![]() ![]() If a threat is encountered, it will display a brief notification message explaining actions taken (such as a block or quarantine of a malicious action or file). The software runs silently with no user interface or icons. This will allow faculty, staff and students to protect their home computers using the same technology currently in place for Duke-owned computers.įalcon Prevent for Home Use is designed to work alongside existing anti-virus solutions (such as Windows Defender Antivirus) and can be installed on multiple machines in a household. In an effort to help protect faculty, staff and students working from home, Duke has partnered with CrowdStrike to pilot Falcon Prevent for Home Use, a next-generation anti-virus solution designed to protect personal computers against malware, ransomware, and other cyber threats.ĭuke is offering the CrowdStrike anti-virus software free for personal computers for a limited time and on a voluntary basis. Sean Michael Kerner is a senior editor at eWEEK and . “We’re tracking all filesystem and network activity so while we don’t necessarily know what’s in a document, we can provide organizations with visibility into everything that is happening.” “One of the main use cases for DLP is trying to track and prevent a user from trying to exfiltrate data from a company via a USB key or a cloud service,” Alperovitch said. While Falcon doesn’t perform the traditional DLP role of scanning data, looking for sensitive information, Alperovitch said it does provide insight into application and file usage by users. One of the things that Falcon does not directly provide is data loss prevention (DLP) technology. Alperovitch sees Falcon Discover helping organizations meet compliance requirements. The system can report on how often the privileged accounts are used and where, as well as how often passwords are updated. “That can help organizations find rogue devices.”įalcon Discover also has the ability to monitor privileged accounts, tracking administrative accounts cross an organization. “One of the things Falcon can do is probe a network and see what other systems are running that do not have a Falcon sensor and are therefore unprotected,” he said. The application usage information can be used for software licensing purposes as well as to help identify potentially unmanaged assets. ![]() Since the Falcon sensors are already collecting detailed information on all processes running across an organization, CrowdStrike is able to understand application usage, according to Alperovitch. “EDR is about threat detection, but it’s also about reporting everything that takes place, allowing organizations to hunt for threats from the data and then take sophisticated response actions.”įalcon Discover is a new module in CrowdStrike’s platform that provides application discovery and usage visibility. ![]() ![]() “AV is all about detecting and blocking threats,” he said. Alperovitch explained that CrowdStrike is now making AV replacement with Falcon Prevent its own module, separate from the EDR capabilities. Prior to the new update, CrowdStrike had included its AV replacement technology as part of the Falcon Host module. “It provides offline protection for customers that need AV replacement.” “We have had machine learning in our cloud for a number of years, but now we’re putting it on the endpoint sensor,” Alperovitch said. It is being improved with machine learning capabilities that can help to protect endpoints even when they aren’t connected to the cloud. The Falcon Prevent module is CrowdStrike’s AV replacement technology. The realigned platform now includes the Falcon Prevent AV replacement module, Falcon Insight Endpoint Detection and Response, Falcon Discover for application usage inventory, Falcon Intelligence for malware analysis and Falcon OverWatch for managed threat hunting. The Falcon platform combines an endpoint agent with CrowdStrike’s cloud service, providing advanced analytics and dashboard capabilities. “What we have with the Falcon platform now is the ability to do AV replacement EDR and provide integrated security intelligence, all from a single agent,” CrowdStrike co-founder and CTO Dmitri Alperovitch told eWEEK. 13, repackaging capabilities and providing organizations with new features that can replace and extend beyond legacy antivirus (AV) technologies. Learn More.ĬrowdStrike updated its Falcon security platform on Feb. We may make money when you click on links to our partners. EWEEK content and product recommendations are editorially independent. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |