Falcon for Mobile monitors corporate apps (and non-corporate apps if the device is supervised) to provide visibility into malicious or unwanted activity in business-critical mobile apps.
On iOS, network traffic generated by the monitored app is made visible, exposing potential phishing attempts, leaky apps and insider threats. Falcon for Mobile also detects jailbroken and out-of-date devices and will reveal potentially high-risk Wi-Fi and Bluetooth connections.
On Android, the flexible modular app architecture of Falcon for Mobile enables administrators to set the level of monitoring using configuration policies. The baseline setting enables visibility into device health, root detection, malicious app monitoring via Google SafetyNet, and the detection of blocklisted hashes identified by CrowdStrike Intelligence. In addition, administrators can activate the network visibility setting to enable network traffic monitoring for all installed Android apps.
Finally, CrowdStrike’s exclusive app containerization setting provides enhanced monitoring of enterprise apps to further protect sensitive corporate data and intellectual property. Each app shielded by CrowdStrike provides telemetry on network activity, user activity and operating system events. This visibility enables threat hunters to detect phishing attempts, leaky apps, insider threats, and risky device connections and configurations. Falcon for Mobile also provides dedicated data storage (which can be remotely wiped) for each monitored app to protect against malicious access.