FALCON PREVENT FREE TRIAL FAQ

Falcon Prevent provides next generation antivirus (NGAV) capabilities, delivering comprehensive and proven protection to defend your organization against both malware and malware-free attacks. Incorporating identification of known malware, machine learning for unknown malware, exploit blocking and advanced Indicator of Attack (IOA) behavioral techniques, CrowdStrike Falcon Prevent allows organizations to confidently replace their existing legacy AV solutions.

Falcon supports Windows, Mac and Linux operating systems. Supported Windows OS:

• Windows 7 SP1 x86 and x64
• Windows 7 Embedded (available from sensor build 2.28.5012)
• Windows 10, Windows 10 Anniversary Build, Windows 10 Creators Update
• Windows Server 2008 R2 SP1 x64 (OS available as x64 only)
• Windows Server 2012
• Windows Server 2012 R2
• Windows Server 2016

Supported Mac OS:

• Apple macOS Mojave 10.14 (sensor 4.13.7501 and later)
• Apple macOS Catalina 10.15* and later (sensor 5.19.9906 and later)

Supported Linux OS: We support these x86_64 versions of these Linux server OSes:

• Amazon Linux 2
• Amazon Linux AMI
  • 2018.03
  • 2017.09
  • 2017.03
• CentOS
  • 8.0 – 8.3
  • 7.1 – 7.9
  • 6.7 – 6.10
• Debian 9.4
• Oracle Linux
• Oracle Linux 6 - UEK 3, 4
• Oracle Linux 7 - UEK 3, 4, 5
• Red Hat Compatible Kernels (supported RHCK kernels are the same as for RHEL)
• Red Hat Enterprise Linux (RHEL)
  • 8.0-8.3
  • 7.1-7.9
  • 6.7-6.10
• SUSE Linux Enterprise (SLES)
  • 15
  • 12.1 – 12.5
  • 11.4
• Ubuntu
  • 20.04 LTS
  • 20.04 AWS
  • 20.04 GCP
  • 18 AWS
  • 18 GCP
  • 18.04 LTS
  • 16-AWS
  • 16.04 LTS
  • 14.04 LTS
• Additional Linux Support
  • AWS ARM-based Graviton Processors
  • Amazon Linux 2

The Falcon Admin UI can be accessed through Google Chrome only.

To add a second user in your organization add them as a user in the Falcon UI in the “Users” app.

There are 5 modules available within the Trial. Your Trial will start with our AV module, Prevent. You can then go to the CrowdStrike Store to enable Falcon X, Falcon Device Control, Falcon Firewall Management, and Falcon Horizon. If you are interested in Falcon Insight, Falcon Overwatch, or Falcon Discover please speak with one of our sales reps or email falcontrial@crowdstrike.com.

Yes, indeed, the lightweight Falcon sensor that runs on each endpoint includes all the prevention technologies required to protect the endpoint, whether it is online or offline. Those technologies include machine learning to protect against known and zero-day malware, exploit blocking, hash blocking and CrowdStrike’s behavioral artificial intelligence heuristic algorithms, known as Indicators of Attack (IOAs).

Yes, CrowdStrike Falcon Prevent if a fully certified AV replacement solution and allows organizations to confidently replace their existing legacy AV. Incorporating identification and prevention of known malware, machine learning for unknown malware, exploit blocking and advanced Indicator of Attack (IOA) behavioral techniques, Falcon Prevent protects against attacks whether your endpoints are online or offline. Falcon Prevent also features integration with Windows System Center, for those organizations who need to prove compliance with appropriate regulatory requirements.

Yes, CrowdStrike Falcon can help organizations in their efforts to meet numerous compliance and certification requirements. Falcon has received third-party validation for the following regulations: PCI DSS v3.2 | HIPAA | NIST | FFIEC | PCI Forensics | NSA-CIRA | SOC 2 | CSA-STAR | AMTSO | AV Comparatives.

Yes, Falcon Prevent offers powerful and comprehensive prevention capabilities. Falcon Prevent can stop execution of malicious code, block zero-day exploits, kill processes and contain command and control callbacks.

No, CrowdStrike Falcon delivers next-generation endpoint protection via the cloud. A key element of “next gen” is reducing overhead, friction and cost in protecting your environment. There is no on-premises equipment to be maintained, managed or updated. The Falcon sensor is unobtrusive in terms of endpoint system resources and updates are seamless, requiring no re-boots. The Falcon web-based management console provides an intuitive and informative view of your complete environment.

No, Falcon was designed to interoperate without obstructing other endpoint security solutions, including third-party AV and malware detection systems.

Yes, due to a non disk scanning nature of Falcon prevent, you can install on workstations and servers.

CrowdStrike Falcon is a 100 percent cloud-based solution, offering Security as a Service (SaaS) to customers. Falcon requires no servers or controllers to be installed, freeing you from the cost and hassle of managing, maintaining and updating on-premises software or equipment.

Falcon Prevent uses an array of complementary prevention and detection methods to protect against ransomware:

• Blocking of known ransomware
• Exploit blocking to stop the execution and spread of ransomware via unpatched vulnerabilities
• Machine learning for detection of previously unknown “zero-day” ransomware
• Indicators of Attack (IOAs) through behavioral analysis to identify and block additional unknown ransomware, as well as new categories of ransomware that do not use files to encrypt victims’ data

During your free trial the Falcon web interface will indicate the number of days left in your free trial. At the end of this period access to the Falcon UI will be terminated. However if you’d like to extend your time or have additional questions, reach out on the Free Trial webpage.

To uninstall the falcon sensor on a single host navigate to Control Panel > Programs > Programs and Features. Highlight “CrowdStrike Windows Sensor” then click “Uninstall”. Follow the prompts to complete the process. If you have installed with a password protected sensors, you will need to use the same password to uninstall.