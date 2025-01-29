CrowdStrike announced that the CrowdStrike Falcon cybersecurity platform achieved 100% detection, 100% protection and 100% accuracy in the 2024 SE Labs Enterprise Advanced Security (EDR) Ransomware Test. The Falcon platform stopped all known and unknown threats with no false positives in the largest real-world ransomware test, earning SE Labs’ AAA Award for Advanced Security EDR Protection for the third consecutive year. SE Labs praised CrowdStrike for “improving its already excellent performance in previous ransomware tests.”

Modern adversaries are more sophisticated than ever, exploiting gaps in traditional security to infiltrate environments, move laterally through internal networks, and deploy ransomware as the final payload. SE Labs’ evaluation simulated real-world attack scenarios from 15 known ransomware families, employing tactics such as using stolen credentials to gain access and moving laterally across systems. The test used 443 ransomware files, with one-third being original samples and two-thirds consisting of new, zero-day variants.

The report stated that “CrowdStrike Falcon performed exceptionally well, providing complete detection and protection against all direct ransomware attacks. It also provided thorough insight into the full network breaches that concluded with ransomware deployments.” These results underscore the power of the Falcon platform’s unified, cloud-native architecture and continuous AI innovation, stopping all threats across systems and attack paths with unparalleled speed and precision.

The CrowdStrike Falcon platform achieved these results through:

Unified protection across the attack lifecycle : CrowdStrike unifies endpoint, cloud, identity and data protection in a single platform, providing comprehensive visibility and protection across the entire attack lifecycle. In addition to detecting 100% of attacks, SE Labs noted that the Falcon platform “generated alerts for all of the attack stages in each of the attacks,” demonstrating “a thorough insight into the entire process of hacking the network.” This enables security teams to detect lateral movement, block credential misuse and stop attacks before they disrupt operations.

AI-driven detection and response : CrowdStrike uses innovative behavioural AI and machine learning trained on trillions of security events to proactively stop ransomware, including unknown variants. During SE Labs’ testing, the Falcon platform achieved 100% accuracy with no false positives, detecting malicious patterns and correlating activity across endpoints, networks and users to identify threats before execution. It successfully blocked sophisticated lateral movement techniques used by ransomware families like DeathRansom and Ryuk as they attempted to spread deeper into the network.

DeathRansom and Ryuk Cloud-native architecture built for speed and scale : CrowdStrike’s cloud-native architecture enables rapid deployment, scalability and centralised management for endpoint and workload protection. By processing endpoint telemetry in the cloud, the Falcon platform provides real-time analysis and threat detection without straining resources. This approach allowed CrowdStrike to block ransomware families like GandCrab and LockBit, preventing file encryption and tool modifications while ensuring immediate threat containment across distributed environments.

“CrowdStrike is the gold standard for ransomware protection with exceptional prevention, detection and response to the most sophisticated threats,” said Simon Edwards, chief executive officer at SE Labs. “Every year, we raise the bar to mirror the increasing complexity of real-world attacks, and CrowdStrike not only meets but exceeds these challenges. Its ability to deliver flawless accuracy, zero false positives and unparalleled support for security teams highlights the innovation and trustworthiness that make CrowdStrike a leader in the fight against ransomware.”

“Ransomware has evolved into one of the most persistent and damaging threats, targeting every layer of an organisation’s infrastructure,” said Elia Zaitsev, chief technology officer, CrowdStrike. “The Falcon platform’s revolutionary cloud-native architecture and advanced AI stops increasingly sophisticated attacks, delivering unified, real-time visibility and protection across the entire attack lifecycle. This recognition from SE Labs validates the Falcon platform’s unrivalled ability to secure organisations against ransomware and other advanced threats, empowering them to stay resilient and outpace adversaries in today’s threat landscape.”