Cloud-delivered Endpoint Protection That Prevents Silent Failure
Regardless of how advanced our defenses are, there will always be a chance that attacks will slip through, causing a “silent failure.” Silent failure happens when a breach occurs without alarms being raised, allowing the attackers to dwell in an environment for days, weeks or even months. The solution to the silent failure issue is Endpoint Detection and Response, and that is why EDR has always been a part of Falcon Host. And we are not alone in this belief. Gartner is also recommending organizations consider EDR to help detect and respond to threats.
"Enterprises that know compromise is inevitable and are looking for endpoint-based approaches for advanced threat detection, investigation and response capabilities, should consider EDR solutions." — Neil MacDonald, VP Distinguished Analyst
CrowdStrike scored "Strong" in all End Point Detection and Response use cases evaluated in a comparative assessment called Comparison of Endpoint Detection and Response Technologies and Solutions published by leading analyst firm Gartner*. The use cases include:
- Incident Data Search and Investigation
- Alert triage or Suspicious Activity Validation
- Suspicious Activity Detection
- Threat Hunting or Data Exploration
- Stopping Malicious Activity
You can access the full report on Gartner's web site.
*Source: Gartner Comparison of Endpoint Detection and Response (EDR) Technologies and Solutions 2016 at https://www.gartner.com/doc/3343417/comparison-endpoint-detection-response-technologies (account required)
A Complete EDR Solution
Falcon Host includes an endpoint detection and response component that provides all of the capabilities laid out by Gartner. It records all activities of interest on an endpoint for deeper inspection — on the fly and after the fact — allowing users to quickly detect and investigate attacks that passed through traditional prevention mechanisms.
How EDR capabilities prevent silent failure and help you stop breaches
Discover and investigate current and historic endpoint activity in seconds.
Fast detection combined with understanding how the attackers proceeded enables fast, precise and efficient remediation.
Respond tactically as well as strategically to enhance Incident Response capabilities.
Deploys and becomes operational in hours with no hardware or storage costs.