Next-generation endpoint protection for mac endpoints against malware and beyond
Industry leading protection and response capabilities for macOS environments — nullify malware and sophisticated attacks — even when offline.
Unparalleled Visibility to Stop Breaches
Continuous monitoring for in-depth insight and accelerated threat detection and response. Powerful visibility extends to threat intelligence and IT hygiene for ultimate analyst control.
Rapidly deploy comprehensive, cross platform capabilities without the need for signatures, fine-tuning or costly infrastructure. Protect and respond at scale through a single agent — simply and efficiently.
Check Out the Specs and Traits
Unmatched Next-Gen Endpoint Protection Technologies
- CrowdStrike Falcon for macOS protects against a broad spectrum of attacks from commodity and zero-day malware, ransomware, and exploits to advanced malware-free and fileless attacks — stay ahead of the rapidly changing tactics, techniques and procedures (TTPs).
- For ultimate protection, Falcon combines technologies such as machine learning for malware protection on and off sensor, indicator of attack (IOA) behavioral blocking, custom IOA blocking, mac script control, allowlisting and detections based on threat intelligence reputation.
- Device Control for macOS gives analysts intuitive and granular control of external USB devices in their Big Sur environments without any additional endpoint software installation or hardware to manage. (Available Summer 2021)
- Falcon uniquely integrates powerful best-in-class prevention, detection and response with IT hygiene and extended visibility providing continuous breach prevention in a single, lightweight agent.
Unrivaled Visibility for Accelerated Threat Detection and Response
- Falcon for macOS intelligently detects advanced threats and malicious activities automatically. Prioritized, context-rich alerts eliminate time-consuming research and manual searches
- Continuous monitoring and visibility provide full details and raw events to enable proactive and managed threat hunting and forensic investigations
- Powerful response capabilities enable analysts to directly connect to the target host, gather additional relevant files and details, establish network containment, and upload and launch files and/or remediation scripts to easily deliver full remediation at scale, remotely.
- Integrated threat intelligence for macOS delivers the complete context of an attack, including attribution.
- Specialized intelligence for macOS with Falcon X is a force multiplier for analysts beyond what happened on the endpoint, revealing the "who, why and how" behind the attack.
- IT Hygiene with Falcon Discover provides detailed visibility over macOS applications, assets and user accounts giving analysts enriched visibility and response capabilities.
- Zero Trust Assessment provides enhanced visibility of the overall health of a Mac endpoint with a single metric along with recommendations to improve security posture. Metrics can be shared with CrowdStrike partners for real-time conditional access enforcement.
- Native M1 and Intel x86 support
- A single Falcon agent covers all supported macOS versions including Big Sur, with system extensions and backward compatibility with Mojave and Catalina, where Falcon will use the older kext approach as necessary
- The Falcon agent simplifies upgrading to newer macOS versions by automatically reconfigures itself to use the Apple system extension method for Big Sur and above
- Falcon for macOS supports kernel extensions (kext) and system extensions, offering the same levels of visibility, detection and protection