![]() ![]() ![]() "Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. This has been a huge return on investment." "The most valuable features of CrowdStrike Falcon are the AI in detecting and real-time detections." The solution deals with threats automatically, that's the advantage." "The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. Pretty much no other tool can do all that." "All the features are beneficial." "The CS falcon agent is a lightweight agent compared with other agents of EDR products." "I like the Overwatch feature the most." "As an EDR tool, we can integrate log management and event management. I can remove files from the endpoint, drop files on the endpoint, stop processes, reboot it, run custom scripts, and deploy software. The fact that I can connect to an endpoint as long as it is on the Internet, no matter where it is globally. "CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow." "Probably the most valuable thing to me is the real-time response piece. It allows for research into a threat, and you can chart your progress on how you're resolving it." "The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices." It should protect all kinds of things that might happen on the servers, things that I cannot see." "It is extensive in terms of providing visibility and insights into threats. We can use two-factor authentication with another platform, and we can authenticate with two-factor." "I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. We're able to dig in and really understand how things came to be and where to focus our efforts." "The VPN is most valuable. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "Device Trajectory is one of the most valuable features. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful." "It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. We had Umbrella in place and we were using Anåonnect as well as Firepower. "The integration with other Cisco products seemed to be really effective. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |