June 1, 2017 - CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced, as part of its Spring release, new features of the CrowdStrike Falcon® platform custom-built for cloud providers and modern data centres, providing best-in-class prevention, detection and response for Windows, Linux or macOS servers, powered by artificial intelligence/machine learning.
The servers used in the modern-day data centre are faced with commodity, as well as advanced stealthy attacks. CrowdStrike Falcon leverages its industry-leading artificial intelligence/machine learning as well as industry-leading Indicator-of-Attack (IoA) behavioral analysis to bring real-time protection to servers whether on-premise, virtualised or in the cloud. As data centre or cloud deployments grow or evolve, with CrowdStrike Falcon, customers are freed from having to add additional management servers or controllers for endpoint protection.
With Falcon’s lightweight agent, customers can quickly and easily add end-to-end protection with instant zero reboot deployments, no performance impact or signature updates - all of which improve the performance of business-critical servers. CrowdStrike Falcon enables management of all systems, irrespective of their location, from a single console providing a consolidated view into all assets for the enterprise.
CrowdStrike Falcon supports all major platforms including Amazon AWS, Google Cloud Platform and Microsoft Azure. It also provides protection for guest OS hosted on all popular hypervisors and protects Windows, Linux and macOS guests with a kernel-mode agent. CrowdStrike Falcon allows for complete protection policy control, with full flexibility around policy deployment at the individual server, group or cloud platform/data centre levels. Irrespective of how a server is deployed, the security team retains complete visibility and the control required to prevent or contain the attack.
New and Enhanced Capabilities
CrowdStrike Falcon provides features critical to securing data centres, focused on control, visibility and complete protection:
Linux Kernel-mode Agent – Falcon Linux agent is now a full kernel-mode module, providing comprehensive real-time visibility from its high position in the kernel into key OS events. Amazon Linux Support – Falcon Linux agent now fully supports Amazon Linux distribution, a popular platform on Amazon Web Services (AWS).
Falcon Discover – Falcon Discover’s asset, application and user account visibility features help to optimise workloads, manage costs and audit/remove unauthorised accounts of systems deployed in the cloud, data centres and on-premise.
Falcon Data Replicator – Falcon Data Replicator provides real-time access to the raw event data stream, which customers can ingest into their local data lakes for correlation against event data collected from other systems. This opens up the full comprehensive dataset of more than 270 OS-level event types that Falcon Insight customers can now integrate into their own data analytics solutions.
AV-Comparatives has certified CrowdStrike Falcon for anti-malware and exploit protection and noted that Falcon can “help organisations efforts with respect to PCI, HIPAA, NIST and FFIEC compliance.”
“For a while now, within our highly complex environment, managing high-value systems required a choice between maximum protection and maximum performance — CrowdStrike has removed that dilemma,” said Anton Reynaldo Bonifacio, chief information security officer, Globe Telecom. “Adding best-in-class prevention, detection and response without increasing complexity has long been atop every CISO’s wish list. CrowdStrike Falcon is lightning fast to deploy and manage, and doesn’t slow down a single machine — on-premise, in the cloud, or anything in between.”
“With this Spring release, we continue to advance the Falcon platform to ensure customers can protect all of their systems, whether physical, virtual or cloud-based, with reduced complexity and improved performance,” said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer. “Many legacy AV solutions don’t provide sufficient visibility to enable threat hunting and forensic use cases, they poorly protect non-Windows environments, and are cumbersome and sometimes risky to deploy to cloud or hybrid cloud-based data centres. CrowdStrike Falcon addresses all of these pain points and adds scalability, efficacy, and speed.”
Recently named a Visionary in the 2017 Gartner Magic Quadrant for Endpoint Protection Platforms, CrowdStrike has set the new standard for endpoint security — providing organisations with the only solution that can prevent, detect, respond and hunt for attacks via a single lightweight agent. The platform has achieved impressive success in the market replacing not only legacy AV solutions, but also a variety of next-generation AV point products. CrowdStrike Falcon has been independently tested and proven as an effective AV replacement, including verification from testing with AV-Comparatives and SE Labs.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.