extend your visibility and protect your organization regardless of physical location. Try CrowdStrike’s Falcon platform for free: https://go.crowdstrike.com/try-falcon-prevent.html

Content Provided by Anne Aarness

More resources

CrowdStrike Falcon Free Trial
 

Try CrowdStrike Free for 15 Days Get Started with A Free Trial