Falcon for Retail FAQ
The CrowdStrike Falcon® platform is the only cloud-delivered endpoint security solution that unifies IT hygiene, next-generation antivirus (NGAV), endpoint detection and response (EDR), managed threat hunting, threat intelligence, and vulnerability management — all enabled via a single lightweight agent. CrowdStrike Threat Graph™, the brains behind the Falcon platform, processes, correlates and analyzes more than 90 billion events per day providing an unrivaled ability to identify and block previously undetectable attacks whether or not they use malware.
The CrowdStrike Falcon® platform requires zero on-premises equipment and deploys on any endpoint in seconds, with zero reboots or endpoint performance impact. Falcon removes complexity and improves endpoint performance, scaling across your organization’s endpoints — whether on-premises, virtual, or hybrid. The Falcon platform operates on Windows, MacOS, and Linux operating systems.
- Offers comprehensive, integrated endpoint protection — The Falcon platform’s integrated endpoint protection can include NGAV, application control, EDR, vulnerability management, device control, and data protection.
- Assists with cybersecurity regulatory compliance and risk management — Falcon is compliant with key financial regulatory compliance requirements. In addition, CrowdStrike Services proactive offerings help retail organizations prepare for security incidents in advance with detailed security playbooks.
- Protects in any environment — The Falcon solution sits on endpoints regardless of where they are located, so on-premises, virtual, hybrid and cloud endpoints are protected.
CrowdStrike Falcon® blocks known and unknown malware, leveraging machine learning for detection of previously unknown, or zero-day ransomware, along with exploit blocking to stop the execution and spread of ransomware. Indicator of attack (IOA) technology provides behavioral-based prevention that proactively stops attacks before they can be fully implemented. As part of CrowdStrike Services, the Ransomware Advisory offering helps organizations prepare their critical systems to prevent a ransomware attack, and also assists organizations in dealing with a ransomware attack that has already occurred.
Yes, the CrowdStrike Falcon® platform can either replace or complement your existing security tools. The Falcon platform has an extensive API offering that allows you to integrate your existing tools with the CrowdStrike platform. This enables you to leverage your previous investments and design an approach that best meets your requirements.
CrowdStrike recognizes that regulatory compliance is critical for retail organizations. CrowdStrike assists with meeting compliance requirements, ensuring your confidence in the safe, smooth and compliant operation of your organization. CrowdStrike is compliant with several key retail regulatory mandates including:
- PCI DSS v3.2 — The Falcon platform was independently validated for PCI DSS v3.2 compliance by Coalfire, a leading assessor of PCI compliance readiness. This validation is documented in a report that discloses how Falcon meets all elements of requirement No.5: “Protect all systems against malware and regularly update antivirus software or programs.” In addition, CrowdStrike Falcon® provides assistance with meeting four additional PCI requirements.
- NIST SP 800-53 Rev 4 — CrowdStrike Falcon® is a suitable solution for addressing the system protection and monitoring controls identified in NIST SP 800-53 Rev. 4. CrowdStrike Falcon® helps organizations with the implementation of eight separate NIST control families, covering 23 separate controls.
- FFIEC — The CrowdStrike Falcon® platform’s capabilities in detecting and responding to threats, and the associated collection of endpoint activities data, make it a suitable solution for addressing system protection and monitoring controls required for FFIEC compliance. Falcon provides support for achieving five FFIEC objectives, addressing 17 controls within those objectives.
Yes, CrowdStrike’s endpoint EDR solution, Falcon Insight™, lets you see real-time and historical event data on every endpoint in your organization. Insight also flags potentially malicious processes executing in your environment that indicate an attacker may be present. From there, you can immediately contain potential intruders, and elevate an incident to the CrowdStrike Services team, if necessary.
Yes, the EDR and IT hygiene capabilities of CrowdStrike Falcon® give you complete visibility into your endpoint environment, identifying insider threats before they become breaches. The Falcon Insight EDR solution monitors and identifies potentially malicious activities, flagging them for your security staff. Insight enables five-second search and network containment capabilities, so internal and external threats can be addressed in real time. Falcon Discover™, CrowdStrike’s IT hygiene solution, provides real-time visibility into who and what are operating on your network. It enables you to stop misuse by insiders or intruders, allowing you to see which users are operating on specific endpoints within your data environment, as well as revealing detailed administrator account usage and password management details.
As part of the Falcon platform, CrowdStrike’s 24/7 managed hunting service, Falcon OverWatch™, provides a team of highly skilled security experts who proactively hunt for malicious activities and applications within your data environment. You can also get assistance from CrowdStrike Services, a team of experienced security consultants that can increase your organization’s security resiliency with assessments, red team/blue team penetration tests and the development or maturing of your incident response plan. They will ensure that you’re always ready to defend against the next attack.
Yes, gaps exist in knowledge and expertise across many retail organizations. The CrowdStrike falcon platform enhances your security expertise with a 24x7 managed threat hunting service enabled by the powerful, lightweight Falcon agent. This team identifies and stops new and emerging threats to retail organizations, providing total security around the clock. CrowdStrike Services can augment in-house IT staff with experts who have a track record of success in proactive planning using risk assessments. A CrowdStrike compromise assessment will identify if an adversary has already breached your organization’s security defenses and quickly identify and eject the attacker. The cybersecurity maturity assessment examines your organization’s people, processes and tools to identify any gaps in your security apparatus so they can be addressed.
