CrowdStrike Falcon® Intelligence Recon: Mitigating Digital Risk on the Deep, Dark Web and Beyond

Organizations face a myriad of risks brought about by the digital transformation of their business. These risks include digital fraud, data theft exposure, social media impersonations and phishing attempts within social media and the hidden areas of the open, deep and dark web. These restricted areas of the internet act as virtual watering holes where adversaries congregate and underground digital economies thrive. CrowdStrike has recognized this risk and developed a new solution to address it:

 

CrowdStrike
CrowdStrike Falcon® Intelligence Recon™, created to expose the criminal underground and enable organizations to better protect their brand, employees and sensitive data. CrowdStrike Falcon® Intelligence Recon helps our customers more fully understand their digital presence by providing:
  • Brand Protection: Monitoring of fraudulent interactions associated with the customer’s brand including fake social media sites and phishing sites
  • Executive Protection: Monitoring of threats to ensure the safety of VIPs and executives, including the identification of fake accounts and impersonations
  • Data Leak Discovery: Detection of compromised credentials, sensitive documents, IP or customer data across the open, deep and dark web
  • Supply Chain: Monitoring of fraud, impersonation and fraudulent interactions of partners with the customer’s supply chain
  • Tools and Infrastructure: Identification of tools, malware and CVEs that are discussed or for sale on criminal forums and markets
Detecting, monitoring and mitigating digital risks is a challenging undertaking. It requires the technology to mine millions of individual websites, forums and other communication channels and provide near real-time visibility into underground forums and markets. Once the raw intelligence is gathered, finding a relevant threat can be similar to finding a needle in a haystack of potentially billions of individual pages, files and messages. When a threat or potential exposure is detected, speed is critical — and investigation and response workflows must be optimized.
CrowdStrike Falcon® Intelligence Recon Universal Search Results (Click to enlarge)
CrowdStrike Falcon® Intelligence Recon addresses these challenges by continuously scouring the dark recesses of the web and pulling in raw intelligence in as close to real time as possible. Easy-to-use wizards enable users to monitor underground environments without the need for creating complex queries with smart search technology that minimizes false positives and eliminates noise. CrowdStrike Falcon® Intelligence Recon search results are displayed in easy-to-read cards that contain the original threat actor posts and information about the actor and the site, which can be viewed in their original language and can be translated from many other languages using augmented translation and hacker slang dictionaries. To optimize response workflow, users can easily create alerts notifying team members when a threat is found — these alerts can be customized based upon criticality of the threat and can be sent to departments outside of security, such as marketing, legal, human resources and fraud.

 

“This product fuses the best of CrowdStrike’s scalable platform with hundreds of years of accumulated experience from our industry’s leading intelligence team,” said Spencer Parker, Senior Director of Product Management. “We see many of these products become firehoses of useless information, so it was critical for us to prioritize our customer’s requirements and make it as simple as possible to notify and deliver actionable insights and intelligence from the vast data lake of information CrowdStrike Falcon® Intelligence Recon has at its disposal.”

CrowdStrike Falcon® Intelligence Product Suite: Threat Intelligence for Everyone

CrowdStrike Falcon® Intelligence Recon joins CrowdStrike’s comprehensive suite of Threat Intelligence products, and each module can be used separately or together. The product suite includes:

 

  • CROWDSTRIKE FALCON® INTELLIGENCE: Enriches the events and incidents detected by the CrowdStrike Falcon® platform, automating intelligence so security operations teams can make better, faster decisions.

     

  • CrowdStrike Falcon® Intelligence Premium: Delivers world-class intelligence reporting, technical analysis, malware analysis and threat hunting capabilities.

     

    CrowdStrike Falcon® Intelligence Premium enables organizations to build cyber resiliency and more effectively defend against sophisticated nation-state, eCrime and hacktivist adversaries.
  • CrowdStrike Falcon® Intelligence Recon: Provides visibility into the cybercriminal underground so customers can effectively mitigate threats to their brands, employees and sensitive data.

CrowdStrike Falcon® Intelligence Recon Can Immediately Help Your Team

 

As cyberattacks continue to accelerate at an alarming rate, it’s time to fully understand your digital exposure to data leaks, and threats to personnel, facilities or brands. Use CrowdStrike Falcon® Intelligence Recon to provide your team with everything they need to collect, search and respond to threats from the digital underground. For more information about CrowdStrike Falcon® Intelligence Recon, contact your sales representative, or visit the product webpage.

Additional Resources

Breaches Stop Here