crowdstrike falcon - rexwescombe
Advanced Threat Protection

CrowdStrike Falcon Insight: Endpoint Detection and Response (EDR)

June 20, 2021

Continuous monitoring captures endpoint activity so you know exactly what’s happening – from a threat on a single endpoint to the threat level of the organization. Falcon Insight delivers visibility and in-depth analysis to automatically detect suspicious activity and ensure stealthy attacks – and breaches – are stopped. Falcon Insight accelerates security operations, allowing users to minimize efforts spent handling alerts and quickly investigate and respond to attacks.

Full-spectrum Visibility In Real Time

  • Continuous raw event recording provides unparalleled visibility\
  • Enable threat hunting – proactive and managed – with full endpoint activity details
  • Unravels entire attack in the easy-to-use Incident Workbench enriched with context and threat intelligence data
  • See the big picture, in real time. Delivers situational awareness on the current threat level of the organization, and how it’s changing over time.
  • Understand endpoint security posture and take recommended actions to reduce risk. Share assessment scores with CrowdStrike zero trust ecosystem partners for real-time conditional access enforcement.
 

Simplify Detection and Resolution

  • Intelligent EDR automatically detects and intelligently prioritizes malicious and attacker activity
  • Powerful response actions allow you to contain and investigate compromised systems, including on-the-fly remote access to take immediate action
  • Quick search returns threat hunting and investigation query results in five seconds or less
  • Mapping alerts to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework helps you understand even the most complex detections at a glance

Maximum Security Efficiency

  • Improve response times when you eliminate information overload and distill security alerts into incidents, reducing alert fatigue by 90% or more
  • Smart prioritization automates triage and shows you what deserves attention first
  • Speed investigation with rich context, intelligent visualizations, and collaboration
  • Broad set of easy-to-use APIs provide interoperability with other security platforms and tools

The Power of the Cloud

  • Reduce cost and complexity when you eliminate constant signature updates, on-premises infrastructure or complex integrations.
  • Protection of the crowd allows everyone to be protected against a threat – wherever it’s encountered
  • Restore endpoint performance with installation and day-to-day operation that bears zero impact on endpoints — even when analyzing and searching.
  • Works on Day One – deploys and is operational in minutes. Automatically scales for growth and change

You Might Also Like...