Winter Platform Expansion Highlights Threat Graph, Next-Generation Antivirus Features, and Ransomware Protection
Irvine, CA – February 24, 2016 – CrowdStrike Inc., a leader in cloud-delivered next-generation endpoint protection, threat intelligence and response services, today announced new, advanced features to the CrowdStrike Falcon™ Platform. The winter updates represent a leap forward for endpoint, detection and response functions along with advanced Antivirus capabilities. The enhancements will provide customers next-generation endpoint protection to stop breaches faster across the enterprise.
- CrowdStrike’s cloud-delivered Threat Graph offers customers a retrospective of cyber attacks, breaking the cycle of silent failure.
- CrowdStrike Falcon™ Host now allows customers to remediate attacks by using a new network containment feature.
- Next-generation Antivirus (AV) CryptoWall prevention offers CrowdStrike customers detection and protection capabilities to thwart these types of ransomware attacks.
- CrowdStrike Falcon™ Host expands cloud-based machine learning capability to enable blocking of known and unknown malware and adware.
- Two additional prevention methods are added to stop zero-day and known exploit based attacks.
- Customers can get the most out of Falcon Host by harnessing third-party intelligence with a new API to achieve tighter integration with their security information event management (SIEM) or related system.
- New cloud Antivirus and behavioral threat detection for Linux
CrowdStrike Threat Graph™ Powers Comprehensive Threat Detection, Prevention, and Managed Hunting
CrowdStrike’s fully cloud-based Threat Graph model is the brain behind a revolutionary approach to endpoint protection that analyzes and correlates billions of events in real-time, spots anomalies, and detects behavioral patterns to track and thwart known and unknown threats.
This model also allows Falcon Host to act like a ‘DVR,’ providing unparalleled levels of retrospective visibility and unlimited cloud-recall capabilities. This forensic capacity dramatically reduces the time and cost of incident response, while increasing the chances of containing and mitigating damage by allowing customers to search and query all endpoints in seconds.
Further Expansion of Falcon Platform APIs
With the expanded use of Falcon Platform’s APIs, customers can seamlessly integrate existing third-party intelligence and IOCs to maximize their current security investments, detecting and blocking attacks using all sources of Intelligence.
Second, the new Falcon Connector makes it easier than ever for customers to leverage Falcon Host data in any SIEM or related system. Falcon Connector seamlessly connects to the Threat Graph and safely transmits the Falcon Host API to the customer’s choice of systems in a variety of formats, making integration effortless.
Third, CrowdStrike now offers a new, API-focused service level of the Falcon Intelligence service. The new service, named Falcon Intelligence Standard, offers a broader range of customers the flexibility to use CrowdStrike intelligence as part of their protection strategy.
Augmenting Existing Antivirus Defenses to Combat Ransomware
Ransomware represents one of the most prevalent and damaging threats today to all sizes of organizations. CryptoWall is the most widespread ransomware malware family today and often defeats existing protection with seemingly ceaseless variations that evade defenses. By focusing on the behaviors of the CryptoWall malware family as opposed to specific threat signatures, Falcon Host’s new ransomware blocking feature neutralizes the attack despite its polymorphic nature.
CrowdStrike has witnessed a significant increase in the targeting of Linux systems by adversaries who realize that Linux is not monitored as closely as Windows-based infrastructure. The winter product release adds three new protection features to Falcon Host for Linux: 1) Linux-specific behavioral defenses based on indicators of attack; 2) Cloud Antivirus detections; 3) Custom threat detection through CrowdStrike’s managed hunt team, called Falcon Overwatch.
Brannon Lacey, general manager, Rackspace Managed Security
“As the first company to fully leverage the power of the cloud for endpoint security, CrowdStrike’s Falcon platform drives immediate time-to-value and greater scalability, functionality and effectiveness in detecting, preventing, and ultimately thwarting breaches without impacting business productivity. Their platform is a real game-changer in the endpoint protection category, driving forward the most compelling combination of next-generation Antivirus, EDR, and managed hunting.”
George Kurtz, CrowdStrike’s co-founder and chief executive officer
“The new features and capabilities announced today reflect a significant evolution of CrowdStrike Falcon towards a comprehensive endpoint protection platform that enables customers to stop breaches through a single integrated solution,” said George Kurtz, co-founder and chief executive officer of CrowdStrike. “Point products that only address a fraction of the barrage of malware and malware-free intrusions that organizations face today leave them vulnerable to attacks. The addition of advanced exploit blocking and next-generation Antivirus features to CrowdStrike Falcon drives unrivaled efficacy, speed, and scale of breach prevention capabilities for our customers.”
Dave Cole, CrowdStrike’s chief product officer
“Our enhancements of CrowdStrike’s Falcon Platform reflect our core customer value for redefining next generation endpoint protection to stop breaches,” said Dave Cole, CrowdStrike’s chief product officer. “Continuing to advance IoA-based prevention with ransomware exploit blocking and machine learning capability are just a couple of the new features that we are announcing today. Expanding CrowdStrike Falcon’s sensor coverage to Linux platforms, combined with our established support for Windows and Mac, is another significant market-leading accomplishment that allows us to provide protection across all mainstream endpoint operating systems. We are committed to continuing to build new innovative capabilities to change the game in endpoint security and ensure that CrowdStrike customers are able to protect themselves against all threats, known and unknown, in the most effective and efficient manner possible.”
Supporting Content Resources:
- Read a blog on today’s announcement by CrowdStrike chief executive officer George Kurtz: Are you more interested in stopping a breach or stopping malware?
- Find out more about the new Falcon Platform features from Dave Cole, chief product officer of CrowdStrike: CrowdStrike Winter Release: What is next-gen?
- Discover more details about the ransomware features in a blog by Dmitri Alperovitch, CrowdStrike’s chief technology officer: Can’t Protect Your Data from Ransomware? Think Again.
CrowdStrike is the leader in next-generation endpoint protection, threat intelligence and response services. CrowdStrike’s core technology, the Falcon platform, stops breaches by preventing and responding to all types of attacks – both malware and malware-free.
CrowdStrike has revolutionized endpoint protection by combining three crucial elements: next-generation AV, endpoint detection and response (EDR), and a 24/7 managed hunting service — all powered by intelligence and uniquely delivered via the cloud in a single integrated solution. Falcon uses the patented CrowdStrike Threat Graph™ to analyze and correlate billions of events in real time, providing complete protection and five-second visibility across all endpoints. Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies. CrowdStrike Falcon is currently deployed in more than 170 countries.
Find out how: www.crowdstrike.com