CrowdStrike
Stop breaches, drive business
Prepare
CrowdStrike Services helps you prepare and train to defend your organization against sophisticated threat actors using real-life simulation exercises.
Service offerings
- Tabletop Exercise - Leveraging the Service team’s experience, CrowdStrike will guide your organization – both executive and technical participants – through a targeted attack scenario in the Tabletop Exercise. This discussion-based exercise simulates a targeted attack in a time-compressed fashion, but without the risk and time required for a full adversary emulation.
- Adversary Emulation Exercise - Adversary Emulation is the most realistic way to gauge your organization’s readiness and ability to defend against a targeted attack. During this simulated attack, the Services team takes a step-by-step approach that follows the attack kill chain, mimicking tactics, techniques and procedures (TTPs) used by real-world adversaries as they try to gain access to your network.
- Red Team / Blue Team Exercise - Too often, an organization is compromised and the security team doesn’t see an alert. This could be due to multiple factors such as a lack of skilled people, inadequate processes, or misconfigured technology. By conducting a CrowdStrike Services Red Team / Blue Team Exercise, organizations can identify the gaps in their security postures that limit their ability to detect malicious activity.
- Penetration Testing Services - Penetration Testing, or Pen Testing, is the simulation of real-world attacks in order to test your organization’s detection and response capabilities. The purpose of Pen Testing is not just to identify your environment’s vulnerabilities, but also to test your people and processes against likely threats to your organization. Knowing which adversaries are more likely to target you allows pen testers to mimic the exact TTPs of those specific adversaries — giving your organization a much more realistic picture of how a breach might occur.
Respond
CrowdStrike Services help you stop breaches, investigate incidents, and recover from attacks with speed and surgical precision.
Service offerings
- Incident Response - The CrowdStrike® Incident Response (IR) team works collaboratively with organizations to handle critical security incidents and forensic investigations, resolve immediate issues and implement a long-term solution to stop recurrences. The CrowdStrike team is laser-focused on getting organizations back to business faster, while at the same time, drastically reducing the financial impact of an incident. This is accomplished by leveraging the unique CrowdStrike Falcon® cloud-native platform to identify attackers and effectively eject them from your environment. This methodology and approach cover all aspects of an incident, including providing a thorough technical investigation and ensuring containment, recovery and reporting.
- Compromise Assessment - CrowdStrike Compromise Assessment is specifically designed to identify current and past attacker activity in your environment. The Services team brings years of experience in hunting and responding to the most sophisticated intrusions by the most advanced attackers around the world. The team leverages the CrowdStrike Falcon® platform along with unmatched cyber threat intelligence and 24/7 threat hunting.
- Endpoint Recovery - CrowdStrike’s Endpoint Recovery Services uses the Real Time Response features of the Falcon platform to gain access to compromised endpoints to kill malicious processes, delete infected files and run recovery scripts from remote locations all with minimal disruption to your users and zero downtime for your business.
- Network Security Monitoring - CrowdStrike Network Security Monitoring utilizes both the expertise of CrowdStrike Services threat hunters and a network appliance that detects threats present in an environment. It’s easy to provision, install and use, and provides the necessary visibility to prevent new attacks. Additionally, it detects unmanaged devices and services in your environment without the burden of having to manage another agent on your endpoints.
Fortify
CrowdStrike Services help you enhance your cybersecurity practices and controls with actionable recommendations to fortify your cybersecurity posture.
Services offerings
- Cybersecurity Maturity Assessment - CrowdStrike Services experts understand that being “compliant” doesn’t mean you’re secure. Rather than focusing solely on compliance, the Services team evaluates your organization’s maturity level through an acute lens tempered by years of experience in responding to threats. This allows the team to assess your organization’s cybersecurity maturity to its ability to prevent, detect and respond to the most advanced adversaries.
- Cloud Security Assessment - With cloud security threats on the rise, organizations continue to struggle with securing their cloud environments. The CrowdStrike Cloud Security Assessment combines forensic analysis and penetration testing of your cloud infrastructure to determine if you have implemented the appropriate levels of security and governance needed to counter inherent security challenges.
- Active Directory Security Assessment - This unique offering is designed to review Active Directory (AD) configuration and policy settings to assess security configuration issues that attackers can leverage. The assessment involves documentation review, discussions with your staff, execution of proprietary tools and manual review of your AD configuration and settings.
- SOC Assessment - The sheer volume of security events, incidents and false positives means security operations teams are already over-extended and unable to afford the time to review their security posture. A CrowdStrike SOC Assessment helps enhance the maturity level of your Security Operations Center (SOC), and identify and prioritize areas for improvement.
- Technical Risk Assessment Proactively discover vulnerabilities and safeguard your network before a breach occurs. A CrowdStrike IT Hygiene Assessment provides improved visibility into applications, accessibility and account management within your network that delivers comprehensive context around network traffic and security gaps. Identifying vulnerabilities and missing patches enables you to proactively discover and safeguard your network before a breach occurs.
- Security Program in Depth - Security trends, technologies and processes are continuously evolving, and organizations face the challenge of keeping pace with the latest threats from sophisticated adversaries. CrowdStrike’s Security Program in Depth takes a holistic deep dive into your cybersecurity processes, tools and resources to determine the maturity of your information security program.
- Cybersecurity Enhancement Program - Develop and implement a cybersecurity enhancement program after a breach has occurred to close security gaps and prevent further breaches. CrowdStrike’s Cybersecurity Enhancement Program is for organizations that recently experienced a breach and require assistance in developing a strategic cybersecurity improvement plan to prevent another breach from occurring.