CrowdStrike Falcon Platform: All Modules

• Protects against a full spectrum of attacks without requiring daily and cumbersome signature database updates.
• Combines the best threat prevention technologies, including machine learning, Artificial Intelligence (AI), Indicators of Attack (IOA), exploit blocking, and more.
• Fills the gaps left by traditional AV solutions and provides full protection for endpoints, both online and offline.
• Unlike the EDR solution (Falcon Insight), it displays detections at the level of individual endpoints.

• Prevents sophisticated attacks by collecting raw metadata on events for automatic detection of malicious activities, offering unparalleled process visibility, proactive threat hunting, and forensic investigations.
• Breaks down the entire attack into a user-friendly Incident Workbench, enriched with context and threat intelligence data.
• Ensures powerful response capabilities, including isolation, investigation, and recovery of compromised endpoints.

• The XDR concept is implemented by collecting data from third-party systems (NGFW, NDR, Identity Protection, Email Protection, etc.) and feeding it into NG-SIEM, which is integrated into CrowdStrike.
• Enables security event information exchange between solutions within the infrastructure and visualizes the attack map with security events not only from endpoints but also from additional sources, providing contextualized insights.
• This significantly accelerates and simplifies detection, investigation, and real-time response to advanced attacks.
• Falcon XDR integrates with third-party services through connectors (over 120 ready-made connectors to external systems).

Allows the configuration of flexible policies governing the use of various USB devices and built-in Bluetooth modules.

Enables management of Windows and Mac firewalls from the CrowdStrike console and integrates them into security policies.

• Provides security for cloud environments and workloads, protecting virtual machines, containers, and other cloud resources.
• Offers threat detection and response, vulnerability management, and compliance enforcement.
• Ensures real-time security for cloud environments regardless of their location.

• Specializes in securing containerized environments in the cloud.
• Covers security from container creation to runtime, including threat detection, vulnerability analysis, and compliance enforcement.
• Integrates with the CrowdStrike Falcon Platform for comprehensive protection of containers and orchestrators like Kubernetes, enabling organizations to securely deploy applications in the cloud.

• A managed CrowdStrike solution for securing containerized environments.
• Provides monitoring, detection, and response to container-based threats in real-time.
• Includes vulnerability management and compliance monitoring, helping organizations meet security standards.
• Falcon Managed Containers integrates with other CrowdStrike services to deliver a comprehensive approach to container security.

• A 24/7 managed threat hunting service.
• Provides continuous monitoring and real-time threat detection within an organization’s infrastructure.
• Uses analysts and AI-powered technologies to identify sophisticated attacks that automated security systems might miss.
• Helps organizations respond quickly to cyber threats, minimizing potential damage.

• Ideal for organizations that want enhanced cybersecurity without the need to build their own security team.
• A fully managed security service providing end-to-end threat detection, response, and remediation.
• Offers round-the-clock monitoring and security management, with CrowdStrike experts taking full responsibility for cybersecurity.
• Integrates with the CrowdStrike Falcon Platform, leveraging its capabilities for automated threat detection and neutralization, while experts handle complex cases.

• A security solution for mobile devices that provides real-time threat detection and response.
• Includes vulnerability management and protection of sensitive data on mobile devices.
• Supports both iOS and Android, protecting against phishing, malware, and other cyber threats.

• Identifies unauthorized accounts, systems, and applications across an organization’s environment in real-time.
• Helps eliminate security gaps and improve overall security posture.

• Provides automated vulnerability management to help security teams prioritize risks and optimize remediation workflows.
• Operates without the need for resource-intensive scans.

Provides comprehensive, centralized visibility into file changes in real time, enhancing compliance and offering relevant contextual data.

• Provides detailed insights into cyber threats and adversary behaviors.
• Helps organizations understand how attackers operate, providing intelligence on their methods, tactics, tools, and motivations.
• Enables proactive security planning to defend against targeted attacks.

• A cloud-based sandbox fully integrated into the CrowdStrike ecosystem.
• Analyzes the behavior of malicious software in a safe, emulated environment.

• Ensures real-time, AI-powered threat detection for Active Directory accounts.
• Uses behavioral analysis and AI insights to prevent modern cyberattacks, such as ransomware.

• Combines AI-driven detection, behavioral analytics, and risk-based conditional access policies.
• Provides real-time identity security, preventing unauthorized access and identity-based attacks.

A modern log collection and analysis solution designed for high-speed processing of massive data volumes.

Key Features:

• Fast Search: Executes searches dozens of times faster than traditional tools.
• Scalability: Handles petabyte-scale data processing without performance degradation.
• Efficient Storage: Uses an index-free architecture to compress data, reducing storage costs.

A next-gen SIEM solution that integrates data, AI-driven detection, automation, and threat intelligence.

Key Capabilities:

• Security Monitoring: Instantly detects threats with live dashboards and key insights.
• Incident Management: Accelerates investigations using AI-powered tools.
• Legacy SIEM Replacement: Enables seamless migration to Falcon Next-Gen SIEM for enhanced security and efficiency.

A modern solution for protecting sensitive information from unauthorized access and data loss.

Key Capabilities:

• Data Identification: Automatically recognizes sensitive information (PII, financial data, regex-based classification).
• Access Control: Defines policies for monitoring and blocking unauthorized data movements.
• Real-Time Visibility: Tracks data usage and transfers instantly.
• Cloud & Device Protection: Integrates with Microsoft 365, Google Workspace, SaaS applications, ChatGPT, and more.
• AI-Powered Analytics: Detects anomalies and threats.

Advantages:

• Unified security for endpoints and data.
• Seamless deployment without additional hardware.
• Interactive dashboards for real-time analysis and reporting.