Building a slide deck, pitch, or presentation? Here are the big takeaways:

  • At RSA, CrowdStrike released new tools for cyberattack recovery, predictive threat detection, and endpoint security.
  • Technologies like machine learning and behavioral analytics could fundamentally change how the enterprise approaches cybersecurity.

On Monday, at the 2018 RSA Conference in San Francisco, cybersecurity firm CrowdStrike unveiled new tools that automate threat analysis, deliver predictive security, and help companies recover from cyberattacks more quickly.

By leveraging contextual data and technologies like machine learning, security advances like those from CrowdStrike could help cyber professionals more effectively protect their organizations and respond to attacks. The cornerstone of this approach is CrowdStrike’s Falcon X.

Built on the existing Falcon platform from Crowdstrike, Falcon X is an endpoint solution that combines “malware sandboxing, malware search and threat intelligence into an integrated solution that can perform comprehensive threat analysis in seconds instead of hours or days,” according to a press release.

SEE: Information security policy (Tech Pro Research)

According to the Falcon X release, the tool offers indicators of compromise (IOCs) for the threat it comes across in your organization, along with all of its known variants. Additionally, integrated threat intelligence makes it easier for human cybersecurity pros to research and defend against threats.

Falcon X is known for five core capabilities: Automated threat analysis of quarantined files, malware search on the CrowdStrike Falcon Search Engine, malware analysis, threat intelligence, and custom-tailored intelligence for your organization, the release said.

CrowdStrike also announced that it was adding real-time response and query features to its Falcon Insight EDR solution. Also built on the Falcon platform, these new capabilities “empower incident responders with immediate access to systems across the distributed enterprise so that they can rapidly investigate incidents, take decisive action to eradicate threats with surgical precision and get back to business quickly,” a press release said.

Once a threat is detected, the Security Operations Center (SOC) team has to first understand it and then mitigate the problem, the release said. These new features help the teams more clearly understand which systems were affected so they can begin remediation.”CrowdStrike Falcon Insight Real Time Response and Real Time Query help customers be more strategic with their incident response efforts, take decisive remediation steps quickly to minimize damage from cyber incidents, while operating with full knowledge of what is happening in their environment,” CrowdStrike CEO George Kurtz said in the second release.

Rounding out CrowdStrike’s RSA announcements was a new endpoint solution called CrowdStrike Falcon Endpoint Protection Complete. The combined power of the new tool and a human team of professionals can handle deployment, configuration, maintenance, monitoring, alerts, and remediation, a press release said.