at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
Falcon Platform from CrowdStrike
A cloud-native endpoint protection platform that combines next-generation antivirus, endpoint detection and response, threat hunting, and intelligence automation. Features include behavioral analytics, machine learning for malware detection, and real-time threat intelligence specific to financial services threats.
Product analysis by function
Cybersecurity Solutions for IT and Infrastructure
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
Access Control
(8 Yes /8 Known /11 Possible features)
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
CrowdStrike Falcon Platform supports multi-factor authentication for administrative access as per official documentation. | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Role-based access control (RBAC) is a core feature of the Falcon Platform, allowing administrators to assign granular roles. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
The Falcon Platform supports SSO integration with SAML and other major identity providers. | |
|
Access Logging Records all access attempts for audit trails. |
Access logging and audit trails are available for all administrative actions through the Falcon dashboard. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
Privileged account management is inherent to RBAC and administrative controls offered by Falcon. | |
|
User Session Timeout Automatically terminates inactive sessions. |
User session timeout policies can be configured within the Falcon console. | |
|
Device Whitelisting Restricts access to approved devices only. |
No information available | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular permission levels are managed via RBAC, enabling fine-grained permissions. | |
|
API Key Management Secures and controls access to APIs. |
API key management is available for integration and automation tasks. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
No information available | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
Data Protection
(4 Yes /4 Known /10 Possible features)
|
End-to-End Encryption Encrypts data during all states and transfers. |
End-to-end encryption is described as part of Falcon's cloud-native security architecture. | |
|
Database Encryption Encrypts stored data in databases. |
Data at rest and in transit is encrypted, covering Falcon's database storage. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
No information available | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
No information available | |
|
Tokenization Replaces sensitive information with random tokens. |
No information available | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
Falcon Platform includes DLP features—data exfiltration alerts and blocking as per solution brief. | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Audit logging is available for actions, changes, and security events as part of Falcon's compliance tooling. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
No information available | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
No information available |
Network Security
(2 Yes /2 Known /10 Possible features)
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
No information available | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
No information available | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
No information available | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
No information available | |
|
Network Segmentation Divides the network into separate zones for better security. |
No information available | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
No information available | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
No information available | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
Encrypted network traffic is enforced throughout Falcon's cloud-based agent communications. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
Falcon provides bandwidth and network activity monitoring for threat detection. | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
Threat Detection and Response
(6 Yes /6 Known /10 Possible features)
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
Security event aggregation and real-time event correlation are advertised as SIEM features. | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Falcon automates threat remediation, including isolation and removal, without manual intervention. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Real-time alerting is one of the platform's primary claims for rapid response. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Falcon platform consumes third-party and proprietary threat intelligence feeds. | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
Incident response playbooks/templates are part of the product and are customizable. | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
No information available | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
Automated generation of compliance and incident reports is available in the Falcon platform, as per product datasheets. |
Endpoint Security
(9 Yes /9 Known /10 Possible features)
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
Endpoint Detection and Response (EDR) is a core module of the Falcon Platform. | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
Next-generation anti-malware/antivirus capabilities rely on behavioral and machine learning detection. | |
|
Device Control Restricts usage of external devices like USB drives. |
Device control for storage devices (USB, etc.) is configurable in policy settings. | |
|
Patch Management Automates the distribution of security updates. |
Patch management features, such as vulnerability and patch visibility, are present; some patching is automated. | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
Mobile Device Management (MDM) and mobile EDR are supported by CrowdStrike for iOS/Android. | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
Remote wipe is supported for lost/stolen endpoints through the Falcon console. | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
Whitelist/blacklist application execution as part of device policy configuration. | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
Automated endpoint isolation supported for suspected compromised devices. | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
Endpoint security policies can be centrally enforced and updated. |
Fraud Detection and Prevention
(8 Yes /8 Known /10 Possible features)
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
Falcon leverages behavioral analytics via machine learning and threat intelligence. | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
Real-time transaction/output monitoring is not core, but real-time activities are flagged at endpoints and via integrations. | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
Falcon uses ML-based detection for new/emerging malware and attack vectors. | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
Geolocation data is part of device telemetry and available in investigation workflows. | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
Device fingerprinting is integral for endpoint identification and anomaly detection. | |
|
Case Management Tracks fraud investigation from detection to closure. |
Case management workflows are included in Falcon Insight for tracking incident investigations. | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
Rule-based and ML-based detection alerting available in Falcon. | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
Falcon API supports SIEM and core banking system integrations for real-time event exchange. |
Application Security
(6 Yes /6 Known /10 Possible features)
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
No information available | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Continuous vulnerability scanning is a core feature provided by Falcon Spotlight. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
Enforcement of secure coding/deployment standards is supported for endpoint agent and API integrations. | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
CrowdStrike regularly conducts penetration testing and vulnerability disclosures. | |
|
Automated Patch Deployment Deploys application security patches automatically. |
Patch management includes automated deployment for discovered endpoint vulnerabilities in supported OS platforms. | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
No information available | |
|
Session Management Security Protects active user sessions against hijacking. |
Session token management protects against session hijack as part of endpoint agent telemetry. | |
|
API Security Controls Protects and monitors API endpoints. |
API security and monitoring are provided for all Falcon API integrations. | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
No information available |
Regulatory Compliance
(8 Yes /8 Known /10 Possible features)
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Prebuilt compliance reporting for PCI, GDPR, and other regulations is available within Falcon. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
Policy automation is available in Falcon for endpoint security and compliance. | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Immutable audit trail logs are supported for regulatory review. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
Vendor regularly tracks compliance with major changes via dashboard updates and advisories. | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
Compliance workflow automation is available for policy rollout and attestation. | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
Data residency configuration is available to specify log and data storage regions for regulatory compliance. | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Automated data lifecycle management policies are part of Falcon's regulatory features. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Documents, logs, and compliance evidence can be managed in a secure portal. |
Identity and Access Management (IAM)
(8 Yes /8 Known /10 Possible features)
|
Centralized User Directory Maintains a single source of truth for user authentication. |
Centralized directory for authentication and endpoint management is a platform core capability. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service password reset is available when using SSO/IdP integration. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
Automated provisioning and deprovisioning via IdP integration is supported. | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Federated identity support for SAML, OAuth, and similar providers, as described in the product documentation. | |
|
Access Certification Regularly reviews and certifies user privileges. |
No information available | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
Credential encryption at rest and in transit is standard and required for all agent communications. | |
|
Group Management Supports management of user groups and access policies. |
User group and access management is offered via global policy controls. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Password policy enforcement is possible via SSO/IdP or local policy. | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
Automated user access review for compliance is available. |
Monitoring and Reporting
(8 Yes /8 Known /10 Possible features)
|
Real-time Dashboards Visualizes live security and system data. |
Live dashboards for endpoints and threat activity, as per CrowdStrike portal descriptions. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Customizable reporting is a feature for all relevant Falcon compliance modules. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Alert threshold customization supported via user policies. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Historical log retention for analysis is available and configurable. | |
|
Audit Log Integration Centralizes logs from various sources. |
Audit log integration with SIEM and external platforms is a standard feature. | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User activity monitoring is part of endpoint behavior analytics and detection modules. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Supports webhook, email, SMS, and app-based alerting channels. | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Third-party log and SIEM integration is available for external analytics and regulatory logging. | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
Resilience and Recovery
(7 Yes /7 Known /10 Possible features)
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Falcon platform includes disaster recovery documentation, planning templates, and readiness test support. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business continuity tools and planning are included in CrowdStrike guidance for financial institutions. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
Automated failover support is part of the product's high-availability cloud-native design. | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Backup and restore processes are automated for policy and configuration data. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Falcon offers ransomware recovery playbooks and rapid restoration tooling. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
Resilience and recovery plan testing is supported and recommended for Falcon customers. | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
Regular system health checks are automated in Falcon's monitoring infrastructure. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
No information available |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.