CrowdStrike Inc. announced the availability and FedRAMP authorization of CrowdStrike Falcon Forensics. Hosted within GovCloud, Falcon Forensics speeds the response time and remediation of critical security incidents for agencies by providing increased visibility and automated analysis of attacker activity.
In today’s modern threat landscape, speed of response is crucial to help agencies prevent security incidents from turning into breaches. According to President Biden’s recent Executive Order (EO) on improving the nation’s cybersecurity, agencies are mandated to modernize IT infrastructure through cloud adoption, embrace Zero Trust architectures, implement critical security controls like endpoint detection and response (EDR) and vulnerability management, and increase threat hunting to increase the effectiveness of incident response.
Falcon Forensics for GovCloud helps to address these issues, ultimately increasing cyber resiliency among agencies by providing:
- Deep-level forensic triage data provided for robust analysis around the cybersecurity incident
- Convenient collection of the historical forensic artifacts needed to bring visibility into the full threat context without additional queries
- Automated analysis of attacker activity to help customers hunt through impacted environments at-scale and rapidly return to normal operations
“Government agencies have historically struggled with disparate tools and manual, time-consuming efforts when collecting and consolidating forensic data, often delaying their ability to provide the critical analysis needed to get ahead of fast-moving threats,” said Thomas Etheridge, senior vice president of CrowdStrike Services. “Falcon Forensics for GovCloud simplifies threat hunting and forensic triage analysis, capturing the right forensic artifacts at-scale and presenting them in an easy-to-consume interface allowing agencies to make decisions faster and more confidently as they improve their cyber posture.”
Falcon Forensics for GovCloud provides incident responders with the ability to investigate security incidents faster and with granular detail, offering in-depth data analysis through convenient pre-packaged dashboards to help identify adversaries’ past activity in the environment. Through the cloud-native architecture of CrowdStrike Falcon®, Falcon Forensics for GovCloud is deployed remotely and at scale to minimize business interruptions.