Company announces Falcon Forensics on GovCloud; delivers enhanced visibility and automated analysis of attacker activity to dramatically reduce incident response time
India - September 16, 2021 – CrowdStrike Inc., a leader in cloud-delivered endpoint and workload protection, today announced the availability and FedRAMP authorization of CrowdStrike Falcon Forensics. Hosted within GovCloud, Falcon Forensics speeds the response time and remediation of critical security incidents for agencies by providing increased visibility and automated analysis of attacker activity.
In today’s modern threat landscape, speed of response is crucial to help agencies prevent security incidents from turning into breaches. According to President Biden’s recent Executive Order (EO) on improving the nation's cybersecurity, agencies are mandated to modernize IT infrastructure through cloud adoption, embrace Zero Trust architectures, implement critical security controls like endpoint detection and response (EDR) and vulnerability management, and increase threat hunting to increase the effectiveness of incident response.
Falcon Forensics for GovCloud helps to address these issues, ultimately increasing cyber resiliency among agencies by providing:
- Deep-level forensic triage data provided for robust analysis around the cybersecurity incident
- Convenient collection of the historical forensic artifacts needed to bring visibility into the full threat context without additional queries
- Automated analysis of attacker activity to help customers hunt through impacted environments at-scale and rapidly return to normal operations
“Government agencies have historically struggled with disparate tools and manual, time-consuming efforts when collecting and consolidating forensic data, often delaying their ability to provide the critical analysis needed to get ahead of fast-moving threats,” said Thomas Etheridge, senior vice president of CrowdStrike Services. “Falcon Forensics for GovCloud simplifies threat hunting and forensic triage analysis, capturing the right forensic artifacts at-scale and presenting them in an easy-to-consume interface allowing agencies to make decisions faster and more confidently as they improve their cyber posture.”
Falcon Forensics for GovCloud provides incident responders with the ability to investigate security incidents faster and with granular detail, offering in-depth data analysis through convenient pre-packaged dashboards to help identify adversaries’ past activity in the environment. Through the cloud-native architecture of CrowdStrike Falcon®, Falcon Forensics for GovCloud is deployed remotely and at scale to minimize business interruptions.
Recently, CrowdStrike introduced Falcon Complete for GovCloud to government agencies, helping them to autonomously protect themselves against sophisticated threats via cloud-native managed detection and response (MDR). CrowdStrike continues its trajectory as a leading innovator in the government space, empowering agencies to adopt cloud-native technologies to better secure the nation’s critical data.
For more on CrowdStrike’s public sector offerings, please visit our website.
This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding benefits of the CrowdStrike Falcon platform. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release.
You should not rely on these forward-looking statements, as actual outcomes and results may differ materially from those anticipated or implied by these forward-looking statements as a result of such risks and uncertainties. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.
CrowdStrike, a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates approximately 1 trillion endpoint-related events per day in real time from across the globe, fueling one of the world’s most advanced data platforms for security.