Our Partner CrowdStrike’s Newest Falcon Search Engine
July 30th, 2017
Exponentially faster and more comprehensive than anything else
Our cybersecurity partner, Crowdstrike, has just unleashed the first component of their Falcon Search Engine, Falcon MalQuery. As a whole, the Falcon Search Engine exists to provide the advantages search engines have provided in other fields to cybersecurity professionals. The need to quickly and comprehensively understand the endless streams of potentially virulent data streaming across your dashboard is vital in the seconds before becoming compromised. This understanding can help your organization adapt and eliminate threats as they are happening. This is due to their two focuses: speed and relevance.
Typical malware research can take hours, even if it’s only a single query sifting through a mere month’s of data. The force factor of the CrowdStrike Falcon Search Engine exponentially reduces that timeframe, revealing results within seconds from a constantly updating index already with five years of data, 700 million files, and 560 TB of storage.
Using revolutionary patent pending indexing technology, the CrowdStrike Falcon Search Engine prepares the most important data to review. Rather than cloud investigative efforts with false positives, the engine allows searches across metadata, file binary contents, and even YARA-based queries.
The Falcon MalQuery
The first module of the Falcon Search Engine, Falcon MalQuery is focused on malware searches across the industry’s largest repository of malware samples drawn from an installed base analyzing 50 billion unique security events a day spanning 170 countries. The searchable index provides metadata, binary content, augmented insight from Falcon Intelligence, and supports plain text (ASCII/Unicode), binary search (HEX), and YARA-based queries. The results contain malware samples, related data, attributes, and can reduce Yara insights and tuning iterations. This subscription solution will also continue to expand beyond its existing five year database as additional information becomes available.
ISSQUARED & CrowdStrike
Crowdstrike’s Falcon Search Engine can provide the right answers at the right time. With the unveiling of this new capability, security researchers and enterprises the world over will have gained a critical asset in defending against the malicious actors everywhere. We are proud to be on the forefront of the global cybersecurity defense along with Crowdstrike and we would enjoy speaking with you about joining us.