CrowdStrike Falcon Overwatch
Managed Threat Hunting
Providing an additional layer of oversight and analysis to ensure that threats don’t get missed and ultimately to prevent the mega breach. This service is comprised of an elite team of security experts who proactively hunt, investigate and advise on threat activity in your environment.
Stop Incidents Before They Turn Into Breaches
Falcon OverWatch is a managed threat hunting service built on the CrowdStrike Falcon platform to ensure that threats don’t get missed and ultimately, to prevent a mega breach. This service is comprised of an elite team of security experts who proactively hunt, investigate and advise on threat activity in your environment. When they find a threat, they work alongside your team to triage, investigate and remediate the incident, before it has the chance to become a full-blown breach.
A Managed Threat Hunting Service Like No Other
Built on the Falcon Platform
- Processes more than 2 trillion events per week
- Seamlessly integrates with the powerful Falcon platform
24x7 Operational Readiness
- Identifies and stops more than 30,000 breach attempts per year
- Employs expertise gained from daily “hand-to-hand combat” with sophisticated adversaries
- Poised to take action on your behalf, within seconds, if required
Power of the Crowd
- Identifies new threats in any environment and immediately shares the protection across the global CrowdStrike community
- Hunts ceaselessly across all industry verticals and geographies
There are two levels of Falcon OverWatch, each one building on the previous level, allowing your organization to choose the option that best fits your requirements and resources.
Provides 24/7 managed threat hunting and email notification from the Falcon OverWatch team within moments of a detection
The highest level of Falcon OverWatch service, it includes all Standard offerings, plus escalated notification of alerts to the appropriate contacts, access to an OverWatch threat response analyst and proactive services such as health checks, proactive configuration, quarterly briefings and security recommendations
Choose the level that best fits your needs and business requirements
|24/7 Threat Hunting|
|Closed Loop Communication|
|Prevention Health Checks|
|Quarterly Briefings and Security Recommendations|
|Access to Overwatch Threat Response Analyst|
Protection For All Organizations
- For Organizations with a Dedicated Security Operations Center:
Reduce alert fatigue and eliminate false negatives and false positives when hunting for threats.
- For Organizations with a Smaller Security Team:
Implement proactive threat hunting and enjoy the highest level of protection at a fraction of the cost and effort.
- For All Organizations:
Take your security operations to the next level by partnering with Falcon OverWatch to gain clarity on attacks and guidance on how to eliminate threats quickly and prevent breaches.
Key Product Capabilities
World-Class Security Experts by Your Side Around the Clock
- Instantly multiply your security capabilities: Falcon OverWatch is a team of dedicated, proactive threat hunters working for you 24/7, augmenting the detection and protection offered by your current security team and security solutions.
- Expert advice when you need it most: OverWatch provides actionable alerts with remediation recommendations. The alerts are individually crafted to provide the detailed analysis you need to understand how to respond, allowing you to implement mitigation steps immediately, considerably reducing time to resolution.
- Get an edge on attackers: Benefit from having elite security experts by your side, not just technology, to outmatch sophisticated human attackers and insider threats.
Instantaneously Enjoy the Value of Next-Generation Protection
- Save time, effort and money: OverWatch leverages cloud-native Falcon InsightTM and the CrowdStrike Falcon platform, which do not require any on-premises management infrastructure, to provide a turnkey endpoint security solution at a fraction of the cost of a fully staffed on-premises SOC.
- Immediately operational: It provides managed threat hunting from the get-go. Falcon OverWatch hits the ground running, monitoring and recording immediately upon installation without requiring reboots, fine-tuning, baselining or complex configuration.
- Zero impact on the endpoint: CrowdStrike Falcon requires only a 20MB footprint on the endpoint from initial installation to ongoing day-to-day use. In addition, searches take place in the Falcon Threat Graph database and do not impact endpoints or the network.
Download the CrowdStrike Falcon Overwatch Datasheet (.PDF)