CrowdStrike Identity Protection Platform (Formerly Preempt Security) Capabilities.

  1. Stopping Ransomware Threats with the CrowdStrike Zero Trust Solution.
  2. How To Do Threat Hunting with Falcon Identity Protection.
  3. How To Detect and Prevent Lateral Movements with Falcon Identity Protection.
  4. How To Detect and Prevent Suspicious Activities with Falcon Identity Protection.
  5. How To Enable Identity Segmentation with Falcon Identity Protection.
  6. How To Prevent Service Account Misuse with Falcon Identity Protection.
  7. How To Secure RDP Access to A DC Using Falcon Identity Protection.
  8. How To Enforce Risk-Based Conditional Access Using Falcon Identity Protection.
  9. Overview of Detecting and Preventing Lateral Movement.
  10. How CrowdStrike Detects and Prevents Sunburst (Nobelium) Post-Exploit Activities.
  1. STOPPING RANSOMWARE THREATS WITH THE CROWDSTRIKE ZERO TRUST SOLUTION. Modern attacks such as ransomware don’t typically linearly follow the kill chain. The attacks need not enter the organization through phishing attempts and then run the exploit on the endpoints.

The ransomware attack can enter via compromised credentials, weak Active Directory security, or through vulnerable workloads, containers, or SaaS applications.

Watch demo here, https://www.crowdstrike.com/resources/videos/stopping-ransomware-threats-with-the-crowdstrike-zero-trust-solution/ 

2-HOW TO DO THREAT HUNTING WITH FALCON IDENTITY PROTECTION. This video illustrates how to use CrowdStrike Falcon Identity Protection to proactively hunt for identity-based threats including suspicious lateral movement, domain replication, credential scanning etc before they can escalate to an attack.

Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-do-threat-hunting-with-falcon-identity-protection/ .

3-HOW TO DETECT AND PREVENT LATERAL MOVEMENTS WITH FALCON IDENTITY PROTECTION. This video illustrates how CrowdStrike Falcon Identity Protection helps detect and prevent lateral movements – a common technique used by an adversary, after gaining initial access, to move deeper into a network.

Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-detect-and-prevent-lateral-movements-with-falcon-identity-protection/

4- HOW TO DETECT AND PREVENT SUSPICIOUS ACTIVITIES WITH FALCON IDENTITY PROTECTION. This video illustrates how CrowdStrike Falcon Identity Protection helps detect and prevent suspicious activities like anomalous authentication or an interactive login by a service account which may indicate a malicious attack.

 Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-detect-and-prevent-suspicious-activities-with-falcon-identity-protection/ 

5- HOW TO ENABLE IDENTITY SEGMENTATION WITH FALCON IDENTITY PROTECTION. This video shows how you can create and enforce identity segmentation policies with CrowdStrike Falcon Identity Protection. Identity segmentation is a method to restrict access to applications/resources based on identities.

Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-enable-identity-segmentation-with-falcon-identity-protection/

6- HOW TO PREVENT SERVICE ACCOUNT MISUSE WITH FALCON IDENTITY PROTECTION. This video shows how you can detect and prevent service account misuse with CrowdStrike Falcon Identity Protection. Service accounts or programmatic accounts are non-human privileged accounts used to execute applications and run automated services.

Adversaries go after service accounts, as these have higher privileges, to move laterally in the network. Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-prevent-service-account-misuse-with-falcon-identity-protection/

7- HOW TO SECURE RDP ACCESS TO A DC USING FALCON IDENTITY PROTECTION. This video illustrates how CrowdStrike Falcon Identity Protection can detect when a user is trying to use Remote Desktop Protocol (RDP) to get into an AD Domain Controller (DC) and based on a policy, it can automatically challenge the user for MFA ensuring it is a legitimate user.

Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-secure-rdp-access-to-dcs-using-falcon-identity-protection/

8-HOW TO ENFORCE RISK-BASED CONDITIONAL ACCESS USING FALCON IDENTITY PROTECTION. This video illustrates how CrowdStrike Falcon Identity Protection lets you define conditional access policies based on the risk score of a user.

By adjusting the acceptable risk level for your organization, you can trigger off additional MFA for users that are deemed to be high risk. Watch demo here, https://www.crowdstrike.com/resources/videos/how-to-enforce-risk-based-conditional-access-using-falcon-identity-protection/

9- OVERVIEW OF DETECTING AND PREVENTING LATERAL MOVEMENT. 80% of all breaches involve identity-based attacks with lateral movement based on compromised credentials. Lateral movement is a common technique in scenarios from ransomware to supply chain attacks.

We will show how deterministic and behavioral detection techniques can identify lateral movement to enable zero trust security in real-time, with fewer false positives, and a better user experience. Watch demo here, https://www.crowdstrike.com/resources/videos/overview-of-detecting-and-preventing-lateral-movement/   

10-HOW CROWDSTRIKE DETECTS AND PREVENTS SUNBURST POST-EXPLOIT ACTIVITIES. The Sunburst supply-chain attack affected industries from public to private, with the principle spread via privileged accounts and lateral movement. The principles of Zero Trust architecture can be leveraged today to contain adversaries in this type of attack, and for future 0-day attacks involving identity from initial escalation and lateral movement through persistence on the network. Watch demo here, https://www.crowdstrike.com/resources/videos/sunburst-and-crowdstrike-falcon-zero-trust/ 

Contact us at info@smsam.net for a demo or an evaluation of the solution.