Falcon OverWatch: Proactive Managed Threat Hunting
Falcon OverWatchTM is a human threat detection engine that operates as an extension of your team, hunting relentlessly to see and stop the most sophisticated hidden threats
Download Data Sheet
Benefits
Why Choose Falcon OverWatch
-
![Ability to See and Stop Hidden Advanced Attacks]()
Ability to See and Stop Hidden Advanced Attacks
The OverWatch team hunts relentlessly to see and stop the stealthiest sophisticated threats: the 1% of 1% of threats that blend in silently and lead to a breach if they remain undetected.
-
![Maximum Effectiveness and Efficiency]()
Maximum Effectiveness and Efficiency
OverWatch delivers the best results by augmenting skilled analysts with the most advanced technology. Our elite human experts use cloud-scale data, custom tools and up-to-the-minute threat intelligence to hunt with unprecedented speed and scale.
-
![Seamless Extension of Your Team]()
Seamless Extension of Your Team
As a core component of the CrowdStrike Falcon® platform, OverWatch delivers results for organizations of all sizes, operating as a seamless extension of your team — minimizing overhead, complexity and cost.
Technical Features
People, Process and Technology Are All Key to Stopping Breaches
24 x 7 Human Expertise
- Attacker mentality. Effective threat hunting requires the ability and expertise to think like an attacker.
- Cross-disciplinary expertise. OverWatch employs elite experts from a wide range of backgrounds, including government, law enforcement, commercial enterprise, the intelligence community and defense.
- 24/7/365 availability. When a sophisticated intrusion occurs, time is critical. Your adversaries do not sleep and are not restricted by time zones or geography — and neither should your threat hunting team.
- Continuous vigilance. OverWatch’s continuous, proactive operations deliver results every minute of every day.
- Finely-tuned response. OverWatch identifies and responds to hundreds of potential breaches per week. Each threat handled helps team members fine-tune their skills and processes, ensuring they are always sharp and effective.
Cloud-scale Security Telemetry
- Tools for the hunt. Threat hunting requires more than just expert hunters — those hunters need the right tools. Scalable and effective threat hunting requires access to vast amounts of data and also the ability to mine that data in real time for signs of intrusions.
- Real-time visibility. OverWatch takes advantage of the cloud-scale telemetry of the proprietary CrowdStrike Threat Graph® to get broad, deep visibility, delivered in real time.
- Massive data. Threat Graph ingests trillions of events each week, giving Falcon OverWatch an extensive, global real-time view of threat activity, as it happens.
Up-to-the-minute Threat Intelligence
- Threat context. You can’t detect a threat you don’t understand.
- CrowdStrike threat intelligence. This intel empowers OverWatch with detailed, always-current knowledge of tradecraft from more than 130 adversaries.
- Current TTPs. This intimate knowledge of the latest TTPs (tactics, techniques, and procedures) in use today ensures that OverWatch is able to hunt effectively and efficiently.
Seamless Part of the Falcon Platform
- One team, one fight. OverWatch operates as an extension of the Falcon platform and your team, delivering timely threat information via the single cloud-native console.
- Alerts augmented with context. OverWatch analysts deliver alerts that are augmented with contextual details and global insights to help organizations understand threats and act faster.
Technical Center
For technical information on Falcon OverWatch, please visit the CrowdStrike Tech Center.
Product Validation
Customers Trust CrowdStrike
Third-Party Validation
Since 2016, CrowdStrike has demonstrated a strong commitment to continuous industry collaboration, scrutiny, and testing. Time and time again, CrowdStrike has been independently certified to replace legacy solutions.
-
![[For Modules Only] Forrester TEI]()
Forrester Total Economic Impact
Falcon OverWatch helps organizations reduce risks and improve efficiencies, resulting in 316% ROI.
-
![[For Modules Only]Sans Review]()
SANS Review of OverWatch
SANS experts review how Falcon OverWatch responds in real time to sophisticated threats including credential theft, lateral movement and defense evasion.
![[For Modules Only] Forrester TEI](https://www.crowdstrike.co.uk/wp-content/uploads/2019/10/Forrester-Logo.png){kind=logo}
![[For Modules Only]Sans Review](https://www.crowdstrike.co.uk/wp-content/uploads/2018/08/report_09.jpg)
Visit our third-party evaluations page to see how CrowdStrike performed against the industry’s most rigorous tests and trials.
Falcon OverWatch Offerings
Choose the one that meets your requirements:
-
![OverWatch Standard]()
OverWatch Standard
See and stop hidden advanced attacks and reduce dwell time with 24 x 7 proactive human threat hunting.
-
![OverWatch Elite]()
OverWatch Elite
Falcon OverWatch Elite expands the basic OverWatch offering by adding an assigned OverWatch threat analyst to consult on root causes, assist with analysis, perform weekly health checks and provide proactive configuration recommendations and customized quarterly briefings.
| OverWatch Standard | OverWatch Elite | |
|---|---|---|
Cross-disciplinary human experts
|
 |
|
|
Continuous vigilance
|
|
|
|
Cloud-scale telemetry
|
|
|
|
Intelligence-driven
|
|
|
|
Seamless integration with the Falcon platform
|
|
|
|
Alerts augmented with context
|
|
|
|
Email notifications
|
|
|
|
Assigned threat analyst
|
| |
|
Personalized onboarding
|
| |
|
Hunting and investigation coaching
|
| |
|
Recurring environmental checkups
|
| |
|
Proactive tuning
|
| |
|
Tailored threat reports and briefings
|
| |
|
Response advice, advanced investigation and context support
|
| |
|
Proactive, closed-loop communications
|
|
Get Answers to Commonly Asked Questions
Falcon OverWatch FAQPurchase Falcon OverWatch as a Part of a Bundle
CrowdStrike Falcon bundles are specifically tailored to meet a wide range of endpoint security needs.
Explore the Bundles