CrowdStrike stock surged 5.5% in morning trading as CrowdStrike Falcon FileVantage empowered teams to pinpoint potential adversary activity through central visibility and scalable file integrity monitoring.
CrowdStrike Inc. today announced Falcon FileVantage, a new file integrity monitoring solution that streamlines the security stack and offers full visibility on critical file, folder and registry changes. Falcon FileVantage monitors all critical files and systems through modernized workflow policies, adding valuable context through detection data and threat intelligence via the Falcon console.
Demands from regulatory authorities require* organizations to monitor changes to critical files, folders and registries, often overwhelming security and IT operations staff with alerts and notifications. This can make it difficult, if not impossible to sort through which file might demonstrate risky behavior, potentially leading to a security issue.
"When you consider scaling the simple acts of monitoring change, move or deletion of every crown jewel file in an organization, security and IT operations staff are under a lot of pressure," said Amol Kulkarni, chief product and engineering officer at CrowdStrike. "With so much going on, missing a potentially compromised file is a real risk, and that’s where Falcon FileVantage adds value to the team and security of an organization. With a simplified security stack, comprehensive monitoring capabilities and rich threat context, Falcon FileVantage is a valuable, scalable solution that dramatically improves visibility, enabling teams to respond quickly to the threats that matter."
With Falcon FileVantage, security and IT operations teams are offered summary and detailed dashboard views to immediately identify any changes occurring within an organization’s valuable files and systems. Security teams gain the ability to pinpoint adversary activity within their environment and can quickly prioritize remediation efforts. With custom and preset policies and group features, alert fatigue is managed, enabling teams to zero in on risky real-time changes.
Additional capabilities of Falcon FileVantage include:
- Central Visibility- Bringing transparency to all critical file changes - offering relevant, intuitive dashboards displaying information on registry setting, what files/folders have been created or changed, and who was accessing those files/folders.
- Insight from Threat Intelligence Context- Unlike other FIM solutions, Falcon FileVantage allows even greater visibility and context through added threat intelligence and detection data via the Falcon console.
- Increased Efficiency- Enables security teams to quickly identify which files are relevant for monitoring, prioritize action based on other activities surrounding a host and reduce alert fatigue by enabling or disabling groups.
- Solution Consolidation- Allows staff to streamline and consolidate solutions, relying on CrowdStrike’s single lightweight agent to provide live and continuous data without the need for multiple tools.
*Fulfilling compliance requirements for: PCI DSS, Sarbanes-Oxley (SOX), Federal Security Management Act (FISMA), National Institute of Standards and Technology (NIST), and others.