This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.


Experienced a Breach?


Contact Us for Pre and Post Incident Response Services


Detecting & Defeating Ransomware
The New Endpoint Epidemic

CrowdStrike Falcon™ Host and Ransomware

Cloud-delivered endpoint protection that stops online extortion

Ransomware is not new but its exponential growth curve has made it a pervasive threat to end users. This extortion-based category of cybercrime uses encryption to block access to select files on a compromised endpoint. In most cases, the only way to retrieve the encrypted files is to restore from a pre-existing backup, or pay a ransom which can vary from a few hundred up to a few thousand dollars, depending on the victims’ size and ability to pay. Ransomware prevention represents a significant security challenge because ransomware evolves constantly as cyber criminals refine their tools, techniques, and procedures.

How Ransomware Protection from CrowdStrike Works

Because attackers can and will shift their techniques, CrowdStrike’s next-generation endpoint protection solution, Falcon Host, uses an array of complementary prevention and detection methods:


Detect & Block known Ransomware

Exploit blocking to stop the execution and spread of ransomware via unpatched vulnerabilities

Machine learning for detection of previously unknown “zero-day” ransomware attacks

Indicators of Attacks (IOAs) to identify and block additional unknown ransomware, and protect against new categories of ransomware that do not use files to encrypt victim systems

Falcon Host uniquely combines these powerful methods into an integrated approach that protects endpoints more effectively against the menace of ransomware. This protection spans known and unknown ransomware -- and even prevents “file-less” ransomware that is invisible to conventional malware-centric defenses.

See How Falcon Host Detects Ransomware & Blocks it

Continuously Improving Ransomware Protection

Close collaboration between CrowdStrike’s detections, Falcon Overwatch and Falcon Intelligence teams provides you with continuous updates, including newly created Indicators of Attack (IOAs) and machine-learning algorithms that reflect and anticipate evolving ransomware techniques. This unique set of capabilities allows Falcon Host defenses to stay relevant against ransomware, even when attackers change their methods.


See How You Can Stop Breaches request a demo