CrowdStrike Inc. announces new CrowdStrike Falcon X Recon module for an increased level of situational awareness. Falcon X Recon will help uncover potential malicious activity and designed to go beyond the dark web to include forums with restricted access on the deep web, breach data, source code repositories, paste sites, mobile greyware stores, unsecured cloud storage, public social media posts and messaging apps. In today’s evolving threat landscape, malicious actors may use one or more of these resources to more effectively target their victims and monetise their efforts. These sites are virtual watering holes, where adversaries congregate and underground digital economies thrive.
“Falcon X Recon is an important addition to our CrowdStrike Intelligence product suite. It will advance organisations along the threat intelligence maturity curve to go beyond threat feeds generated from past attacks,” said Adam Meyers, senior vice president of Intelligence, CrowdStrike. “With the addition of Falcon X Recon, CrowdStrike will broaden its delivery of automated industry-leading threat intelligence, allowing companies to more easily find that needle in the haystack.”
Falcon X Recon provides the following features:
- Data Collection: At the heart of Falcon X Recon is a deep and broad collection of data from the cyber underground. Users will be able to quickly search and automatically monitor in real-time thousands of clandestine forums, markets, paste sites, messaging and chat rooms.
- Situational Awareness (SA) Dashboards: This unified control centre is designed to provide visibility into alerts that are the most relevant to the organisation. The dashboards contain high-priority alerts and trends, and enable users to drill down into additional details. Custom dashboards can also be created by users to track and monitor the threats that are the most relevant to their remediation and response activities.
- Universal Search: This feature will enable users to perform on-demand searches across all licensed modules of the Falcon platform, returning results in easy-to-read cards where users can view the original threat actor posts with additional context about the actor and the site. In addition, results will be automatically translated from many other languages using augmented translation with hacker slang dictionaries.
- Selectors: These define important information about an organisation, including its executives and assets. Users will be immediately alerted when a selector matches with information found in the hidden web.
- Notifications: Users will be able to customize how team members are notified and how often they receive alerts.
Falcon X Recon will join CrowdStrike’s threat intelligence solutions. Falcon X Recon is expected to be available in early 2021.