12:00 AM
Dark Reading
Dark Reading
Products and Releases

CrowdStrike Expands Its Market-leading Managed Threat Hunting Service

CrowdStrike Falcon OverWatch now offers additional services levels for customers who want guided response and remote incident management

Irvine – CrowdStrike, a cloud-delivered endpoint protection company, today launched new service levels for its Falcon OverWatch managed threat hunting solution. The new offerings add guided remediation and remote incident management options for customers and the flexibility to choose the best response and remediation strategy that meets their needs.

CrowdStrike is offering a managed threat hunting service (referred to as Managed Detection and Response (MDR) Services by Gartner) supported by the CrowdStrike Falcon Platform to help companies detect threats and prevent the mega breach. Leveraging CrowdStrike’s threat telemetry, collecting more than 40 billion events a day, the Falcon OverWatch team has insights into the modern-day threat landscape and aims to take managed hunting to a new level of fidelity and precision. With real-time backing by CrowdStrike Falcon Insight, CrowdStrike’s endpoint detection and response (EDR) solution, and threat intelligence, the Falcon OverWatch team has deep visibility, rapid investigation and remediation capabilities to support customers with threat hunting, alert prioritization and real-time response.

According to Anton Chuvakin, research vice president at Gartner for Technical Professionals (GTP) Security and Risk Management group, “In addition to uncovering the hidden threats in your environment, ongoing threat hunting will improve your knowledge of your IT environment, reveal unmanaged and rogue systems, and deliver other side benefits. It will also enrich your internal threat intelligence efforts if any.” [1]

CrowdStrike is releasing new service levels for its Falcon OverWatch managed threat hunting service. These service levels provide flexible options for organizations of all sizes:

  • OverWatch Standard – Built for organizations that elect to handle the response to security alerts internally, OverWatch Standard provides all the advantages of 24x7x365 managed threat hunting, with prioritized actionable alerts that include recommendations for remediation, enabling efficient and effective internal incident response.
  • OverWatch Essential – Developed for organizations that prefer assistance with OverWatch alerts, OverWatch Essential includes all the benefits of OverWatch Standard and adds closed loop communication and 24/7 follow-up in the event of a detection. OverWatch Essential also includes the ability to engage directly with CrowdStrike experts who can provide guidance and expert advice.
  • OverWatch Elite – For organizations that want incident hunting and response handled by CrowdStrike, OverWatch Elite provides the highest level of support, including fully-managed OverWatch alert response, custom response to incidents, and effective remediation implementation.

With Falcon OverWatch, CrowdStrike stops more than 15,000 breach attempts every year across its global customer base located in 176 countries. In addition, customers benefit from the crowdsourcing power of CrowdStrike’s fully cloud-based platform as each attack detection feeds into defenses for the entire community.

"Earlier this year, we expanded our CrowdStrike Falcon portfolio to enable customers to implement our endpoint security technology in a flexible and modular manner that best meets their needs," said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer. "Following this same model, the new Premium Support levels will deliver the expertise and benefits of our managed hunting and response at the service levels fit for customers of every size. We couldn’t be more pleased to expand our service tiers as our customers see our OverWatch team as a critical line of defense to stop the mega breach."


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
One in Three SOC Analysts Now Job-Hunting
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/12/2018
Encrypted Attacks Continue to Dog Perimeter Defenses
Ericka Chickowski, Contributing Writer, Dark Reading,  2/14/2018
Can Android for Work Redefine Enterprise Mobile Security?
Satish Shetty, CEO, Codeproof Technologies,  2/13/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: One agent too many was installed on Bob's desktop.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.