CrowdStrike Falcon FileVantage Empowers Teams to Pinpoint Potential Adversary Activity Through Central Visibility and Scalable File Integrity Monitoring
Falcon FileVantage improves overall security posture and efficiency by boosting compliance and providing contextual threat intelligence data to help prioritize action and enhance protection
SUNNYVALE, Calif.–(BUSINESS WIRE)–Fal.Con 2021—CrowdStrike Inc. (NASDAQ: CRWD), a leader in cloud-delivered endpoint and workload protection, today announced Falcon FileVantage, a new file integrity monitoring solution that streamlines the security stack and offers full visibility on critical file, folder and registry changes. Falcon FileVantage monitors all critical files and systems through modernized workflow policies, adding valuable context through detection data and threat intelligence via the Falcon console.
Demands from regulatory authorities require* organizations to monitor changes to critical files, folders and registries, often overwhelming security and IT operations staff with alerts and notifications. This can make it difficult, if not impossible to sort through which file might demonstrate risky behavior, potentially leading to a security issue.
“When you consider scaling the simple acts of monitoring change, move or deletion of every crown jewel file in an organization, security and IT operations staff are under a lot of pressure,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “With so much going on, missing a potentially compromised file is a real risk, and that’s where Falcon FileVantage adds value to the team and security of an organization. With a simplified security stack, comprehensive monitoring capabilities and rich threat context, Falcon FileVantage is a valuable, scalable solution that dramatically improves visibility, enabling teams to respond quickly to the threats that matter.”
With Falcon FileVantage, security and IT operations teams are offered summary and detailed dashboard views to immediately identify any changes occurring within an organization’s valuable files and systems. Security teams gain the ability to pinpoint adversary activity within their environment and can quickly prioritize remediation efforts. With custom and preset policies and group features, alert fatigue is managed, enabling teams to zero in on risky real-time changes.
Additional capabilities of Falcon FileVantage include:
- Central Visibility – Bringing transparency to all critical file changes – offering relevant, intuitive dashboards displaying information on registry setting, what files/folders have been created or changed, and who was accessing those files/folders.
- Insight from Threat Intelligence Context – Unlike other FIM solutions, Falcon FileVantage allows even greater visibility and context through added threat intelligence and detection data via the Falcon console.
- Increased Efficiency – Enables security teams to quickly identify which files are relevant for monitoring, prioritize action based on other activities surrounding a host and reduce alert fatigue by enabling or disabling groups.
- Solution Consolidation – Allows staff to streamline and consolidate solutions, relying on CrowdStrike’s single lightweight agent to provide live and continuous data without the need for multiple tools.
*Fulfilling compliance requirements for: PCI DSS, Sarbanes-Oxley (SOX), Federal Security Management Act (FISMA), National Institute of Standards and Technology (NIST), and others.
CrowdStrike Holdings, Inc. (Nasdaq: CRWD), a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon captures approximately 1 trillion high-fidelity signals per day in real time from across the globe, fueling one of the world’s most advanced data platforms for security.
With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.
There’s only one thing to remember about CrowdStrike: We stop breaches.
Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.
Learn more: https://www.crowdstrike.com/
© 2021 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.
Kevin Benacci, 216-409-5055