CrowdStrike Enhances Falcon Platform
October 15, 2020
has enhanced their Falcon platform’s
visibility, detection and response
capabilities across Windows, macOS
and Linux operating systems and new
customization capabilities enable
customers to tailor information
views and create dashboards based on
unique business needs.
Visibility: CrowdStrike is extending Linux visibility by capturing more network events to enhance investigation. CrowdStrike is also extending vulnerability management coverage for Linux with the Spotlight module that offers real-time assessment of vulnerability exposure with zero impact on hosts. Firmware analysis for macOS informs customers if the BIOS is vulnerable or potentially compromised.
Response: Operating system support for CrowdStrike Real Time Response is expanding to include both macOS and Linux. CrowdStrike Real Time Response gives administrators direct access to investigate and remediate remote hosts, quickly gathering information and returning their environment to a known secure state. Real Time Response gives responders the surgical remediation and investigation capabilities they require including the ability to kill processes, remove files or directories, retrieve data or files, or run custom scripts and executables on multiple systems.
OS Support: CrowdStrike will fully support Apple’s kernel extension software model on macOS Catalina and Big Sur. By leveraging Apple’s Endpoint Security Framework, Falcon achieves the same levels of visibility, detection, and protection exclusively via a user space sensor. On Linux, new enhancements now also enable minor Linux kernel version updates to be supported immediately without requiring a Falcon sensor update.
Customizability: CrowdStrike has completely revamped its dashboard capability with a rich new set of tools, filters, and visualizations. Customers can use new pre-configured dashboards or create custom views to track, measure and prioritize relevant insights based on their own business context. This allows users to choose the information that is relevant to them and then display it on a tailored dashboard. By giving users control over how to display their information, they can move away from “one size fits all” models and choose what is most relevant and best supports their unique business priorities.