Documente Academic
Documente Profesional
Documente Cultură
NAVIGATING MARKET still fixated on stopping malicious executables rather than seek-
ing out indicators of attack (IOA) that can point to breach activity
CONFUSION
BUT WHAT DOES NEXT-GENERATION ENDPOINT
even when malware is not present.
NEXT-GENERATION
commonly exploited by attackers. Hence, a true next-generation
AV solution needs to block exploits that leverage vulnerabilities,
ANTIVIRUS
providing an additional line of defense.
•W
hether the attacker is trying to hide themselves This architecture, where the heavy lifting is performed in the
and their activities cloud, allows Falcon Host to provide endpoints maximum
protection with negligible impact, keeping the endpoint safe
• I f credentials are being dumped from memory or disk
and running at optimum performance. Only Falcon’s next-
• If privileges are being escalated generation AV capabilities can offer the visibility and the
speed necessary to find and block unknown threats before
• If lateral movement is taking place within the network they cause a breach.
By way of example, let’s look at of how a criminal
would plan and carry out a bank robbery in
the physical world. A smart thief would begin
by "casing" the location. They would perform
• Running an application
Element 2:
• Connecting to a network
• Visiting a website
• Writing a file to disk
ENDPOINT DETECTION This gives the system the power to proactively hunt through
large volumes of data to find malicious patterns of activity that
MANAGED HUNTING endpoint security. Without that, customers have no one but
themselves to watch 24/7 for adversary activity, and no
guidance on how to respond to extremely sophisticated attacks.
Managed hunting pits the brainpower of expert human defense
teams against the ingenuity of determined adversaries.
Enabling the Essential Elements: ThreatGraph™, these massive data stores can be analyzed in
seconds to allow immediate blocking of an attack in progress
THE POWER OF
as IOAs are observed, and to go back and see whether these
activities took place in an organization’s environment at any
previous point in time. The Cloud also enables aggregation of
THE CLOUD
data across environments to fully leverage the knowledge and
intelligence of the crowd.
PROTECTION and PREVENTIO N SOLUTION 1 SOLUTION 2 SO LUTIO N 3 PRODUCT COMPLETENESS SOLUTION 1 SOLUTION 2 S OLUT ION 3
Protects against both known and Provide abilities to handle protection before,
zero-day malware during and after attacks
Protects on line, off line, on premise Installation and updates do not require reboots
and off premise
Fully deployed and operational in days vs.
DETECTION and RESPONSE weeks or months
Operates in Kernel mode for complete visibility No tuning or expert level configuration required
QUESTIONS
6. How long does it take for the product to be fully operational?
endpoint protection solution works, and assess the 13. What additional hardware and software (servers, appliance,
database licenses, components on the endpoints) are required
type of experience you can expect from it. to implement the product? Are they provided as part of the
next generation endpoint protection solution, or is there an
additional cost?
15. What security controls does the solution use to protect itself?
VE R. 0 4 .2 1.16