CTO Mike Sentonas: CrowdStrike Falcon Platform Tour

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

the falcon platform is at the core of everything we do to build a highly capable scalable and always on security platform that stops breaches you need to follow the following core rules you need the right data you need somewhere to put the data you need an endpoint that leverages that data and finally and often overlooked you need the human expertise to power it all i'm going to walk you through how crowdstrike solves this because it's one of the biggest reasons our customers trust us for their most sensitive workloads what makes us different is how our systems work together the endpoint agent the cloud and the threat graph building a massive repository of data that keeps getting richer as our customers use it the more work we do the better and stronger the system inherently gets let's talk about the cloud native platform but first what does it mean to be cloud native on-premise no hybrid no you can't be cloud native and offer an on-premise or a hybrid version of your solution cloud native means built in the cloud for the cloud cloud native means it works out of the box and that's critical cloud native means the solution scales whether you have one workload or a million workloads we offer one platform for all workloads the cloud is the standard the world is running on right now but now that the basics are covered about what makes the architecture let me present the falcon platform a flexible comprehensive security platform that gives you the power to build the strategic framework that fits your business best firstly we anchor the falcon platform around endpoint security we combine endpoint protection leveraging cloud scale ai with deep link analytics to deliver best-in-class endpoint detection and response next-gen av device control and firewall management next in the platform is cloud security with uniquely placed offerings for cloud workload protection cloud discovery and cloud security posture management next falcon delivers security and it operation capabilities including it hygiene and vulnerability management and i believe a unique differentiator are the managed services that we offer our managed services portfolio includes managed endpoint protection and managed threat hunting and finally it's all enriched by world-class threat intelligence which includes malware searching sandbox analysis that's fully integrated and automated delivering deep context and predictive capability now let's talk about the next innovation our unique lightweight agent that requires no reboot to install and to operate our core focus is to protect every one of our customers and every workload they use every desktop every server every mobile and iot device data center container or cloud environment no matter the type of device where it may be home in the office whether it's virtual our focus is to protect every workload regardless as to whether your workloads are on premise remote and off premise online or offline as well as cloud container or hybrid deployed you need the best visibility to be the best at detection you need the best visibility to be the best at prevention and our heritage comes from providing the best visibility the best detection and the best platform belt built for security response we built a smart agent that processes data and makes decisions on the endpoint as well as in the cloud this brings not only highly accurate real-time prevention and detection but also intelligent filtering that determines which data should be made available to the analysts and under what conditions this design is essential to assist with incident prioritization and to reduce alert fatigue whilst providing the privacy and compliance that organizations demand and require our lightweight agent is fully autonomous can prevent without a cloud connection with artificial intelligence and machine learning to detect and prevent known and unknown malware using on sensor and in the cloud capabilities we pioneered behaviour-based indicators of attack what we call ioas to prevent sophisticated fireless and malware-free attacks we also combined exploit blocking to stop the execution and spread of threats via unpatched vulnerabilities and we integrated threat intelligence for the prevention and blocking of activities known to be malicious the final innovation i want to take you through and cover is the threat graph today the threat graph ingests indexes and analyzes over 4 trillion events every week from the vast array of crowdstrike protected endpoints and workloads to identify sophisticated threats the cloud is where we can store larger data size we can do heavier computations this includes the endpoint agent not having to do extra work locally if we have cloud data that's already available the cloud vantage point allows us to combine data from multiple endpoints as well as using various cloud and ai and machine learning models that can work together over larger data sets than they could on the sensor itself this leverages the benefits of more storage more diversity of data from various sources and more compute power we have on sensor ml but we have multiple ai and ml models in the cloud that are focused on various file types across different operating systems as well as behavioral models that leverage the endpoint event data which is a huge benefit to the users of the platform cloud techniques can be more rapidly deployed with minimal risk to the end user allowing new detection and prevention models to be deployed very very quickly and at crowdstrike we've used this approach since the initial design of the falcon platform but technology is only one part of the solution firstly is falcon overwatch a team of dedicated proactive threat hunters that work on your behalf as one of our managed service offerings they constantly search the entire threat graph to proactively hunt for the most sophisticated threats in your environment 24 by 7 365 days a year we work as an extension of your team to find stealthy threats and targeted attacks next is falcon complete you manage the solution or you can leave it all to us our experts can provide a turnkey experience either via our falcon complete team or through our valued managed service partners we can do the deployment the management the monitoring and provide the industry's first and only remote remediation service and finally let's talk about partnering with the best to bring you the best i believe that we are the experts in our domain and we want to work with other experts in this and integrate their solutions onto our platform you benefit from an integrated platform that allows you to focus on what's important keeping your organization safe whilst we work on the integration the crowdstrike store ecosystem continues to grow from patching to application segmentation xdr through to whitelisting and xero trust we will continue to innovate to bring you leading solutions that work together and you're going to hear a whole lot more about this during the conference at this point i'd love to say but wait there's more and the reality is there's a whole lot more but i'm going to pause and leave it to my colleague and the best chief product officer there is amol kulkarni to take you through the amazing innovation

Info

Channel: CrowdStrike

Views: 5,223

Rating: 4.609756 out of 5

Keywords: CrowdStrike, cyber security, cybersecurity, cyber intrusion, endpoint protection, endpoint security, Fal.Con 2020, Michael Sentonas, Falcon Platform Tour

Id: WmLU29pFdxw

Channel Id: undefined

Length: 8min 37sec (517 seconds)

Published: Mon Nov 30 2020