product
- What you can do with CrowdStrike
- Each module provided by CrowdStrike
- NGAV(Prevent/USB/FW)
- EDR(Falcon Insight)
- Threat Hunting (OverWatch)
- IT Asset Management (Discover)
- Vulnerability Management (Spotlight)
- Threat Intelligence (Intelligence/Sandbox)
- Identity Protection (ITD/ITP)
- Cloud Security (CNAPP)
- EASM(Surface)
service
Application for evaluation machine
- FAQ
CrowdStrike
CrowdStrike
Solutions provided by CrowdStrike
Various issues surrounding the IT environment in companies that bother the person in charge
- Inability to spot advanced attacks such as fileless malware
- Sophisticated attacks that are difficult to detect are increasing, but we do not have a monitoring system at 24365
- When an incident occurs, the attack route is unclear and cannot be identified
- When an incident occurs, it is impossible to grasp the situation of lateral expansion (spread of infection)
- Due to the promotion of telework, security cannot be guaranteed with perimeter defense products
- It takes time to deal with incidents
- Unable to control USB and understand how it is used
- You want to install a security product on all terminals, but you do not know which terminals are not managed
- Not knowing how many vulnerabilities exist within the company
- The firewall settings of the terminal cannot be managed collectively
CrowdStrikeFalcon uses machine learning, AI, behavior, and human eyes to detect, so it can detect not only known/unknown malware, but also advanced attacks such as fileless malware that are difficult to detect with conventional antivirus products.
- Click here for details of NGAV products [Falcon Prevent]
- Click here for details on EDR products [Falcon Insight]
- Click here for details of threat hunting products [Falcon OverWatch]
- Are you really okay with that EDR? [CrowdStrike Falcon] for EDR product operation
- Protect your company from advanced cyberattacks with NGAV! [Crowd Strike Falcon]
CrowdStrike Falcon's OverWatch monitors your environment 24 hours a day, 365 days a year, not only detects advanced threats that machines cannot detect, but also investigates the extent of impact and advises on countermeasures. Because of the monitoring system regardless of time, threats that landed outside business hours can also be detected.
CrowdStrike Falcon records logs in the cloud in real time, so even if an attacker deletes traces from the terminal, it is possible to investigate the details of the incident such as the intrusion route. Process activities are visually displayed in chronological order, making it easy to understand the incident status.
CrowdStrike Falcon not only investigates by alert, but also aggregates alerts and investigates by incident, so the number of alerts can be reduced by more than 10 times and can be displayed, reducing the operational load. Furthermore, it is possible to grasp the horizontal deployment situation from terminal to terminal.
Since CrowdStrike Falcon takes a SaaS approach, logs are recorded in the cloud in real time as long as the device is connected to the network, regardless of the location of the device. Real-time detection and blocking are also performed, so it is possible to reliably defend against threats even on terminals outside the company.
Attacks detected by Falcon Prevent are reliably blocked (file isolation, process termination, etc.), and by automatically linking with Falcon X, behavior analysis of files used in immediate attacks, identification of attackers, related Since the presence or absence of malware is checked, the response time is greatly reduced.
Falcon USB Device Control can visualize device classes (types) used, manufacturers, and device trends. In addition, it is possible to control USB devices by specifying a policy (it can also be divided into groups), and even if it is blocked by a policy, it is possible to check which USB device was used, when and by which terminal.
The asset management function of Falcon Discover not only visualizes what kind of assets the terminals/servers on which Falcon is installed are used, but also information on terminals on which Falcon is not installed. It is possible to find unmanaged terminals.
The application visualization function of Falcon Discover visualizes the applications and versions installed on each terminal, so when an application vulnerability is announced, it is possible to investigate which terminal has the vulnerability. Possible. In addition, Spotlight automatically collects and visualizes vulnerabilities (CVE) and unapplied KB that exist in the terminal, so it is possible to visualize vulnerabilities in real time.
Windows OS standard firewall can be managed from Falcon's management console. Set firewall policies via Falcon's agent for rapid rule enforcement across your environment.
Inquiry/Document request
In charge of Macnica CrowdStrike Co., Ltd.
- TEL:045-476-2010
- E-mail:crowdstrike_info@macnica.co.jp
Mon-Fri 8:45-17:30