CrowdStrike Falcon Surface: External Attack Surface Management

The industry’s most complete adversary-driven external attack surface management (EASM) technology that stops breaches by minimizing risk from exposed assets

Why Falcon Surface

Shut down security gaps with an outside-in view of the enterprise attack surface

Continuously discover and map all internet-facing assets to shut down potential exposure with guided mitigation plans to reduce the attack surface.

Prioritize attack surface risks with the world’s deepest adversary intelligence and AI-powered insights

Pinpoint the most critical exposures with prioritized insights based on CrowdStrike’s industry-leading threat intelligence and AI-powered attack surface analytics.

Reduce risk with the industry’s most comprehensive SecOps suite

Extend visibility and protection from the outside-in to the inside-out with the holistic CrowdStrike Falcon® platform, which includes real time vulnerability management, and robust IT hygiene, enabling security teams to respond to threats faster.

Key capabilities

Continuous exposure monitoring

Falcon Surface continuously maps the entire internet to discover and eliminate known and unknown exposures, shadow IT risks and supply chain threats across any environment.

  • Get an adversary’s perspective on your attack surface with a unified, always up-to-date map of exposed assets.
  • Maintain an automated, real-time asset inventory, including known and unknown assets, dramatically reducing response time.
  • Discover and attribute all external assets owned by your enterprise to cut false positives and guide precise action, unlike traditional EASM approaches based on open-source tools.
Continuous exposure

Context-based risk prioritization

Prioritize attack surface risks based on CrowdStrike’s industry-leading threat intelligence and AI-powered attack surface insights. Find the most critical exposures based on risk and business context to determine what needs to be addressed first.

  • Prioritize exposure risks based on the enterprise’s industry, attack history, geolocation, asset type, CVE score, custom rules and more to quickly eliminate the risks that have the biggest impact on your security posture.
  • Automatically maintain an always-up-to-date asset inventory that includes newly added, changed and removed assets, as well as full historical context, to continuously reduce organizational risk.
  • Streamline alerting and action with built-in integrations that enable teams to activate playbooks, push data into workflows and quickly resolve issues using Slack, ServiceNow, Jira and other systems.
Context based risk prioritization

Guided remediation to reduce risk

Falcon Surface automatically creates easy-to-implement, actionable mitigation playbooks that empower IT and security teams to minimize the external attack surface and shut down external exposure.

  • Accelerate response with automated mitigation playbooks that guide customers through version updates, installations, global security standard recommendations, and best practices for hardening services and infrastructure.
  • Track remediation progress and understand where things stand by continuously monitoring assets to validate their posture and status.
  • Align security and IT teams, increase efficiency and boost collaboration with quick-to-implement remediation steps to apply for vulnerability mitigation.
Guided remediation

Close security gaps introduced by:

  • Exposed sensitive services and S3 objects
  • RCE vulnerabilities
  • Vulnerable and outdated software
  • Access control issues
  • Cryptographic issues and configuration issues
  • Phishing risks
  • Potential DDoS
  • Misconfigured servers/services
  • CDN bypass, and many more
Platform screenshot