CrowdStrike Falcon Overwatch Elite
Managed Threat Hunting with Assigned Analyst Support
Falcon OverWatch Elite: Managed Threat Hunting with Assigned Analyst Support
Extend your team with an assigned CrowdStrike threat hunting analyst providing dedicated expertise, tactical day-to-day insights into your personal threat landscape, and strategic advisory to help drive continuous improvement.
Drive Security Maturity
Falcon OverWatch is CrowdStrike’s managed threat hunting service built on the CrowdStrike Falcon platform. OverWatch augments the powerful autonomous protection provided by Falcon with deep and continuous human analysis, 24/7, to relentlessly hunt for anomalous or novel attacker tradecraft.
Falcon OverWatch Elite extends the standard OverWatch offering by introducing an assigned threat response analyst to help your organization both understand the threats that are most likely to target it and how best to prepare and respond to them. The OverWatch Elite analyst provides dedicated expertise, tactical dayto-day insights into your organization's threat landscape and strategic advisory to help drive continuous improvement.
Key Benefits of Choosing Falcon Overwatch Elite
FOCUS ON WHAT MATTERS MOST
Assess your organization's threat risks from a new angle with personalized guidance from assigned analysts with years of diverse expertise.
RESPOND WITH SPEED AND CONFIDENCE
Quickly understand threats in your environment through proactive outreach, telecommunications, and highly tailored responses.
IMPROVE CONTINUOUSLY
Get expert coaching, threat updates, industry-focused data and insights to drive improved maturity across your security team.
Personalized Threat Hunting Expertise
- Assigned analyst. Build an ongoing relationship with your OverWatch Elite threat response analyst.
- New perspectives. Assess your risks from a new angle with the help of analysts with years of diverse expertise.
- Laser focus. Develop a shared understanding of your organization’s unique structure and requirements.
Tactical Threat Hunting Insights
- Tailored Threat Hunting. Develop, operationalize, and tune your threat hunting program.
- Advanced investigation support. Gain deeper understanding of threats observed by the OverWatch team in your environment.
- Fast, closed loop communications. On-demand access to expertise via multiple channels, including email and Slack.
- Proactive outreach. For critical, active threats that are not acknowledged within the first 60 minutes.
Strategic Threat Hunting Advisory
- Expert coaching. Develop your personalized plan for uncovering threats likely to target your organization.
- OverWatch Elite Threat Hunting Reports. Review your security posture, gain hunting insights relevant to your industry.
- “From the eyes of OverWatch” briefings. Exclusive quarterly webcasts to review emerging shifts in adversary TTPs, backed by recent real- world intrusions, and discuss best practices for hunting and defense.
Falcon Overwatch Offerings
Choose the one that meets your requirements:
Falcon Overwatch
See and stop hidden advanced attacks and reduce dwell time with 24 x 7 proactive human threat hunting.
Falcon Overwatch Elite
Falcon OverWatch Elite expands the basic OverWatch offering by introducing an assigned threat response analyst to help your organization both understand the threats that are most likely to target it and how best to prepare and respond to them.
Falcon Overwatch |
Falcon Overwatch Elite |
|
|---|---|---|
| Real-Time CrowdStrike's lightweight agent streams deep telemetry into the Security Cloud in near real time giving OverWatch immediate visibility to emerging threats. |
 |
 |
| Global Threat Visibility The CrowdStrike Security Cloud ingests, indexes and enriches trillions of events per day, giving OverWatch the broadest view of threat activity as it is happening, all over the world. |
|
|
| Immunity by Community Through millions of endpoints globally distributed, the CrowdStrike OverWatch team can see emerging threats immediately, and disrupt them globally. |
|
|
| Specialized Data, Tools and Processes The OverWatch team leverages a proprietary threat hunting methodology 'SEARCH' to effectively stop breaches. |
|
|
| Hypothesis Driven Threat Hunting OverWatch performs threat hunting using intuition and experience to form and test hypotheses about where and how a determined attacker might conceal their operations. |
|
|
| Continuous Vigilance The OverWatch team conducts 24/7/365 threat hunting, because attackers are not constrained by geography or time zones. |
|
|
| Cross Disciplinary Expertise Human threat hunters possess diverse backgrounds and skill sets, for broad and deep expertise. |
|
|
| Intelligence-LED Threat Hunting CrowdStrike threat intelligence empowers the OverWatch team with intimate knowledge of the latest TTPs, ensuring that the team knows what it should be looking for today and tomorrow. |
|
|
| Alerts Augmented with Context OverWatch analysts deliver alerts that are augmented with contextual details and global insights to help organizations understand and act faster. |
|
|
| Email Threat Notifications Your team receives tailored email summaries of critical threats uncovered by OverWatch threat hunters. |
|
|
| Quarterly Threat Hunting Reports Receive quarterly reports on the threat landscape and what OverWatch has seen in the wild. |
|
|
| Personalized Onboarding Collaboration with your OverWatch analyst begins on day one. |
|
|
| Response Advice, Advanced Investigation and Contextual Support Your OverWatch Elite analyst is available for targeted advice on incident response and to provide deeper context on threats observed by OverWatch in your environment. |
|
|
| Two-Way Communications via Slack and Email Get on-demand access to expertise via multiple channels. |
|
|
| Proactive Closed-Loop Communications OverWatch Elite analysts perform proactive 24/7 outreach for critical, active threats that are not addressed within the first 60 minutes. |
|
|
| Threat Hunting and Investigation Coaching OverWatch Elite provides tailored coaching for your team on best practices for threat hunting and investigations in the Falcon console. |
|
|
| Tailored Threat Reports and Briefings Meet with your Overwatch Elite analyst and other OverWatch experts to review your security posture and gain hunting insights relevant to your industry. |
|
|
| Overwatch Elite Global Insights OverWatch analysts deliver contextual details and global insights through exclusive quarterly briefings to help organizations understand and act faster. |
|
Documentation:
Download the CrowdStrike Falcon Overwatch Elite Datasheet (.PDF)