CrowdStrikeFalcon uses machine learning, AI, behavior, and human eyes to detect, so it can detect not only known/unknown malware, but also advanced attacks such as fileless malware that are difficult to detect with conventional antivirus products.

• Click here for details of NGAV products [Falcon Prevent]
• Click here for details on EDR products [Falcon Insight]
• Click here for details of threat hunting products [Falcon OverWatch]
• Are you really okay with that EDR? [CrowdStrike Falcon] for EDR product operation
• Protect your company from advanced cyberattacks with NGAV! [Crowd Strike Falcon]

CrowdStrike Falcon's OverWatch monitors your environment 24 hours a day, 365 days a year, not only detects advanced threats that machines cannot detect, but also investigates the extent of impact and advises on countermeasures. Because of the monitoring system regardless of time, threats that landed outside business hours can also be detected.

• Click here for details of threat hunting products [Falcon OverWatch]

CrowdStrike Falcon records logs in the cloud in real time, so even if an attacker deletes traces from the terminal, it is possible to investigate the details of the incident such as the intrusion route. Process activities are visually displayed in chronological order, making it easy to understand the incident status.

• Click here for details of NGAV products [Falcon Prevent]
• Click here for details on EDR products [Falcon Insight]

CrowdStrike Falcon not only investigates by alert, but also aggregates alerts and investigates by incident, so the number of alerts can be reduced by more than 10 times and can be displayed, reducing the operational load. Furthermore, it is possible to grasp the horizontal deployment situation from terminal to terminal.

• Click here for details on EDR products [Falcon Insight]

Since CrowdStrike Falcon takes a SaaS approach, logs are recorded in the cloud in real time as long as the device is connected to the network, regardless of the location of the device. Real-time detection and blocking are also performed, so it is possible to reliably defend against threats even on terminals outside the company.

• Click here for details of NGAV products [Falcon Prevent]
• Click here for details on EDR products [Falcon Insight]

Attacks detected by Falcon Prevent are reliably blocked (file isolation, process termination, etc.), and by automatically linking with Falcon X, behavior analysis of files used in immediate attacks, identification of attackers, related Since the presence or absence of malware is checked, the response time is greatly reduced.

• Click here for details of NGAV products [Falcon Prevent]
• Click here for details of threat intelligence products [Falcon X]

Falcon USB Device Control can visualize device classes (types) used, manufacturers, and device trends. In addition, it is possible to control USB devices by specifying a policy (it can also be divided into groups), and even if it is blocked by a policy, it is possible to check which USB device was used, when and by which terminal.

• Click here for details on NGAV products [Falcon USB Device Control]

The asset management function of Falcon Discover not only visualizes what kind of assets the terminals/servers on which Falcon is installed are used, but also information on terminals on which Falcon is not installed. It is possible to find unmanaged terminals.

• Click here for details of IT asset management products [Falcon Discover]

The application visualization function of Falcon Discover visualizes the applications and versions installed on each terminal, so when an application vulnerability is announced, it is possible to investigate which terminal has the vulnerability. Possible. In addition, Spotlight automatically collects and visualizes vulnerabilities (CVE) and unapplied KB that exist in the terminal, so it is possible to visualize vulnerabilities in real time.

• Click here for details of IT asset management products [Falcon Discover]
• Click here for details of vulnerability management products [Falcon Spotlight]

Windows OS standard firewall can be managed from Falcon's management console. Set firewall policies via Falcon's agent for rapid rule enforcement across your environment.

• Click here for details on NGAV products [Falcon Firewall Management]

Falcon Identity Threat Protection/Detection learns authentication traffic in the deployment environment, making it possible to detect and block attacks against authentication (ID) that are difficult to detect and block using conventional AV/EDR.

• For details on ID protection products, click here [Falcon Identity Threat Protection/Detection]

Falcon Cloud Security provides visibility into cloud misconfigurations and protects cloud workloads, containers, and Kubernetes applications.

This module provides the following three functions:

CSPM (Cloud Security Posture Management)
Identifying cloud service misconfigurations (IOM) and suspicious behavior/attacks (IOA),
Compliance status can be checked.

CIEM (Cloud Infrastructure Entitlement Management)
Visualize and manage the permissions associated with IDs on cloud services.
It helps to identify IDs that have been granted excessive privileges and ensure proper use of privileges.

CWP (Cloud Workload Protection)
Cloud workloads, containers, and Kubernetes environments
Provides visibility and threat protection.

• For more information on cloud security products, please click here [Falcon Cloud Security]

Falcon Surface enables visualization of a customer's publicly-available IT assets and the associated risks and vulnerabilities, helping with customer IT operations and security measures.

Asset cleanup

• Monitor all assets exposed to the internet

Asset risk identification

• Scoring your entire environment and identifying priority assets for action

Visualize asset vulnerabilities

• Identification and visualization of vulnerabilities in vulnerable servers and NW devices

• For more information on EASM products, click here [Falcon Surface]