Press Release | Media on CrowdStrike

CrowdStrike Introduces Enhanced Endpoint Machine Learning Capabilities and Advanced Endpoint Protection Modules

Company continues to accelerate pace of replacement of legacy AV solutions in both enterprise and SMB markets —

Irvine, CA – February 13, 2017 – CrowdStrike Inc., the leader in cloud-delivered next-generation endpoint protection, today announced new capabilities and features that provide customers with unmatched prevention against malware and malware-free attacks and a variety of unique product modules that further expand CrowdStrike’s suite of offerings. Among the innovative, new capabilities being introduced is enhanced endpoint machine learning that advances and augments CrowdStrike’s behavioral-based machine learning prevention in the cloud for complete and effective protection for all endpoints. With this new enhancement, even sensors completely disconnected from the cloud receive full antivirus (AV) protection against malware and malware-free attacks. Now, all customers have access to this groundbreaking functionality and its expanded lineup of features, capabilities, and reliability for fast turnaround and increased throughput.

Falcon’s prevention engine is powered by a record small 15MB machine learning model that is trained on more than 30 billion daily events processed in the CrowdStrike Threat Graph™. It sets a new standard in the industry for highly effective protection and ensures minimal false positives and extremely low performance overhead on the endpoint.

In addition, CrowdStrike introduced AV replacement functionality for MacOS that incorporates user-adjustable, cloud-based machine learning and blocking functionality into the CrowdStrike Falcon® platform.

Product Repackaging with New and Enhanced Modules

With this product release, customers can now choose to implement a stand-alone capability to replace their AV or augment it with endpoint detection and response (EDR) and a threat hunting service for complete endpoint protection.

To drive flexible and efficient procurement of the CrowdStrike capabilities, the company has introduced and repackaged five integrated modules that run on the Falcon platform and are delivered through a single lightweight agent:

  • CrowdStrike Falcon® Prevent — CrowdStrike’s AV replacement module offers the most advanced next-generation prevention capabilities to stop malware and malware-free attacks without requiring signatures and the heavy updates that come with them. Leveraging CrowdStrike’s state-of-the-art file and behavioral-based proprietary machine learning and Indicator-of-Attack (IOA) methodology, the solution prevents attacks pre-execution and is particularly effective at stopping new, polymorphic or obfuscated malware, which is often missed by legacy AV solutions. Additionally, due to CrowdStrike Falcon®’s cloud-native architecture, the technology can be fully deployed and operational in hours with zero maintenance costs or end-user impact.
  • CrowdStrike Falcon® Insight — Endpoint detection and response (EDR) capabilities ensure customers have comprehensive, real-time and historical visibility of everything that is executed in their environment. Falcon Insight provides extensive and instant detection, search, hunting, and response capabilities, eliminating the prospect of silent failure.
  • CrowdStrike Falcon® Discover — CrowdStrike’s security hygiene module provides real-time application usage and inventory and privileged user account monitoring. The data can be used to address the usage of inappropriate or unwanted applications. Future enhancements will cover other aspects of security hygiene such as system inventory to identify and remediate unmanaged systems. With Falcon Discover, customers can easily derive operational optimizations and cost reductions by more effectively managing software license costs. In addition, the module enables privileged account management capabilities by providing visibility into the use of administrator credentials across the enterprise.
  • CrowdStrike Falcon® Intelligence — Includes automated malware analysis, indicators and yara/snort signatures, technical and strategic reports for threat context, executive flash and periodic reporting to help customers better direct their cybersecurity resources and understand the threat environment in which they operate. With the Falcon Intel API, customers receive an automated, high-fidelity threat feed to help them ease and streamline management of security resources.
  • CrowdStrike Falcon® OverWatch — Managed threat hunting delivered by a global operation center, staffed around the clock by an elite group of cyber intrusion detection analysts and investigators, dedicated to continuously hunting for adversary activity in a customer’s environment. CrowdStrike OverWatch amplifies customers’ internal resources by notifying, prioritizing and escalating alerts, as well as responding and shutting down suspected intrusion activity, including malicious insiders.

Setting a New Standard in Endpoint Protection

CrowdStrike Falcon® is the only platform that unifies next-generation AV, endpoint detection and response (EDR), and a 24/7 threat hunting service — all delivered via a single lightweight agent. With the introduction of the new product modules, customers now have the flexibility to replace their AV, augment it with endpoint detection and response capabilities and managed hunting, and easily scale their usage at the speed of business.

Recently named a Visionary in the 2017 Gartner Magic Quadrant for Endpoint Protection Platforms, CrowdStrike is setting a new standard for endpoint security — providing organizations with the only solution that can prevent, detect, respond and hunt for attacks via a single lightweight agent. The platform has achieved impressive success in the market replacing not only legacy AV solutions, but also a variety of next-generation AV point products. CrowdStrike Falcon® has been independently tested and proven as an effective AV replacement, including verification from testing with AV-Comparatives and SE Labs.

Supporting Quotes:

George Kurtz, co-founder and chief executive officer of CrowdStrike

“The incumbent AV technologies are ineffective in ensuring that organizations are able to protect themselves against the rising tide of cyber threats. With our advanced threat prevention and security management functionality, coupled with the industry’s largest threat telemetry, CrowdStrike Falcon® is the only platform that provides CIOs and their teams with control, visibility, and protection — all through one lightweight endpoint sensor, leveraging the power of artificial intelligence and machine learning. We are already replacing legacy and next-generation AV solutions at a rapidly growing pace, and with today’s announcement, customers can take advantage of the Falcon platform in a modular fashion, allowing them to consume the technology in a flexible and frictionless manner to best meet their needs.”

Christina Richmond, program director, Worldwide Security Services, IDC

“The addition of on-sensor machine learning is a game-changer in the advanced threat prevention and analytics market. The company has created a platform that leverages both machine learning in the cloud as well as on-sensor, and is capable of providing full zero-day prevention while disconnected from the network. CrowdStrike’s machine learning approach leverages both file-based and behavioral models, and as such, the company is helping to drive the market in threat prevention. In addition, their modular approach gives customers the flexibility to start by replacing their legacy AV with CrowdStrike Falcon® Prevent and add additional modules like EDR, as needed, for complete protection.”

Rich Fennessy, chief executive officer of Kudelski Security

“As attacker sophistication and enterprise complexity both continue to increase, our clients are repeatedly asking for new and advanced ways to help protect their environments. We’ve been impressed with CrowdStrike’s market shaping approach, their cloud delivery and the massive scalability of their products. We’ve chosen their AV replacement, EDR capabilities and EPP platform as key tools of our consulting and managed services solutions, and have seen strong adoption for their technology with our clients. We’ve appreciated the level of partnership we have experienced with CrowdStrike, both in the U.S. and in Europe, and expect their growth to continue.”

Steve Phillpott, chief information officer at Western Digital Corporation

“CrowdStrike’s cloud-based endpoint protection is a game-changer. It offers advanced protection to prevent threats and enables companies to gain real-time, ongoing analysis of what is happening in their environment.  As more and more organizations are looking for more effective solutions that can stop advanced, modern-day threats, I believe CrowdStrike Falcon® is the answer.”

Additional Resources:

Read a blog by George Kurtz, CrowdStrike’s co-founder and chief executive officer, here.

About CrowdStrike

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation AV, endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent. The CrowdStrike Falcon®™ platform, certified to replace legacy antivirus, has reinvented how endpoint security is delivered with its industry-leading, cloud-native architecture. CrowdStrike Falcon® protects customers against all cyber attacks, using sophisticated signatureless artificial intelligence/machine learning and Indicator of Attack (IOA) based threat prevention to stop known and unknown threats in real-time. Core to its innovative approach is the CrowdStrike Threat Graph™ which analyzes and correlates over 30 billion events per day from millions of sensors deployed across 176 countries, uniquely providing crowdsourced protection for the entire customer community.

Many of the world’s largest organizations put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 healthcare providers, and three of the top 10 energy companies.

We Stop Breaches. Learn more:

Follow us: Blog |Twitter


Media Contact
Ilina Dimitrova