Falcon Zero Trust
Falcon Zero Trust
CrowdStrike Falcon® Zero Trust enables frictionless Zero Trust security with real-time threat prevention and IT policy enforcement using identity, behavioral and risk analytics.
BENEFITS
FRICTIONLESS ZERO TRUST FOR WORKFORCE IDENTITIES EVERYWHERE
GAIN VISIBILITY OF WORKFORCE IDENTITIES ACROSS MULTI-DIRECTORY ENVIRONMENTS
Falcon Zero Trust enables unified visibility and control of user access to applications, resources and identity stores, with actionable insights into user behavior and risks, eliminating security blindspots across hybrid environments.
REDUCE THREAT DETECTION & RESPONSE TIMES WITHOUT USING LOGS
Falcon Zero Trust reduces false positives, brings down the mean time to detect and resolve incidents by eliminating the need for complex, error-prone log analysis, and improves SOC analysts’ efficiencies by cutting down alert fatigue.
ENFORCE ZERO TRUST SECURITY WITH ZERO FRICTION
Falcon Zero Trust enforces consistent risk-based policies to automatically block, allow, audit or step up authentication for every identity, at the same time ensuring a frictionless login experience for genuine users.
TECHNICAL FEATURES
HOW DOES FALCON ZERO TRUST HELP?
SEGMENT WORKFORCE IDENTITIES
- Provides continuous multi-directory visibility into the scope and the impact of access privileges for identities across Microsoft Active Directory (AD), Azure AD and cloud single sign-on (SSO) solutions.
- Automatically classifies identities into hybrid (identities that are on on-premises and cloud AD) and cloud-only (identities that reside only on Azure AD).
- Segments accounts into human, service, shared accounts and privileged accounts.
- Provides a customizable attack surface overview with insights into user risk and behavior changes over time, like an increase in account lockouts, high-risk endpoints, compromised passwords, etc.
AUTOMATE THREAT DETECTION AND RESPONSE
- Enables hybrid identity store protection with continuous inspection of live authentication traffic, including encrypted protocols such as LDAP/S.
- Provides continuous assessment of security and incidents around identity threats without requiring the ingestion of logs or complex analysis.
- Uncovers reconnaissance (e.g., LDAP, BloodHound, SharpHound, credential compromise attacks), lateral movement (e.g., RDP, Mimikatz tool, unusual endpoint usage, unusual service logins, etc), and persistence (e.g., Golden Ticket attack) with advanced analytics and patented machine learning technology.
- Speeds up security investigations using intuitive threat hunting, with predefined search criteria, like but not limited to authentication events, unencrypted protocols, user roles, IP reputation and risk scores.
VERIFY IDENTITIES WITH ZERO FRICTION
- Defines and enforces policies in real time, based on authentication patterns, behavior baselines and individual risk scores to verify identities using step-up authentication such as multifactor authentication (.e.g MFA).
- Automatically secures access to identity stores and applications, with improved user experience, by triggering identity verification only when the risk increases or if there’s a deviation from normal behavior.
- Reduces the attack surface by extending MFA to any resource or application, including legacy/proprietary systems and tools — for example, desktops that are not covered by cloud-based MFA solutions, and tools like PowerShell and protocols like RDP over NTLM.
- Automatically resolves security incidents that the user approves using identity verification methods such as 2FA/MFA, without involving security analysts and help desk tickets.
No reviews found