This document provides an overview of CrowdStrike's endpoint security solutions. It describes CrowdStrike as a cloud-based software as a service solution that provides next-generation antivirus, endpoint detection and response via machine learning. The document outlines CrowdStrike's features, including Falcon Prevent for NGAV, Falcon Insight for EDR/XDR, Falcon Overwatch for threat hunting, Falcon Discover for IT hygiene, and Falcon Spotlight for vulnerability management. It emphasizes how CrowdStrike solutions can improve security, reduce complexity and provide better protection against cyber threats.
2. 2022 CrowdStrike, Inc. All rights
reserved.
CrowdStrike is a SaaS (software as a
service) solution
CrowdStrike Falcon is a lightweight
solution and its cloud-based architecture
NGAV (next-generation anti-virus) offering
powered by machine learning and IOA to
ensure breaches are stopped before they
occur.
It’s provided an advanced EDR (endpoint
detection and response) solution
CROWDSTRIKE
FEATURES
2020 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
3. 2022 CrowdStrike, Inc. All rights
reserved.
Today’s
Security
Can’t Keep Up
Attack
Sophistication
Solution
Complexity
Skill
Shortages
2022 CrowdStrike, Inc. All rights
reserved.
4. 2022 CrowdStrike, Inc. All rights
reserved.
Why CrowdStrike
For endpoint protection
Zero
Impact
Maximum
Efficiency
Better
Protection
Adversary
Focused
Unparalleled
Visibility
2022 CrowdStrike, Inc. All rights reserved.
5. 2022 CrowdStrike, Inc. All rights
reserved.
Lateral
Movement
Collection Command
& Control
Exfiltration Impact
10
9
8
12
11
Initial
Access
Execution Persistence Privilege
Escalation
Defense
Evasion
Credential
Access
Discovery
1 2 3 4 5 6 7
Survival of the Fastest
MITRE ATT&CK PHASE
To stay
ahead you
must…
1 min
Detect In
10 min 60
min
Respond In
Breakout
Time
Investigate In
6. 2022 CrowdStrike, Inc. All rights
reserved.
162 Hours
Industry Avg, MTTR
Remediate
Investigate
Detect
35 Minutes
Falcon Complete, MTTR
Stop Adversaries Faster
98 Minutes
Avg Breakout Time
Attacker
Objective
Achieved
Initial access
Persistence Lateral Movement
Discovery
*Source: The 2021 CrowdStrike Cyber Front Lines
report.
Detect
Investigate
Remediate
Minutes matter.
8. 2022 CrowdStrike, Inc. All rights
reserved.
Falcon Endpoint Security ( NGAV&
XDR)
2020 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Falcon Prevent (NGAV)
Falocn Firewall management
Falcon Devices control
Falcon XDR (Include EDR)
Falcon Forensics
9. 2022 CrowdStrike, Inc. All rights
reserved.
Minimize complexity
Business Value
Improve protection
Reduce number of incidents
Improve user productivity – no user impact
Boost confidence: More third-party testing
than any other NGAV vendor
AI-powered Protection
Threat Intelligence
Exploit Blocking
IOA Behavioral Blocking
Next-Gen AV
Falcon
Prevent
10. 2022 CrowdStrike, Inc. All rights
reserved.
Reduce complexity
Business Value
Simplify management of host
firewalls native to the operating
system
Enhance protection
Gain instant visibility
Consolidate management
Speed troubleshooting
Create & Manage
Polices with Ease
Instant Visibility
Frictionless Management
Operational in Minutes
Firewall
Falcon
Firewall
Managem
ent
11. 2022 CrowdStrike, Inc. All rights
reserved.
Reduce risk with precise control over USB
usage
Business Value
Protection from removable device risks
Visibility into specific USB device events
Consolidated
management – same
console and agent
Assess and respond to incidents faster
Granular
Enforcement &
Control
Real-Time Visibility
Frictionless Management
Effortless Deployment
Visibility & Control
Falcon
Device
Control
12. 2022 CrowdStrike, Inc. All rights
reserved.
Gain context and intelligence
Business Value
Detect advanced threats automatically
Capture critical details for threat hunting and
forensic investigations
Respond and remediate with confidence
Streamline operations
Stop the breach
Record Everything
In-depth Automated
Analysis
Threat Hunting
Real-time Response
& Containment
Endpoint Detection & Response
Falcon
Insight
13. 2022 CrowdStrike, Inc. All rights
reserved.
Blocked by on-sensor
Machine Learning
1
Understand the full attack
2
View the entire flow of attack,
step by step
3
Understand the
adversary and take
action
4
2
4
3
1
How it works: Detection to action with endpoint
protection
17. 2022 CrowdStrike, Inc. All rights
reserved.
Forensic Artifact Collection & Analysis
Falcon Forensics
2020 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
One Solution
Preset
Dashboards
Large Scale
Deployment
BUSINESS VALUE
Robust Analysis
Deploy across large-scale
enterprises
Eliminate full disk scanning, rely
on dissolvable executable to
minimize impact
Enhance skills without
lengthy queries
Streamline data collection and
analysis to a single solution
18. 2022 CrowdStrike, Inc. All rights
reserved.
Security & IT
Operation
2020 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Falcon Discover
Falcon Spotlight
Falcon File Vantage
Identity
Protection
Falcon ITD
Falcon ITP
19. 2022 CrowdStrike, Inc. All rights
reserved.
FALCON DISCOVER
Real-time visibility and monitoring into all
your applications, assets and accounts.
CROWDSTRIKE
20. 2022 CrowdStrike, Inc. All rights
reserved.
IMAGE
See potential blind spots
in your environment via
streaming telemetry.
Get continuous visibility
into what accounts,
applications, and assets
are running.
Dive into the data to
manage and pinpoint
suspicious activity.
CROWDSTRIKE
HOW FALCON
DISCOVER WORKS
21. 2022 CrowdStrike, Inc. All rights
reserved.
Asset Inventory
Use the Asset
Inventory dashboard
for fast detailed
information.
CROWDSTRIKE
23. 2022 CrowdStrike, Inc. All rights
reserved.
IT Hygiene
falcon discover
Always
Current
Application
Usage
Asset and
Firmware
Inventory
BUSINESS VALUE
Privileged
Account
Monitoring
Reduce licensing costs
Minimize risk associated with
rogue users, apps, and systems
Eliminate burden of
unmanaged assets
Reduce cost of endpoint
inspections
24. 2022 CrowdStrike, Inc. All rights
reserved.
Fast, effective vulnerability management
2018 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
FALCON SPOTLIGHT
25. 2022 CrowdStrike, Inc. All rights
reserved.
• Cloud-native vulnerability
management
• No new agents
• No new infrastructure
• No scans to manage
• Coverage regardless of network
presence
FALCON SPOTLIGHT
SIMPLICITY
2019 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
26. 2022 CrowdStrike, Inc. All rights
reserved.
NEW: EXPANDED VULNERABILITY
VISIBILITY
Windows desktop
applications
Server software
Development tools
Value: More complete picture
of risks in your organization
2018 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
27. 2022 CrowdStrike, Inc. All rights
reserved.
Vulnerability MANAGEMENT
FALCON SPOTLIGHT
2019 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Scanless
Technology
Integrated Threat
and Vulnerability
Workflows
Visibility from OS
to BIOS, On- and
Off-prem
BUSINESS VALUE
Simplicity
Timely Knowledge,
On-Demand
Zero Impact
Holistic Protection
No Scanners,
No New Agents
Fast and Effective
Vulnerability Management
28. 2022 CrowdStrike, Inc. All rights
reserved.
FALCON FILEVANTAGE (File integrity monitoring)
Meet compliance
requirements
Optimize your
security team’s
efficiency
Use your existing
sensor
29. 2022 CrowdStrike, Inc. All rights
reserved.
FEATURES- FALCON FILEVANTAGE
Pre-built default rule groups
can be copied and modified
for quicker configuration and
deployment of policies for
critical file locations
Initiate workflows in response
to detected file changes
Monitor critical files, folders
and registries for
modification
Monitoring andVisibility Workflows Integration
Speed ofConfiguration
30. 2022 CrowdStrike, Inc. All rights
reserved.
TRIGGER
FILEVANTAGE WORKFLOW COMPONENTS
Windows Registry Key Change
Directory Change
Windows Registry Value change
File change
ACTION
Email
Slack
PagerDuty
Webhook
MS Teams
ServiceNow
RTR
Network Contain
Get
ServiceNow CI
Computer
CONDITION
Specified changes
depending on selected
trigger
31. 2022 CrowdStrike, Inc. All rights
reserved.
3 Simple Steps to replace your legacy endpoint security with the Falcon
platform
Financial Institution
77,000 AGENTS
1 DAY
Technology Company
55,000 AGENTS
5 DAYS
Financial Institution
300,000 AGENTS
90 DAYS
Hospitality Chain
40,000 AGENT
5 DAYS
Install the
Falcon Agent
Verify the
installation
Remove legacy
products
No scanning
No reboot
No fine-tuning,
rule writing
No infrastructure
setup
No signatures
updates
1 2 3
32. 2022 CrowdStrike, Inc. All rights
reserved.
One Agent,
Full Visibility
PREVENT • PREDICT • DETECT • RESPOND
Falcon Agent
User Accounts
Active Directory
3rd Parties
Identity
Workstations
Servers
Mobile
IOT
Endpoint
2022 CrowdStrike, Inc. All rights
reserved.
Cloud
Containers
Workloads
Data Centers
33. 2022 CrowdStrike, Inc. All rights
reserved.
Move to
CrowdStrike
• True turnkey solution, deploy in a day
• Effortless scalability
Time to
Value
• Leading experts in threat hunting
• Tenacious, fully-managed protection,
investigation, and response
World-Class
Expertise
• Dynamic, universal lightweight agent
• Flexible, cloud-native architecture
• Advanced AI/ML starting on the agent
Adaptive
Performance
• Industry-adopted threat research and
taxonomy
• Intel front-and-center in every product
Adversary
Focused
• Complete security suite across endpoints,
clouds, identities, and data
• Security data at unprecedented scale
• Multi-domain orchestration and automation
End-to-End
Protection
35. 2022 CrowdStrike, Inc. All rights
reserved.
Why log more for longer?
HISTORICAL
INVESTIGATION
RETENTION
COMPLIANCE
CUSTOM
ALERTING
2021 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
COST AND COMPLEXITY
WHY NOT?
36. 2022 CrowdStrike, Inc. All rights
reserved.
WHY OUR CUSTOMERS USE HUMIO?
IMPROVE RESPONSE
INCREASE
PRODUCTIVITY
REDUCE COST
37. 2022 CrowdStrike, Inc. All rights
reserved.
WHY ORGANIZATIONS DON’T KEEP WORKLOAD LOGS FOR LONG?
Complex,
doesn’t scale,
and slow
Expensive for
both infra &
licensing
Too selective
and short
term
E.L.K.? SIEM?
Splunk?
38. 2022 CrowdStrike, Inc. All rights
reserved.
Humio for falcon
Workload log aggregation
Long Term
Workload Log
Retention
Prebuilt Falcon
Integration
Package
Immediate
Complex Query &
Alerts
Lower Cost of
Ownership
Reduce risk by retaining
visibility
Reduce infrastructure complexity
BUSINESS VALUE
Threat hunting and troubleshooting
at speed & scale
2021 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Reduce Cost
Meet retention compliance
42. 2022 CrowdStrike, Inc. All rights
reserved.
CrowdStrike Feature Set (License Term)
2022 CrowdStrike, Inc. All rights reserved.
Sl.No Feature Set (License Term) Description
1 CrowdStrike Prevent / NGAV
Crowdstrike NGAV protects endpoints against all types of attacks from
commodity malware to sophisticated attacks — even when offline.
2 CrowdStrike Insight (EDR)/ CrowdStrike Insight (XDR)/
EDR helps to analyses the data in real time to automatically identify threat
activity, enabling it to both detect and prevent advanced threats as they happen.
3 CrowdStrike Overwatch or Threat Hunting
Overwatch or Threat hunting provides deep and continuous human analysis in
24/7*365 to relentlessly hunt against the detections
4 Falcon Discover or IT Hygiene
Falcon Discover or IT Hygiene monitors and inventories systems, application
usage and user account usage in real time.
5 CrowdStrike spotlight or vulnerability management
CrowdStrike Spotlight offers security teams a real-time assessment of
vulnerability exposure on their endpoints that is always current.
43. 2022 CrowdStrike, Inc. All rights
reserved.
Trusted by
Customers
Everywhere
65 of 100
The Fortune 100
254 of 500
The Fortune 500
15 of the Top 20
Global Banks
5 of the Top 10
Largest Healthcare Providers
7 of the Top 10
Largest Energy Institutions
“CrowdStrike Falcon is one of
the most important tools in
my organization's security
toolbox.”
in Endpoint Protection
Platforms
Highest Ratings
4.9/
5
4.8/
5
in EDR
2022 CrowdStrike, Inc. All rights
reserved.