CrowdStrike Falcon for Healthcare FAQ Learn More About Next-Generation Endpoint Protection What is the CrowdStrike Falcon® platform? The CrowdStrike Falcon platform is the only cloud-delivered solution that unifies IT hygiene, next-generation antivirus (NGAV), endpoint detection and response (EDR), managed threat hunting, and threat intelligence — all enabled via a single lightweight agent. Using its purpose-built cloud-native architecture, the Falcon platform collects and analyzes more than 60 billion endpoint events per day from millions of agents. Learn more about the Falcon platform Where can I deploy CrowdStrike Falcon? CrowdStrike Falcon requires zero on-premises equipment and deploys on any endpoint in seconds, with zero reboots or endpoint performance impact. Falcon scales across your organization’s endpoints and virtual data environments – whether on-premises, virtual, or hybrid – and operates on Windows, MacOS, and Linux. See A Demo How does CrowdStrike Falcon protect my organization against ransomware? CrowdStrike Falcon blocks known and unknown malware, leveraging machine learning for detection of previously unknown, or zero-day ransomware, along with exploit blocking to stop the execution and spread of ransomware. Indicator of attack (IOA) technology provides behavioral-based prevention that proactively stops attacks before they can be fully implemented. As part of CrowdStrike Services, the Ransomware Advisory offering helps organizations prepare their critical systems to prevent a ransomware attack, and also assists organizations in dealing with a ransomware attack that has already occurred. Read the Ransomware White Paper Can I deploy CrowdStrike if I have a security solution already deployed and in use? Yes, CrowdStrike Falcon can either replace or complement your existing security tools. The Falcon platform has an extensive API offering that allows you to integrate your existing tools with the CrowdStrike Falcon platform. This enables you to leverage your previous investments and design an approach that best meets your requirements. See CrowdStrike’s cloud-native architecture Can CrowdStrike Falcon assist me with HIPAA compliance? The CrowdStrike Falcon platform has been independently validated to assist healthcare organizations with HIPAA compliance by Coalfire, a leading assessor of HIPAA compliance readiness. Coalfire’s validation is documented in a report where they state, “The CrowdStrike Falcon platform capabilities in detection and responding to threats, and associated collection of activities, makes CrowdStrike a suitable solution for addressing a number of key technical requirements in the HIPAA Security and Privacy Rules.” Read the CoalFire report Does CrowdStrike reduce the dwell time of attackers in my environment? Yes, CrowdStrike’s endpoint detection and response (EDR) solution, Falcon Insight™, lets you see real-time and historical event data on every endpoint in your organization. Insight also flags potentially malicious processes executing in your environment which indicate an attacker may be present. From there, you can immediately contain potential intruders, and elevate an incident to the CrowdStrike Services team, if necessary. CrowdStrike was named a “Visionary” in Gartner MQ for Endpoint Protection Platforms Can I stop privilege misuse within my organization by deploying CrowdStrike Falcon? Yes, the EDR and IT hygiene capabilities of CrowdStrike Falcon give you complete visibility into your endpoint environment, identifying insider threats before they become a breach. Falcon’s Insight EDR solution monitors and identifies potentially malicious activities, flagging them for your security staff. Insight enables five-second search and network containment capabilities, so internal and external threats can be addressed in real time. Falcon Discover™, CrowdStrike’s IT hygiene solution, provides real-time visibility into who and what are operating on your network. It enables you to stop misuse by insiders or intruders, by allowing you to see which users are operating on specific endpoints within your data environment, as well as revealing detailed administrator account usage and password management details. Watch a demo How can CrowdStrike help support my security team? As part of the Falcon platform, CrowdStrike’s 24/7 managed hunting service, Falcon OverWatch™, provides a team of highly skilled security experts who proactively hunt for malicious activities and applications within your data environment. You can also get assistance from CrowdStrike Services, a team of experienced security consultants that can increase your organization’s security resiliency with assessments, red team/blue team penetration tests and the development or maturing of your incident response plan. They will ensure that you’re always ready to defend against the next attack. Does CrowdStrike protect against Petya/NotPetya? Yes, Falcon endpoint protection was able to block the initial Petya/NotPetya attack and subsequent propagation attempts with both machine learning and behavioral protection. Falcon Prevent™ and Falcon endpoint protection customers can enable this protection with machine learning engine settings to ensure potentially suspicious processes are stopped. Learn how CrowdStrike protects against the NotPetya attack Can CrowdStrike help healthcare organizations enhance and assess their in-house security capabilities? Yes, gaps exist in knowledge and expertise across many medical organizations. The CrowdStrike falcon platform enhances your security expertise with a 24×7 managed threat hunting service enabled by the powerful, lightweight Falcon Agent. This team identifies and stops new and emerging threats to healthcare organizations, providing total security around the clock. CrowdStrike Services can augment in-house IT staff with experts who have a track record of success in proactive planning using risk assessments. A CrowdStrike compromise assessment will identify if an adversary has already breached your organization’s security defenses and quickly identify and eject the attacker. The cybersecurity maturity assessment examines your organization’s people, processes and tools to identify any gaps in your organization’s security apparatus so they can be addressed.