SlideShare una empresa de Scribd logo

How to Replace Your Legacy Antivirus Solution with CrowdStrike

CrowdStrike
CrowdStrike

This document summarizes CrowdStrike's endpoint security product Falcon and argues that it provides more effective protection than legacy antivirus solutions. It notes that antivirus has an efficacy rate of only 45% against modern threats and is ineffective at stopping sophisticated attacks. CrowdStrike's Falcon uses techniques like machine learning, IOAs, and threat intelligence to prevent a wider range of attacks while having a smaller system footprint than antivirus. It also provides detection capabilities like endpoint detection and response to eliminate attack dwell time. The document aims to convince readers to replace their legacy antivirus with CrowdStrike's Falcon.

Tecnología
1 de 28
Descargar para leer sin conexión
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THE TIME HAS COME TO REPLACE YOUR LEGACY AV DAN LARSON, VP OF PRODUCT MARKETING
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. CrowdStrike Intro Legacy Anti-Virus Efficacy How CrowdStrike Stops Malware How CrowdStrike Goes Beyond Malware How to Switch to CrowdStrike for AV AV Testing and Industry Collaboration
A QUICK INTRODUCTION TO CROWDSTRIKE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
FALCON PLATFORM THE POWER OF ONE LIGHTWEIGHT AGENT API NEXT-GEN ANTIVIRUS IT HYGIENE ENDPOINT DETECTION AND RESPONSE THREAT INTEL MANAGED HUNTING
MY ANTI-VIRUS JUST DOESN’T WORK 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. This is the #1 concern raised by customers inquiring with analyst firms Gartner and Forrester about endpoint security. … They simply are not effective in stopping modern threats.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. INEFFECTIVE AGAINST MODERN THREATS 45% § “Anti-Virus catches about 45 percent of attacks these days” - Brian Dye, former VP at Symantec (now at McAfee) Source: https://goo.gl/hNUCdm
“COMPLEXITY IS THE ENEMY OF SECURITY” Bruce Schneier, 2001 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. TRYING TO GET AHEAD OF THE ATTACKER 80s to 90s Signatures 00s Heuristics 2007 Reputation 2009 App Control 2012 Sandboxing & Isolation 2013 Machine Learning Now Managed Hunting 2011 IOC Sharing 2014 Behavioral Analytics Enterprise Endpoint Security Timeline
LEGACY VENDOR ARCHITECTURE Email Encryption HTTP/WEB GATEWAY Web Security SMTP/EMAIL GATEWAY Mail Security SHAREPOINT Sharepoint Security SERVERS App Control MAIL SERVERS Mail Scanner VDI VDI Plugin FIREWALL/ROUTER UTM GATEWAY ENDPOINT PROTECTION HOST SECURITY SERVICES • Web Security as a Service • Hosted Email Security • Reputation Cloud • Sandbox Service CENTRALIZED MANAGEMENT • Vulnerability Protection • Host Intrusion Prevention • AntiVirus • Endpoint Encryption • Application Control • Web Protection SANDBOX APPLIANCE “NEXT GEN” • Endpoint Activity Visibility Source: 2016 Verizon Data Breach Investigation Report
CROWDSTRIKE FALCON ARCHITECTURE CLOUD DELIVERED ENDPOINT PROTECTION
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ANTI-MALWARE PREVENTION STACK CROWDSTRIKE FALCON § MACHINE LEARNING § IOA PREVENTION § EXPLOIT BLOCKING § CUSTOM HASH BLOCKING § CONTINUOUS MONITORING § KNOWN MALWARE § UNKNOWN MALWARE § BEYOND MALWARE § MACHINE LEARNING § THREAT INTELLIGENCE § MANAGED HUNTING § THREAT GRAPH PREVENT: ENDPOINT PROTECTION CLOUD PROTECTION
Machine Learning • Trained on over 30 billion events per day in the CrowdStrike ThreatGraph™ • Increases effectiveness against new, polymorphic or obfuscated malware • Works offline, works without daily updates • Data models can be smaller than signature files (if done properly) • Performance impact less than on-demand or on-access scanning techniques • Complements • Behavioral analytics, or IOAs • Exploit mitigation
MORE THAN JUST AV REPLACEMENT 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THE REMAINING CHALLENGES Complexity … Ever expanding infrastructure requirements and agent footprint Always Out of Date … By the time your update is deployed, it is time to start another Blind Spots … Silent failure leads to long dwell times and false sense of security
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. COMPLEXITY Eliminate operational burden with CrowdStrike § Just one agent – really! § No more daily signature updates § Smaller footprint 15MB on disk 10MB in memory § No reboots § No on premise hardware § SaaS scalability
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ALWAYS OUT OF DATE Outpace the attacker with CrowdStrike § No need to develop AV signatures § Machine learning and IOAs are more persistent protection mechanisms § CrowdStrike only requires 15MB on disk § 70MB-150MB typical for AV signatures § Some ML models balloon to 300MB § Single-sensor design eliminates dependency issues § SaaS delivery ensures real-time updates when necessary
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. EXAMPLE 3 Month Old Machine Learning Model Immediately Blocks Shamoon 2 § ML model delivered to VirusTotal on Aug 25th § Blocked Shamoon 2 on its first appearance in VT on Nov 22nd § Same ML technology is now built into every Falcon sensor Source: https://goo.gl/nK0VmO
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. BLIND SPOTS Eliminate dwell time with CrowdStrike § AV can only see what it stops § No prevention solution can be 100% effective, not even next-gen solutions § Average dwell time still near 200 days § Go beyond malware to detect and block modern attacker techniques § CrowdStrike’s EDR offers automatic detections, eliminating the need for manual search § CrowdStrike’s Overwatch delivers proactive threat hunting in your environment, 24x7x365
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NO MORE BLIND SPOTS 100% Exploit Detection in AV-Comparatives Test 90 63 100 57 86 90 63 70 28 82 0 20 40 60 80 100 Symantec* Cylance* CrowdStrike SentinelOne Palo Alto Blocked Detected Source: AV-Comparatives § CrowdStrike is only product with 100% detection efficacy § All other solutions suffered from silent failure § In reality, this leads to long dwell times
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NO MORE BLIND SPOTS 100% Exploit Detection in AV-Comparatives Test 90 63 100 57 86 90 63 70 28 82 0 20 40 60 80 100 Symantec* Cylance* CrowdStrike SentinelOne Palo Alto Blocked Detected Source: AV-Comparatives § CrowdStrike is only product with 100% detection efficacy § All other solutions suffered from silent failure § In reality, this leads to long dwell times
2015 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE
2015 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE • AV signatures, IOCs and Application Control are ineffective against this kind of threat • Even machine learning can’t stop this because it is a trusted executable • Would you know how to search for this? • Even if you knew how, do you have the bandwidth to search? • CrowdStrike IOAs operate in real time and automate the detection process so that you don’t have to search
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THINGS TO LOOK OUT FOR If you’re not 100% effective at prevention, then you need strong detection Even some next-gen players have bloated endpoint agents Unverified efficacy claims “Bake in” periods are like HIPS all over again Telemetry without intelligence is worthless Over-emphasis on malware and/or forgetting the rest of the kill chain
Vendor Member Committed to Standards Contribute Leadership 98.2% Malware Block Rate 100% Exploit Detection 0 False Positives First Pure ML Engine Open to Public Scrutiny Contribute to Community COMPLIANCE
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. INDUSTRY VALIDATION
Largest global companies by revenue Largest global banks by revenue Top Credit card payment processors Top oil and gas companies 3 OF THE 102OF THE 45OF THE 103OF THE 10 CrowdStrike Falcon Deployed in 170 Countries BACKED BY ELITE INVESTORS:
2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Questions? Please submit all questions in the Q&A chat right below the presentation slides Contact Us Additional Information Request 1:1 Demo crowdstrike.com/request-a-demo Upcoming CrowdCast Topic Ransomware Website: crowdstrike.com Email: info@crowdstrike.com Number: 1.888.512.8902 (US)

Recomendados

Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeAdam Barrera
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Nevada County Tech Connection
 

Recomendados

Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
Crowdstrike .pptx
Crowdstrike .pptxCrowdstrike .pptx
Crowdstrike .pptxuthayakumar174828
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeAdam Barrera
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetCrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Nevada County Tech Connection
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilienceChristophe Foulon, CISSP
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model PresentationGowdhaman Jothilingam
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...MITRE ATT&CK
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Mohamed Loey
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Frameworkn|u - The Open Security Community
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
SOC Cyber Security
SOC Cyber SecuritySOC Cyber Security
SOC Cyber SecuritySteppa Cyber Security
 
Zero Trust
Zero TrustZero Trust
Zero TrustBoaz Shunami
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CKMITRE ATT&CK
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
 
Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsCrowdStrike
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning CrowdStrike
 

Más contenido relacionado

La actualidad más candente

cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...MITRE ATT&CK
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Mohamed Loey
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskSecurity Innovation
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CKMITRE ATT&CK
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
 

La actualidad más candente (20)

cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
Understanding cyber resilience
Understanding cyber resilienceUnderstanding cyber resilience
Understanding cyber resilience
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation Firewall
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
 
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
MITRE ATT&CK Framework
MITRE ATT&CK FrameworkMITRE ATT&CK Framework
MITRE ATT&CK Framework
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
SOC Cyber Security
SOC Cyber SecuritySOC Cyber Security
SOC Cyber Security
 
Zero Trust
Zero TrustZero Trust
Zero Trust
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security Risk
 
State of the ATT&CK
State of the ATT&CKState of the ATT&CK
State of the ATT&CK
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
 

Destacado

Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsCrowdStrike
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning CrowdStrike
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdStrike
 
Hacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted ThreatsHacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted ThreatsCrowdStrike
 
Be Social. Use CrowdRE.
Be Social. Use CrowdRE.Be Social. Use CrowdRE.
Be Social. Use CrowdRE.CrowdStrike
 
Java Journal & Pyresso: A Python-Based Framework for Debugging Java
Java Journal & Pyresso: A Python-Based Framework for Debugging JavaJava Journal & Pyresso: A Python-Based Framework for Debugging Java
Java Journal & Pyresso: A Python-Based Framework for Debugging JavaCrowdStrike
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGSCrowdStrike
 
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdStrike
 
CrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas AttackCrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas AttackCrowdStrike
 
I/O, You Own: Regaining Control of Your Disk in the Presence of Bootkits
I/O, You Own: Regaining Control of Your Disk in the Presence of BootkitsI/O, You Own: Regaining Control of Your Disk in the Presence of Bootkits
I/O, You Own: Regaining Control of Your Disk in the Presence of BootkitsCrowdStrike
 
CrowdCasts Monthly: Mitigating Pass the Hash
CrowdCasts Monthly: Mitigating Pass the HashCrowdCasts Monthly: Mitigating Pass the Hash
CrowdCasts Monthly: Mitigating Pass the HashCrowdStrike
 
End-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyEnd-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyCrowdStrike
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdStrike
 
Piratng Avs to bypass exploit mitigation
Piratng Avs to bypass exploit mitigationPiratng Avs to bypass exploit mitigation
Piratng Avs to bypass exploit mitigationPriyanka Aash
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016Core Security
 
Російські хакери стежили за артилерією ЗСУ через Android
Російські хакери стежили за артилерією ЗСУ через AndroidРосійські хакери стежили за артилерією ЗСУ через Android
Російські хакери стежили за артилерією ЗСУ через Androidtsnua
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputSilas Cutler
 
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusFive Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusSarah Vanier
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...FireEye, Inc.
 

Destacado (20)

Bear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence OperationsBear Hunting: History and Attribution of Russian Intelligence Operations
Bear Hunting: History and Attribution of Russian Intelligence Operations
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
 
Hacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted ThreatsHacking Exposed Live: Mobile Targeted Threats
Hacking Exposed Live: Mobile Targeted Threats
 
Be Social. Use CrowdRE.
Be Social. Use CrowdRE.Be Social. Use CrowdRE.
Be Social. Use CrowdRE.
 
Java Journal & Pyresso: A Python-Based Framework for Debugging Java
Java Journal & Pyresso: A Python-Based Framework for Debugging JavaJava Journal & Pyresso: A Python-Based Framework for Debugging Java
Java Journal & Pyresso: A Python-Based Framework for Debugging Java
 
Venom
Venom Venom
Venom
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGS
 
CrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary ProblemCrowdCasts Monthly: You Have an Adversary Problem
CrowdCasts Monthly: You Have an Adversary Problem
 
CrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas AttackCrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas Attack
 
I/O, You Own: Regaining Control of Your Disk in the Presence of Bootkits
I/O, You Own: Regaining Control of Your Disk in the Presence of BootkitsI/O, You Own: Regaining Control of Your Disk in the Presence of Bootkits
I/O, You Own: Regaining Control of Your Disk in the Presence of Bootkits
 
CrowdCasts Monthly: Mitigating Pass the Hash
CrowdCasts Monthly: Mitigating Pass the HashCrowdCasts Monthly: Mitigating Pass the Hash
CrowdCasts Monthly: Mitigating Pass the Hash
 
End-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware FamilyEnd-to-End Analysis of a Domain Generating Algorithm Malware Family
End-to-End Analysis of a Domain Generating Algorithm Malware Family
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the Indicator
 
Piratng Avs to bypass exploit mitigation
Piratng Avs to bypass exploit mitigationPiratng Avs to bypass exploit mitigation
Piratng Avs to bypass exploit mitigation
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
Російські хакери стежили за артилерією ЗСУ через Android
Російські хакери стежили за артилерією ЗСУ через AndroidРосійські хакери стежили за артилерією ЗСУ через Android
Російські хакери стежили за артилерією ЗСУ через Android
 
The Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutputThe Shifting Landscape of PoS MalwareOutput
The Shifting Landscape of PoS MalwareOutput
 
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen AntivirusFive Reasons to Look Beyond Math-based Next-Gen Antivirus
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
 
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
[Industry Intelligence Brief] Cyber Threats to the Legal and Professional Ser...
 

Similar a How to Replace Your Legacy Antivirus Solution with CrowdStrike

DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMCrowdStrike
 
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...Sven Krasser
 
Global Ransomware Client Alert
Global Ransomware Client AlertGlobal Ransomware Client Alert
Global Ransomware Client AlertRobyn Melnyk
 
Global ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgGlobal ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgChristopher R. Ward
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)IndusfacePvtLtd
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectiveSecurity Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectivePositive Hack Days
 
Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.MRMaguire
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
Industry_Brief_TrapX_Medical_Devices
Industry_Brief_TrapX_Medical_DevicesIndustry_Brief_TrapX_Medical_Devices
Industry_Brief_TrapX_Medical_DevicesTony Zirnoon, CISSP
 
Industry_Brief_TrapX_Banking_Finance
Industry_Brief_TrapX_Banking_FinanceIndustry_Brief_TrapX_Banking_Finance
Industry_Brief_TrapX_Banking_FinanceTony Zirnoon, CISSP
 
Cylance_Protect_Datasheet
Cylance_Protect_DatasheetCylance_Protect_Datasheet
Cylance_Protect_DatasheetTiana Henriks
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Web app penetration testing best methods tools used
Web app penetration testing best methods tools usedWeb app penetration testing best methods tools used
Web app penetration testing best methods tools usedZoe Gilbert
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 
The Top 7 Causes of Major Security Breaches
The Top 7 Causes of Major Security BreachesThe Top 7 Causes of Major Security Breaches
The Top 7 Causes of Major Security BreachesKaseya
 

Similar a How to Replace Your Legacy Antivirus Solution with CrowdStrike (20)

DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORMDEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
DEFENDING AGAINST THREATS TARGETING THE MAC PLATFORM
 
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
Straight Talk on Machine Learning -- What the Marketing Department Doesn’t Wa...
 
Global Ransomware Client Alert
Global Ransomware Client AlertGlobal Ransomware Client Alert
Global Ransomware Client Alert
 
Global ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgGlobal ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sg
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
Continuous security
Continuous securityContinuous security
Continuous security
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectiveSecurity Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 
Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Cylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-OverviewCylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-Overview
 
Industry_Brief_TrapX_Medical_Devices
Industry_Brief_TrapX_Medical_DevicesIndustry_Brief_TrapX_Medical_Devices
Industry_Brief_TrapX_Medical_Devices
 
Industry_Brief_TrapX_Banking_Finance
Industry_Brief_TrapX_Banking_FinanceIndustry_Brief_TrapX_Banking_Finance
Industry_Brief_TrapX_Banking_Finance
 
Cylance_Protect_Datasheet
Cylance_Protect_DatasheetCylance_Protect_Datasheet
Cylance_Protect_Datasheet
 
The artificial reality of cyber defense
The artificial reality of cyber defenseThe artificial reality of cyber defense
The artificial reality of cyber defense
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Web app penetration testing best methods tools used
Web app penetration testing best methods tools usedWeb app penetration testing best methods tools used
Web app penetration testing best methods tools used
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
The Top 7 Causes of Major Security Breaches
The Top 7 Causes of Major Security BreachesThe Top 7 Causes of Major Security Breaches
The Top 7 Causes of Major Security Breaches
 

Último

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 

How to Replace Your Legacy Antivirus Solution with CrowdStrike

  • 1. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THE TIME HAS COME TO REPLACE YOUR LEGACY AV DAN LARSON, VP OF PRODUCT MARKETING
  • 2. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. CrowdStrike Intro Legacy Anti-Virus Efficacy How CrowdStrike Stops Malware How CrowdStrike Goes Beyond Malware How to Switch to CrowdStrike for AV AV Testing and Industry Collaboration
  • 3. A QUICK INTRODUCTION TO CROWDSTRIKE 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 4. FALCON PLATFORM THE POWER OF ONE LIGHTWEIGHT AGENT API NEXT-GEN ANTIVIRUS IT HYGIENE ENDPOINT DETECTION AND RESPONSE THREAT INTEL MANAGED HUNTING
  • 5. MY ANTI-VIRUS JUST DOESN’T WORK 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. This is the #1 concern raised by customers inquiring with analyst firms Gartner and Forrester about endpoint security. … They simply are not effective in stopping modern threats.
  • 6. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. INEFFECTIVE AGAINST MODERN THREATS 45% § “Anti-Virus catches about 45 percent of attacks these days” - Brian Dye, former VP at Symantec (now at McAfee) Source: https://goo.gl/hNUCdm
  • 7. “COMPLEXITY IS THE ENEMY OF SECURITY” Bruce Schneier, 2001 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 8. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. TRYING TO GET AHEAD OF THE ATTACKER 80s to 90s Signatures 00s Heuristics 2007 Reputation 2009 App Control 2012 Sandboxing & Isolation 2013 Machine Learning Now Managed Hunting 2011 IOC Sharing 2014 Behavioral Analytics Enterprise Endpoint Security Timeline
  • 9. LEGACY VENDOR ARCHITECTURE Email Encryption HTTP/WEB GATEWAY Web Security SMTP/EMAIL GATEWAY Mail Security SHAREPOINT Sharepoint Security SERVERS App Control MAIL SERVERS Mail Scanner VDI VDI Plugin FIREWALL/ROUTER UTM GATEWAY ENDPOINT PROTECTION HOST SECURITY SERVICES • Web Security as a Service • Hosted Email Security • Reputation Cloud • Sandbox Service CENTRALIZED MANAGEMENT • Vulnerability Protection • Host Intrusion Prevention • AntiVirus • Endpoint Encryption • Application Control • Web Protection SANDBOX APPLIANCE “NEXT GEN” • Endpoint Activity Visibility Source: 2016 Verizon Data Breach Investigation Report
  • 10. CROWDSTRIKE FALCON ARCHITECTURE CLOUD DELIVERED ENDPOINT PROTECTION
  • 11. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ANTI-MALWARE PREVENTION STACK CROWDSTRIKE FALCON § MACHINE LEARNING § IOA PREVENTION § EXPLOIT BLOCKING § CUSTOM HASH BLOCKING § CONTINUOUS MONITORING § KNOWN MALWARE § UNKNOWN MALWARE § BEYOND MALWARE § MACHINE LEARNING § THREAT INTELLIGENCE § MANAGED HUNTING § THREAT GRAPH PREVENT: ENDPOINT PROTECTION CLOUD PROTECTION
  • 12. Machine Learning • Trained on over 30 billion events per day in the CrowdStrike ThreatGraph™ • Increases effectiveness against new, polymorphic or obfuscated malware • Works offline, works without daily updates • Data models can be smaller than signature files (if done properly) • Performance impact less than on-demand or on-access scanning techniques • Complements • Behavioral analytics, or IOAs • Exploit mitigation
  • 13. MORE THAN JUST AV REPLACEMENT 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.
  • 14. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THE REMAINING CHALLENGES Complexity … Ever expanding infrastructure requirements and agent footprint Always Out of Date … By the time your update is deployed, it is time to start another Blind Spots … Silent failure leads to long dwell times and false sense of security
  • 15. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. COMPLEXITY Eliminate operational burden with CrowdStrike § Just one agent – really! § No more daily signature updates § Smaller footprint 15MB on disk 10MB in memory § No reboots § No on premise hardware § SaaS scalability
  • 16. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. ALWAYS OUT OF DATE Outpace the attacker with CrowdStrike § No need to develop AV signatures § Machine learning and IOAs are more persistent protection mechanisms § CrowdStrike only requires 15MB on disk § 70MB-150MB typical for AV signatures § Some ML models balloon to 300MB § Single-sensor design eliminates dependency issues § SaaS delivery ensures real-time updates when necessary
  • 17. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. EXAMPLE 3 Month Old Machine Learning Model Immediately Blocks Shamoon 2 § ML model delivered to VirusTotal on Aug 25th § Blocked Shamoon 2 on its first appearance in VT on Nov 22nd § Same ML technology is now built into every Falcon sensor Source: https://goo.gl/nK0VmO
  • 18. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. BLIND SPOTS Eliminate dwell time with CrowdStrike § AV can only see what it stops § No prevention solution can be 100% effective, not even next-gen solutions § Average dwell time still near 200 days § Go beyond malware to detect and block modern attacker techniques § CrowdStrike’s EDR offers automatic detections, eliminating the need for manual search § CrowdStrike’s Overwatch delivers proactive threat hunting in your environment, 24x7x365
  • 19. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NO MORE BLIND SPOTS 100% Exploit Detection in AV-Comparatives Test 90 63 100 57 86 90 63 70 28 82 0 20 40 60 80 100 Symantec* Cylance* CrowdStrike SentinelOne Palo Alto Blocked Detected Source: AV-Comparatives § CrowdStrike is only product with 100% detection efficacy § All other solutions suffered from silent failure § In reality, this leads to long dwell times
  • 20. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. NO MORE BLIND SPOTS 100% Exploit Detection in AV-Comparatives Test 90 63 100 57 86 90 63 70 28 82 0 20 40 60 80 100 Symantec* Cylance* CrowdStrike SentinelOne Palo Alto Blocked Detected Source: AV-Comparatives § CrowdStrike is only product with 100% detection efficacy § All other solutions suffered from silent failure § In reality, this leads to long dwell times
  • 21. 2015 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE
  • 22. 2015 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE
  • 23. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Privilege Escalation from Command Line EXAMPLE • AV signatures, IOCs and Application Control are ineffective against this kind of threat • Even machine learning can’t stop this because it is a trusted executable • Would you know how to search for this? • Even if you knew how, do you have the bandwidth to search? • CrowdStrike IOAs operate in real time and automate the detection process so that you don’t have to search
  • 24. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. THINGS TO LOOK OUT FOR If you’re not 100% effective at prevention, then you need strong detection Even some next-gen players have bloated endpoint agents Unverified efficacy claims “Bake in” periods are like HIPS all over again Telemetry without intelligence is worthless Over-emphasis on malware and/or forgetting the rest of the kill chain
  • 25. Vendor Member Committed to Standards Contribute Leadership 98.2% Malware Block Rate 100% Exploit Detection 0 False Positives First Pure ML Engine Open to Public Scrutiny Contribute to Community COMPLIANCE
  • 26. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. INDUSTRY VALIDATION
  • 27. Largest global companies by revenue Largest global banks by revenue Top Credit card payment processors Top oil and gas companies 3 OF THE 102OF THE 45OF THE 103OF THE 10 CrowdStrike Falcon Deployed in 170 Countries BACKED BY ELITE INVESTORS:
  • 28. 2017 CROWDSTRIKE, INC. ALL RIGHTS RESERVED. Questions? Please submit all questions in the Q&A chat right below the presentation slides Contact Us Additional Information Request 1:1 Demo crowdstrike.com/request-a-demo Upcoming CrowdCast Topic Ransomware Website: crowdstrike.com Email: info@crowdstrike.com Number: 1.888.512.8902 (US)