CrowdStrike Falcon Discover
IT Hygiene to Prepare & Prevent
Falcon Discover: IT Hygiene to Prepare & Prevent
Falcon Discover allows you to quickly identify and eliminate malicious or noncompliant activity by providing unmatched real-time visibility into the devices, users and applications in your network.
See Who, What, & Where Entities Are Accessed Within Your Organization
Falcon Discover, CrowdStrike’s IT hygiene solution offers central visibility and entity inventory around applications, assets and accounts spread across your enterprise. Security operations teams use Falcon Discover to efficiently manage and maintain their organizations environments to ensure the health of their systems and to maintain a defensible security posture. Organizations should actively manage and implement security processes that allow them to efficiently see across a broad range of entities - and target those entities that reflect suspicious behavior or activity for managed and unmanaged assets.
Since Falcon Discover1 sits within the Falcon platform, it is easy and efficient to cross reference suspicious data and to connect with broader SecOps for context around vulnerabilities and other incidents. Discover leverages the same lightweight agent architecture used for the Falcon platform.
Key Benefits of Choosing Falcon Discover
UNLIMITED VISIBILITY
Monitor everything from one convenient, powerful dashboard, and quickly dive in to explore applications, accounts and assets using real-time and historical data.
IMMEDIATE DATA TO REPEL ATTACKS
Get contextual information for all of your systems instantly, utilizing dashboards, graphs, charts and search functionality to drill down into supporting data.
ZERO IMPACT ON PERFORMANCE
Leverage the single lightweight CrowdStrike Falcon agent to keep your systems and users free to do their jobs.
Application Inventory
- Understand all applications running in your environment, and search to see versions, hosts and users
- Pinpoint unprotected and unmanaged applications that may pose a risk
- Manage non-compliance and license costs by tracking application usage
- Identify potentially suspicious apps in your network
Asset Management
- Explore detailed inventory of managed and rogue systems, and see which assets could easily be covered by the Falcon agent
- Gain clarity via BitLocker to see which hosts are encrypted
- Monitor asset inventory to help achieve, maintain and prove compliance requirements
Account Monitoring
- See who’s on your network at all times
- Track use of administrator credentials to detect if they’re being used inappropriately
- Monitor log-on time trends and session length to identify unusual behavior
- Assess password update timelines to improve security and compliance
Key Capabilities
Gain central visibility across applications, assets, & accounts
Falcon Discover offers central visibility into what and how assets are being used, monitoring accounts, and tracking application installations. This IT hygiene solution allows your team to quickly see and review via dashboards that target in on:
Assets:
- See assets within your environment that have been added or removed
- Use Falcon Discover to locate new assets to install the Falcon sensor
- Review drive encryption status
- Track resource usage for your organization’s systems over time
- Manage and track all assets across different CIDS
Accounts:
- Monitor what accounts are being used
- Track to see if domain or local credentials are accessed
- Monitor passwords changes
Applications:
- Track installed applications
- See what assets are being used for applications and how they are being utilized
Track entity inventory across environments in real time
A critical part of IT hygiene is establishing and maintaining security controls for all of your organization’s entities within an environment. Falcon Discover offers greater convenience and visibility for security teams to track inventory across all major entity types, applications, asset and accounts - in real-time. With this real-time data, teams can maintain:
- Up-to-date Inventory - track what hosts are using what applications, accounts and assets at any given time.
- Unmanaged/Unauthorised applications - See what applications could be vulnerable to an attack, and which devices are running outdated or unauthorised software.
- Unmanaged/Unsupported assets - See data about each asset type within hosts, and target which assets are not being monitored.
- Track software usage - across your entire organization.
- Consolidate on costs - by pinpointing on underutilized application licenses
Utilize robust dashboards and reporting for faster response
Security operations staff often have only a limited number of hours each week to monitor all the hundreds of thousands of entities that exist within an organization's environment. Even if your team only focuses on those entities that indicate a vulnerable opening, or potential abuse of an account - monitoring can quickly eat up all resources and time available. Since Falcon Discover offers data in real-time and a robust set of reporting capabilities, your staff can enjoy the immediate benefits of accurate reporting that is fully automated. Use Falcon Discover to:
- Create specialized permissioned roles for broader IT teams.
- Use dashboards for specific data targeting assets, applications and accounts in your organization.
- Create and save filters that include or exclude relevant information.
- Build and save dashboards for later access.
- Organize data to display table columns relevant to your monitoring needs.
- Sort data for export to highlight what’s most important for stakeholders.
- Use the BIOS Prevalence dashboard to gain visibility into which hosts need investigation.
Documentation:
Download the CrowdStrike Falcon Discover Datasheet (.PDF)