Mobile

5/8/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CrowdStrike Expands Its Market-leading Managed Threat Hunting Service

CrowdStrike Falcon OverWatch now offers additional services levels for customers who want guided response and remote incident management

Irvine – CrowdStrike, a cloud-delivered endpoint protection company, today launched new service levels for its Falcon OverWatch managed threat hunting solution. The new offerings add guided remediation and remote incident management options for customers and the flexibility to choose the best response and remediation strategy that meets their needs.

CrowdStrike is offering a managed threat hunting service (referred to as Managed Detection and Response (MDR) Services by Gartner) supported by the CrowdStrike Falcon Platform to help companies detect threats and prevent the mega breach. Leveraging CrowdStrike’s threat telemetry, collecting more than 40 billion events a day, the Falcon OverWatch team has insights into the modern-day threat landscape and aims to take managed hunting to a new level of fidelity and precision. With real-time backing by CrowdStrike Falcon Insight, CrowdStrike’s endpoint detection and response (EDR) solution, and threat intelligence, the Falcon OverWatch team has deep visibility, rapid investigation and remediation capabilities to support customers with threat hunting, alert prioritization and real-time response.

According to Anton Chuvakin, research vice president at Gartner for Technical Professionals (GTP) Security and Risk Management group, “In addition to uncovering the hidden threats in your environment, ongoing threat hunting will improve your knowledge of your IT environment, reveal unmanaged and rogue systems, and deliver other side benefits. It will also enrich your internal threat intelligence efforts if any.” [1]

CrowdStrike is releasing new service levels for its Falcon OverWatch managed threat hunting service. These service levels provide flexible options for organizations of all sizes:

  • OverWatch Standard – Built for organizations that elect to handle the response to security alerts internally, OverWatch Standard provides all the advantages of 24x7x365 managed threat hunting, with prioritized actionable alerts that include recommendations for remediation, enabling efficient and effective internal incident response.
  • OverWatch Essential – Developed for organizations that prefer assistance with OverWatch alerts, OverWatch Essential includes all the benefits of OverWatch Standard and adds closed loop communication and 24/7 follow-up in the event of a detection. OverWatch Essential also includes the ability to engage directly with CrowdStrike experts who can provide guidance and expert advice.
  • OverWatch Elite – For organizations that want incident hunting and response handled by CrowdStrike, OverWatch Elite provides the highest level of support, including fully-managed OverWatch alert response, custom response to incidents, and effective remediation implementation.

With Falcon OverWatch, CrowdStrike stops more than 15,000 breach attempts every year across its global customer base located in 176 countries. In addition, customers benefit from the crowdsourcing power of CrowdStrike’s fully cloud-based platform as each attack detection feeds into defenses for the entire community.

"Earlier this year, we expanded our CrowdStrike Falcon portfolio to enable customers to implement our endpoint security technology in a flexible and modular manner that best meets their needs," said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer. "Following this same model, the new Premium Support levels will deliver the expertise and benefits of our managed hunting and response at the service levels fit for customers of every size. We couldn’t be more pleased to expand our service tiers as our customers see our OverWatch team as a critical line of defense to stop the mega breach."

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7679
PUBLISHED: 2018-06-21
Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.
CVE-2018-7680
PUBLISHED: 2018-06-21
Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.
CVE-2018-7681
PUBLISHED: 2018-06-21
Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.
CVE-2018-7683
PUBLISHED: 2018-06-21
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.
CVE-2018-12617
PUBLISHED: 2018-06-21
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a craf...