After almost two years of working in hybrid mode and widespread adoption of cloud services, 84% of IT security professionals consider terminal equipment to be the main target of cyber-attacks(1). However, traditional protection solutions do not meet the new requirements and challenges facing the enterprise environment. As proof, last year, 69% of companies faced security incidents as a direct result of adopting remote work, and their detection time increased to 146 hours (from 117 in 2020)(2).
CrowdStrike offers an EDR (Endpoint Detection and Response) solution for the protection of endpoints, by proactively blocking security breaches. The solution automatically collects and correlates data across all levels of security: workstations, email, server, cloud, and network, and covers both Windows, Mac, and multiple Linux distributions. To highlight these capabilities, Datanet Systems recently hosted a webinar that outlined working scenarios to block threats, manage vulnerabilities, and improve terminal equipment protection by using CrowdStrike Falcon.
CrowdStrike Falcon’s Advantages
„Market analysts appreciate that the Falcon platform differentiates itself in the field of terminal equipment protection by developing and integrating three key components: the next generation antivirus application, the powerful Endpoint Detection and Response solution, and the Threat Hunting services, available 24/7 through artificial intelligence technologies delivered from the CrowdStrike Cloud“, explained Mihai Pîrvu, pre-sales consultant Endpoint at Datanet Systems, during this webinar.
Falcon Insight – the Endpoint Detection and Response solution integrated into the Falcon Complete platform – is currently the most tested EDR application globally. CrowdStrike is the only developer of this type of solution, unanimously recognized as a market leader by Gartner, Forrester, and IDC (3).
Falcon Insight’s strengths are:
- Extended Visibility – Falcon Insight continuously monitors and records endpoint activity, allowing managers to know in real-time what threat it faces, whether at the device or organization level. Additionally, through the Incident Workbench, you get complete data on attack history, as well as detailed contextual information.
- Enhanced protection – CrowdStrike integrates advanced analytics capabilities to automatically detect potentially risky activities, stop attacks, and fix security breaches. At the same time, the Threat Hunting AI services delivered from CrowdStrike Security Cloud facilitate the proactive detection of threats.
- Increased operational efficiency – Falcon Insight accelerates and automates security operations, reducing the operational efforts required to manage alerts, investigation time, and attack response. The EDR component of the Falcon platform intelligently prioritizes incidents, depending on their level of criticality, and uses the MITRE ATT&CK framework to simplify response operations in the event of complex attacks.
Another competitive advantage of CrowdStrike is its compatibility with GDPR requirements, while storing the data on terminal equipment activity for up to 90 days for retroactive investigations and analyzes.
Watch the webinar’s video registration
To show how Falcon Insight’s capabilities can be exploited in real situations, the Datanet Systems’ specialist conducted a demonstration detailing how a real attack can be managed with the solution. Mihai Pîrvu presented the information provided by the EDR solution about the type, chronology, and trajectory of an attack, how the event detection filters can be defined, how the response measures can be automated through policies, etc.
The full presentation of the CrowdStrike Falcon platform and the demo made by the Datanet specialist can be viewed by accessing the full registration of the webinar „Advanced protection for endpoints with CrowdStrike Falcon“. (video below)
Datanet Systems, as part of Soitron Group, is an authorized CrowdStrike partner, and if you would like more technical information about Falcon solutions, please contact us at email@example.com.
1 – https://www.darkreading.com/attacks-breaches/endpoint-still-a-prime-target-for-attack
2 – https://www.crowdstrike.com/resources/reports/global-security-attitude-survey-2021/
3 – https://www.crowdstrike.com/why-crowdstrike/crowdstrike-industry-validation/