Security CrowdStrike Falcon

Endpoint security solutions that address threat risk with Next Generation Antivirus, EDR (Endpoint Detection and Response) and threat hunting.

CrowdStrike Falcon

CrowdStrike Falcon is an endpoint security solution that stores and monitors log data collected from endpoints connected to an organization’s network to detect and prevent suspicious behavior and cyber attacks.

Next Generation Antivirus, EDR (Note 1)Protect your devices and information assets from external threats, with a focus on threat hunting capabilities.

*Note 1) EDR: abbreviation for endpoint detection and response. Monitors the operation and behavior of endpoint devices and takes action in the event of an incident.

Background of EDR Solution Needed

As remote work and cloud services are increasingly being used, cyber attacks targeting endpoints are becoming more sophisticated. Security solutions such as traditional anti-virus products and firewalls have become harder to prevent attacks and increase threat risk.

Therefore, it is necessary to build an IT environment based on zero trust architecture that is not bounded by the boundaries of internal network or Internet.

EDR solutions not only protect against cyber attacks at the entrance, but also proactively contain risk by detecting and responding quickly to malware in the event of an attacker infiltrating an organization.

EPP(Note 2)
Defend from malware infection.


Next Generation Antivirus (NGAV)
• Behaviour Detection / AI / Machine Learning
• Detect and block known and unknown threats

    Antivirus Products (AV)
    • File pattern matching
    • Identify / Block Known Threats


      There are unknown malware that cannot be detected.

      EDR
      Detect the infection and take subsequent action


      • Record and monitor endpoint operations and respond as soon as they are detected
      • Purpose is to minimize the impact after malware intrusion
      • Reduce time to identify and root cause malware intrusion paths

      The EDR solution enables incident detection and immediate response, followed by rapid investigation and analysis.

      *Note 2) EPP: abbreviation for Endpoint Protection Platform. Protect devices from malware infections such as computer viruses.

      CrowdStrike Falcon (Function)

      Effectively detect and prevent breaches as ransomware that is created every day

      CrowdStrike Falcon is Falcon Prevent(Next Generation Antivirus) , Falcon Insight (EDR), Falcon OverWatch (Threat Hunting by Security Experts) on a single platform. Effectively detect and prevent breaches as a countermeasure against emerging attacks such as ransomware that is created every day.

      Post-implementation operational support

      Fully support in bit analysis infrastructure, security human resources and operation / skills

      Operating an EDR solution requires accurate event awareness when an alert is detected and prompt action after detection. Without an organization such as SOC, operational loads are often a challenge because of the need for tuning and expert knowledge to properly manage large volumes of alerts.

      You can view incident information and log data through a centralized customer portal that manages multiple security service log incidents, extract important events from a vast range of logs, and provide advice on cause identification and response policies.

      With a comprehensive log analytics platform, security talent, and operational skills and know-how, customers can deploy EDR Solution Zero Trust Security without having to prepare new security monitoring systems or human resources.

      What is the best solution for your problem?
      Please consult a KDDI consultant.