Falcon Security and IT operations Features

Orchestration (4)

Asset Management: Lets users group and organize their endpoints to gather threat intelligence on specific technologies. 14 reviewers of Falcon Security and IT operations have provided feedback on this feature.
Security Workflow Automation: Based on 14 Falcon Security and IT operations reviews. Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.
Deployment: The process in which users integrate their existing security systems and endpoints to the threat intelligence platform. 15 reviewers of Falcon Security and IT operations have provided feedback on this feature.
Sandboxing: A feature that allows security testing and information gathering to occur in a secure, resource independent environment. This feature was mentioned in 14 Falcon Security and IT operations reviews.

Proactive Alerts: As reported in 14 Falcon Security and IT operations reviews. Prior to security incidents, the product will alert users when a new, relevant vulnerability or threat is discovered.
Malware Detection: As reported in 14 Falcon Security and IT operations reviews. Provides multiple techniques and information sources to alert users of malware occurrences.
Intelligence Reports: Based on 13 Falcon Security and IT operations reviews. The ability for users to produce reports outlining detailed and personalized threat information

Endpoint Intelligence: Analysis for users to examine threat intelligence data specific to their endpoint devices. 14 reviewers of Falcon Security and IT operations have provided feedback on this feature.
Security Validation: The product has a recurring examination process to update your intelligence reports as new threats emerge. This feature was mentioned in 13 Falcon Security and IT operations reviews.
Dynamic/Code Analysis: Based on 13 Falcon Security and IT operations reviews. The ability to examine your application, website, or database's code to uncover zero-day vulnerabilities.

File Analysis: Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.
Memory Analysis: Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.
Registry Analysis: Identifies recently accessed files and applications for abnormalities and threats.
Email Analysis: Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.
Linux Analysis: Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.

Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Decryption: Facilitates the decryption of files and data stored using cryptographic algorithms.

Gap Analysis: As reported in 11 Falcon Security and IT operations reviews. Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.
Vulnerability Intelligence: Based on 12 Falcon Security and IT operations reviews. Stores information related to common vulnerabilities and how to resolve them once incidents occur.
Compliance Monitoring: As reported in 12 Falcon Security and IT operations reviews. Monitors data quality and sends alerts based on violations or misuse.
Continuous Monitoring: As reported in 12 Falcon Security and IT operations reviews. Aggregates real-time updates and historical data from multiplate internal and external data sources to support ongoing proactive threat response.

Asset Discovery: As reported in 11 Falcon Security and IT operations reviews. Detects new assets as they enter cloud environments and networks to add to asset inventory.
Shadow IT Detection: Based on 11 Falcon Security and IT operations reviews. Identifies unsanctioned software.
Change Management: Provides tools to track and implement required security policy changes. 11 reviewers of Falcon Security and IT operations have provided feedback on this feature.

Risk-Prioritization: Allows for vulnerability ranking by customized risk and threat priorities. This feature was mentioned in 12 Falcon Security and IT operations reviews.
Reconnaissance: As reported in 12 Falcon Security and IT operations reviews. Gathers information about the system and potential exploits to be tested.
At-Risk Analysis: Based on 12 Falcon Security and IT operations reviews. Uses machine learning to identify at-risk data.
Threat Intelligence: Based on 12 Falcon Security and IT operations reviews. Stores information related to common threats and how to resolve them once incidents occur.

AI Text Summarization: Condenses long documents or text into a brief summary.
AI Text Generation: Allows users to generate text based on a text prompt.
AI Text Summarization: Condenses long documents or text into a brief summary.
AI Text Summarization: Condenses long documents or text into a brief summary. 11 reviewers of Falcon Security and IT operations have provided feedback on this feature.
Generate Attack Scenarios: Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.
Generate Threat Detection Rules: Use AI to automatically create detection rules based on observed patterns.
Generate Threat Summaries: Use AI to produce concise summaries of complex threat reports or alerts.