CrowdStrike Falcon Discover
Network Security Monitoring & IT Hygien
Get real-time visibility into who and what is in your network. Instantly get an accurate inventory of the systems in your environment, of the software they are running and of how user accounts are being utilized.
Enabling IT Hygiene
You need to be prepared to face any and all attacks — but you can't fix what you can't see. Organizations need the complete visibility provided by Falcon Discover, a security hygiene solution that allows you to identify unauthorized systems and applications in real time across your environment, and remediate issues quickly to improve your overall security posture.
Falcon Discover is powered by the Falcon agent and the CrowdStrike cloud to deliver visibility without affecting endpoint performance.
- Gain real-time and historical visibility into your assets and applications
- Be better prepared to face threats
- Identify rogue computers instantly
- Find unprotected systems
- Find out what applications your users are truly using
- See where privileged accounts are being accessed
Real-Time Visibility and Inventory
For IT and Security teams who need to identify and track computers and applications on their network, Falcon DiscoverTM is the CrowdStrikeTM IT hygiene solution. Falcon Discover monitors and inventories systems, application usage and user account usage in real time.
- See who is on your network at all times — The real-time system inventory gives you a view of all managed and unmanaged devices in the environment in a simple dashboard with drill-down options.
- Find out what applications your users are running — The real-time application inventory provides a view of all applications running in the environment via a simple dashboard with drill-down options. You can see what apps are CURRENTLY running on which hosts without impacting the endpoint. You can also determine when the application was originally launched and pivot to other endpoints running the same app to gain more context, finding usage per application or by host.
- See where and how user accounts are being accessed across your environment – Account monitoring provides visibility into the use of administrator credentials and password resets across the enterprise. Falcon Discover provides insight into logon trends (activities/duration) where credentials are being used, and password update information.
What if you could find answers to important, but hard question
What endpoints - physical, virtual and EC2 instances - are on my network?
Where are administrator credentials being used in my network?
What applications are my users running?
Which ones are mine and which ones are "rogue"?
Bring answers to your IT hygiene questions
See what apps are CURRENTLY running on which hosts – without impacting your endpoints. Determine when each application was originally launched, and pivot to other endpoints currently running the same app to gain more context. Find usage per application or by host.
Gain visibility into the use of administrator credentials across your enterprise and spot if they are being used inappropriately or out of context.
Identify Rogue Systems
Eliminate unprotected and unmanaged systems — a weak link that can create a bridge for adversaries to penetrate your network. Identify rogue systems to assess and remediate that vulnerability.
Reduce Licensing Costs
Real-time application inventory helps eliminate costly licensing fees by potentially identifying unused applications while satisfying your organization’s operational needs.
Bringing answers to your IT hygiene questions
Falcon Discover provides immediate insight into your endpoint environment via the Falcon Management Console. View real-time and historical application and asset inventory information, and ensure admin and user account compliance.
Use Case #1
Application Security Hygiene
Instantly identify outdated software, as well as the systems running these applications. Drill down to the specific processes executed by these applications and take a proactive approach to maintaining your network’s security hygiene.
Use Case #2
Password Policy Enforcement
Account monitoring empowers you to keep passwords up-to-date and ensure that your password policies are enforced.
Use Case #3
Administrator Account Usage Monitoring
Falcon Discover enables you to view all administrator accounts and their activity to determine potentially malicious admin activity.
Use Case #4
EC2 Visibility & Management
Provides detailed visibility over EC2 instances, highlighting instances that do not have the Falcon sensor installed. For Falcon-enabled EC2 instances, rich AWS-specific context is presented, enabling timely, effective triage and response for security events.
Key Product Capabilities
Be Ready to Face Threats
- Strengthen your security posture proactively: Falcon Discover allows you to identify what is being utilized so you can ensure your best possible readiness to face attacks. By reporting unauthorized systems and applications in your environment, Falcon Discover enables you to improve your security posture by addressing security issues ahead of attacks.
- Detect unwanted and vulnerable applications: Detect whether unpatched or vulnerable applications are being used, so you can patch them before an attacker can take advantage.
- Remediate unprotected and rogue systems: The system inventory allows you to find and remediate unmanaged systems and also address systems that could be a risk on your network, such as unprotected BYOD or third-party systems.
- Mitigate abuse of privileged accounts: Monitor the usage and creation of administrator credentials across your enterprise and detect if they are being used inappropriately and out of context.
Go Beyond Security
- Reduce licensing costs: The real-time application inventory tells you how often and how long users run an application, enabling you to reconcile license costs with real needs.
- Satisfy compliance requirements: By fully automating the visibility and inventory required to ensure some compliance requirements, Falcon Discover helps you achieve, maintain and prove compliance obligations.
Enjoy Immediate Time-to-Value
- Save time, effort and money: Cloud-based Falcon Discover is delivered by the CrowdStrike FalconTM Platform and does not require any onpremises management infrastructure.
- Immediately operational: Falcon Discover can be deployed in hours and hits the ground running, monitoring and recording immediately upon installation without requiring reboots, query writing, baselining or complex configuration.
- Zero impact on performance: Inventory searches take place in the cloud and have zero impact on endpoints and the network.
Download the CrowdStrike Falcon Discover Datasheet (.PDF)