CrowdStrike Falcon with next-gen AV protects your Mac-based organization
If your organization has moved to a Mac-based platform, or are considering it, you may be aware that threats targeting Mac devices are on the rise. A new webcast from CrowdStrike, "Defending Against Threats Targeting the Mac Platform" discusses how the increase in Mac adoptions has given rise to a new class of targeted threats and explains why standard security solutions can't protect you.
In this CrowdCast, Peter Ingebrigtsen, as discussed why more companies are switching to the Mac platform, the new threats targeting Macs, and what you can do to better protect your organization.
Download the slides to learn:
Why more IT departments are switching to the Mac platform
How new threats targeting Macs are able to bypass standard security measures
How CrowdStrike's next-gen AV employs machine learning and behavioral analytics to defend against threats aimed at the Mac platform
On-Demand CrowdCast Link: https://www.crowdstrike.com/resources/crowdcasts/defending-threats-targeting-mac-platform/
3. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
MAC IN THE OFFICE
§ 91% of Enterprise
organizations use Mac
§ The growth and adoption of
Macs is growing in 74% of
organizations
§ The BYOD movement is
widening to become a BYO
Platform
4. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
EMPLOYEE CHOICE
§ 44% of organization offer
choice between a Mac and PC
§ Increased productivity when
employees choose
§ According to IBM’s internal
survey, 73 percent of
employees want a Mac as
their next computer.
5. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
SUPPORTING MAC
63%Say it’s as easy or easier,
in general, to support a
Mac than a PC
58%Say it’s as easy or easier
to configure a Mac than
its counterpart the PC
66%Say it’s as easy or easier
to maintain a secure
environment on the Mac
versus a PC
Managing apple devices in the enterprise report - JAMF report 2016
8. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
GROWING THREATS TO MAC
0
5000
10000
15000
20000
25000
30000
35000
40000
45000
50000
2015
Jan
2015
March
2015
June
2015
Sept.
2016
Jan
2016
March
2016
June
2016
Sept.
2017
Jan
2017
March
Mac File Submissions to VirusTotal
Data collected from VirusTotal Intelligence
11. CURRENT MAC PROTECTION
Built in AV protection (xProtect)
Unknown, APTs, File-less, Exploits
?
Limit Exposure (Gatekeeper)
12. WHAT WE DO
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
WE STOP BREACHES
13. FALCON PLATFORM
THE POWER OF ONE LIGHTWEIGHT AGENT
API
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
NEXT-GEN
ANTIVIRUS
IT
HYGIENE
ENDPOINT DETECTION
AND RESPONSE
THREAT
INTEL
MANAGED
HUNTING
14. THE POWER OF ONE LIGHTWEIGHT AGENT
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
API
INTELOVERWATCHPREVENTDISCOVER INSIGHT
FALCON PLATFORM
CLOUD-DELIVERED ENDPOINT PROTECTION
FALCON OVERWATCH
FALCON INSIGHT
FALCON DISCOVER
FALCON PREVENT
FALCON INTEL
16. MAC PREVENTION FEATURES
Block known Bad Machine Learning IOA Behavioral Blocking
• Blacklisting
• Whitelisting
• Import and
protect using
industry IOCs
• Block new and
unknown
threats
• No need to
update
signature files
• Identify
malicious
patterns for
greater threat
visibility
• Identify APTs
• Exploit
prevention
17. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
SUSPICIOUS PATTERNS
IOA Behavioral Blocking
Indicators of Attack
§ A user is attempting to locally elevate
privileges by modifying a root binary
§ A user's password hash was dumped
§ A command was run that is associated with
Chopper web shell activity
§ Command prompt in subtree beneath a
browser renderer process
18. MAC PREVENTION FEATURES
Block known Bad Machine Learning IOA Behavioral Blocking OverWatch
• Blacklisting
• Whitelisting
• Import and
protect using
industry IOCs
• Block new and
unknown
threats
• No need to
update
signature files
• Identify
malicious
patterns for
greater threat
visibility
• Identify APTs
• Exploit
prevention
• Expert hunters
constantly
watching your
organization
• Community
Immunity
• Stop the
”mega-breach”
19. Force Multiplier
Community
Immunity
Reduce Alert Fatigue:
Focus on What Matters
Stop the
“Mega” Breach
MANAGED HUNTING – FALCON
OVERWATCH
BUSINESS VALUE
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
FINDING THE ADVERSARY
So You Don’t Have To
24x7
BREACH PREVENTION
SERVICES
Team of Hunters
Working for You
Alert
Prioritize
Hunt
Respond
20. PREVENTS ALL
TYPES OF ATTACKS
Protect against Known/
Unknown Malware
Protect Against
Zero-Day Attacks
Eliminate Ransomware
No Signature Updates
No User Impact—Less than
1% CPU overhead
BUSINESS VALUE
NEXT-GEN AV – FALCON PREVENT
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Machine
Learning
IOA
Behavioral
Blocking
Block
Known Bad
Overwatch
21. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
Questions?
Please submit all questions in the Q&A chat
right below the presentation slides
Contact Us
Additional Information
Join Weekly Demos
crowdstrike.com/productdemos
Upcoming CrowdCast
Proactive Hunting – April 26th
(Link in Resource List)
Website: crowdstrike.com
Email: info@crowdstrike.com
Number: 1.888.512.8902 (US)