CrowdStrike & CRITICALSTART
A Team Unparallelled in the Marketplace
CrowdStrike and CRITICALSTART offer best of breed endpoint detection and MDR to establish a strong security posture, manage complex processes and eliminate unnecessary risk in a comprehensive endpoint security program.
Ingesting CrowdStrike Falcon data into CRITICALSTART’s Trusted Behavior Registry (TBR) enables us to put our trust-oriented approach into action by automatically resolving what is known-good and can be safely trusted first – shifting focus to known alerts for triage and quick resolution. This is what it means to effectively stop accepting risk.
Key Benefits of the Integration
Full Investigation
Full investigation of every security alert/incident (vs industry standard of investigating only a subsegment of critical and high) with response actions
24x7x365 Monitoring
Our highly skilled analysts work in a SOC 2 Type 2 certified Security Operations Center (SOC) to investigate, escalate, contain and respond to threats – helping to significantly reduce attacker dwell time.
Full Mobility Approach
A full mobility approach with 100% transparency in the app – a MOBILESOC that resolves alerts, on the go. Full transparency and ability to resolve right from your device.
Full Parity
Full parity (remediation and resolution) between
Web UI and MobileSOC app
100% Transparency
Full visibility into every data point collected, every alert resolved or escalated, every playbook
| Capability Comparison | CRITICALSTART MDR + Falcon | CrowdStrike Falcon Complete | CrowdStrike Falcon Pro |
|---|---|---|---|
| Trusted Behavior Registry with SOAR Platform that resolves 100% of alerts | ● | ||
| Native iOS and Android applications for alert investigation, collaboration and response | ● | ||
| Multi-Tenant so client can have multiple organizations with N-level hierarchy | ● | ||
| Manage and report on all alerts from SIEM and EDR in one platform | ● | ||
| Automated SOC review process that provides quality control of analyst investigations and is available to the customer | ● | ||
| Contractually guaranteed Service Level Agreement for Analyst Time to Detect and Respond to Alert (as compared to SLO) | ● | ||
| Alert Notifications that include both security event data and expert analysis | ● | ○ | |
| Customer and vendor work from same platform and see the same information for security event analysis (Transparent view to all rules, comments, audit logs, and metrics) | ● | ○ | |
| Custom Indications of Attack (IOA) Monitoring | ● | ||
| 24x7 monitoring by Cybersecurity Analysts (Security Alert Investigation and Notification performed by Security Analysts) | ● | ● | |
| Advanced Threat Detection and Hunting | ● | ● | |
| Analyst will proactively respond to stop attacks (isolate, block, whitelist, etc.) | ● | ● | |
| Managed response, policy tuning, and updating of agents | ● | ● | |
| Incident Response | ● | ● | ○ |
| Privacy Shield Certified | ● | ● | ● |
| SSAE 18 SOC 2 (TYPE 2) Certified | ● | ● | ● |
