-
- Why Every Second Counts
- ON DEMAND
- Listen Now
Falcon OverWatch: Proactive Managed Threat Hunting
OverWatch is the Falcon platform’s human threat detection engine. OverWatch operates as an extension of your team, hunting relentlessly to see and stop the most sophisticated hidden threats.
Request Info
Benefits
Why Choose Falcon OverWatch
-
See and Stop Hidden Advanced Attacks
The OverWatch team hunts relentlessly to see and stop the most stealthy sophisticated threats: the 1% of 1% of threats that blend in silently and lead to a breach if they remain undetected.
-
Maximum effectiveness and efficiency
OverWatch delivers the best results by augmenting skilled analysts with the most advanced technology. Our elite human experts use cloud-scale data, custom tools, and up-to-the-minute threat intelligence to hunt with unprecedented speed and scale.
-
Seamless extension of your team
As a core component of the Falcon Platform, OverWatch delivers results for organizations of all sizes as a seamless extension of your team, minimizing overhead, complexity, and cost.
Technical Features
People, Process, and Technology are All Key to Stopping Breaches
24 x 7 Human Expertise
- Effective hunting requires the ability and expertise to think like an attacker.
- Cross-disciplinary expertise. OverWatch employs elite experts from a wide range of backgrounds, including: government, law enforcement, commercial enterprise, intelligence community, and defense.
- When a sophisticated intrusion occurs, time is critical. Your adversaries do not sleep, and are not restricted by time zones or geography, and neither should your threat hunting team.
- Continuous vigilance. OverWatch’s continuous, proactive operations deliver results every minute of every day.
- Finely-tuned response. OverWatch identifies and responds to hundreds of potential breaches per week. Each threat handled helps the team fine tune their skills and processes, ensuring they are always sharp and effective.
Cloud-scale Security Telemetry
- Threat hunting requires more than just good people -- those people need good tooling. Scalable and effective threat hunting requires access to vast amounts of data, and the tools to mine that data for signs of intrusions.
- OverWatch takes advantage of the cloud-scale telemetry of CrowdStrike’s proprietary Threat Graph to get broad, deep visibility, delivered in real time.
- Threat Graph ingests more than 2 trillion events per week, giving Falcon OverWatch the broadest, most real-time view of threat activity, as it happens all over the world.
Up-to-the-minute Threat Intelligence
- You can’t detect a threat you don’t understand.
- CrowdStrike Threat Intelligence empowers OverWatch with detailed, always-current knowledge of tradecraft from more than 120 adversaries.
- This intimate knowledge of the latest TTPs (Tactics, Techniques, and Procedures) in use today ensures that OverWatch is able to hunt effectively and efficiently.
Seamless Part of the Falcon Platform
- One team, one fight. OverWatch operates as an extension of the Falcon platform, and your team, delivering timely threat information within the single cloud-native console.
- Alerts augmented with context. OverWatch analysts deliver alerts that are augmented with contextual details and global insights to help organizations understand threats and act faster.
Technical Center
For technical information on Falcon OverWatch, please visit the CrowdStrike Tech Center.
Product Validation
Customers Trust CrowdStrike
Third-Party Validation
Since 2016, CrowdStrike has demonstrated a strong commitment to continuous industry collaboration, scrutiny, and testing. Time and time again, CrowdStrike has been independently certified to replace legacy solutions.
-
![[For Modules Only] Forrester TEI](https://www.crowdstrike.com/wp-content/uploads/2019/10/Forrester-Logo.png)
Forrester Total Economic Impact
Falcon OverWatch helps organizations reduce risks and improve efficiencies, resulting in 316% ROI.
-
![[For Modules Only]Sans Review](https://www.crowdstrike.com/wp-content/uploads/2018/08/report_09.jpg)
SANS Review of OverWatch
SANS experts review how Falcon OverWatch responds in real time to sophisticated threats including credential theft, lateral movement and defense evasion
Visit our third-party evaluations page to see how CrowdStrike performed against the industry’s most rigorous tests and trials.
Review the ResultsFalcon OverWatch Offerings
Choose the one that suits you best
-
OverWatch Standard
See and stop hidden advanced attacks and reduce dwell time with 24 x 7 proactive human threat hunting.
-
OverWatch Premium
Provides customers with direct access to OverWatch threat analysts to consult on root causes and assist with analysis, perform weekly health checks, proactive configuration recommendations, and provide customized quarterly briefings.
| OverWatch Standard | OverWatch Premium | |
|---|---|---|
Cross-disciplinary human experts
|
 |
|
|
Continuous vigilance
|
|
|
|
Cloud-scale telemetry
|
|
|
|
Intelligence-driven
|
|
|
|
Seamless integration with Falcon platform
|
|
|
|
Alerts augmented with context
|
|
|
|
Email notifications
|
|
|
|
OverWatch onboarding
|
| |
|
Proactive recommendations and tuning
|
| |
|
Access to OverWatch threat response analyst.
|
| |
|
Detailed response recommendations
|
| |
|
Prevention health checks and security recommendations
|
| |
|
Phone notifications for critical alerts
|
|
Related Resources
Learn More About Falcon OverWatch
-
Datasheet
Falcon OverWatch Datasheet
Download >
-
Whitepaper
Falcon OverWatch White Paper
Download >
-
Datasheet
Falcon OverWatch Service Tiers
Download >
Get Answers to Commonly Asked Questions
Falcon OverWatch FAQPurchase Falcon OverWatch as a Part of a Bundle
Our bundles are specifically tailored to meet a wide range of endpoint security needs.
Explore the Bundles