CrowdStrike Falcon X Recon
CrowdStrike Falcon X Recon is a sophisticated threat intelligence and digital risk reconnaissance tool designed to help organizations protect their brand, employees, and sensitive data by monitoring and analyzing activity across the open, deep, and dark web.
Key Functionality
Comprehensive Data Collection
Falcon X Recon automates the extraction of data from millions of restricted and underground environments, including criminal forums, encrypted messaging platforms, paste sites, IRC channels, rogue apps, phishing domains, and various other hidden web pages. This ensures unrivaled coverage of the cybercriminal underground.
Key Features
Real-Time Monitoring and Investigations
The tool provides real-time monitoring with customizable rules tailored to the organization’s needs. It enables security teams to conduct covert investigations with undetectable access to data from restricted sites, allowing for the tracking of criminal adversaries and their behavioral changes over time.
Threat Identification and Alerting
Falcon X Recon continuously monitors underground environments for external threats such as data breaches, phishing campaigns, and fraud. It offers easy-to-use wizards with predefined search criteria (e.g., brand names, executives, domains, vulnerabilities) and allows users to create and save custom monitoring rules. The tool prioritizes alerts based on the criticality of the threats and provides real-time notifications to ensure prompt response.
Advanced Analytics and Dashboards
The platform includes situational awareness dashboards that provide high-priority alerts and trends, enabling users to drill down into additional details. Custom dashboards can be created to track and monitor relevant threats. The Universal Search feature allows users to correlate results with other licensed CrowdStrike Falcon modules, enhancing the depth and breadth of investigative reporting and analysis.
Language Translation and Context
Results are displayed in customizable dashboards and easy-to-read cards, with the ability to view original threat actor posts in their original language. The tool also offers augmented translation from 18 other languages, including hacker slang dictionaries.
Managed Protection (Falcon Intelligence Recon )
For additional support, Falcon Intelligence Recon leverages the expertise of CrowdStrike’s intelligence team to manage digital risk protection efforts. This includes monitoring, triaging, assessing, and responding to threats on behalf of the customer, further enhancing the effectiveness of the security team and reducing the time and effort required to mitigate sophisticated adversaries.
Use Cases
Brand Protection
Falcon X Recon helps identify and mitigate threats to an organization’s brand, including impersonations and phishing attempts.
VIP Protection
It monitors threats targeting VIPs and executives.
Data Leak Discovery
The tool detects and alerts on data leaks, including compromised credentials, sensitive data, IP, and credit card information.
Fraud Detection
Falcon X Recon proactively uncovers fraudulent activities and malicious tools used by adversaries.
Supply Chain Monitoring
It identifies threats to suppliers by exposing chatter, phishing campaigns, and counterfeit websites.
Conclusion
In summary, CrowdStrike Falcon X Recon is a powerful tool that enhances an organization’s security posture by providing real-time visibility into potential threats, automating data collection from the cybercriminal underground, and offering advanced analytics and alerting capabilities to protect against external threats effectively.