Falcon for Mobile, which is based on the CrowdStrike’s endpoint detection and response (EDR) technology, identifies threats on mobile devices and provides visibility into situations where there is potentially dangerous access to corporate data. The cloud native platform uses a single agent architecture to provide telemetry from traditional endpoints alongside those from mobile devices.
CrowdStrike says that Falcon for Mobile provides visibility, proactive threat hunting, and enterprise application behavior monitoring. Dan Larson, vice president of product marketing at CrowdStrike, explained that the platform is aimed at the space between mobile device management and mobile threat management.
“What’s missing is low-level device and app telemetry,” Larson wrote in an email to SDxCentral. “That’s what we provide with Falcon for Mobile. This opens up a new layer of visibility for security teams so they can see malicious or unwanted behavior happening in their enterprise apps. Choosing to focus on malicious behavior, rather than relying on signatures or block lists, is at the core of our strategy.”
Larson said that the platform provides fast access to meaningful results. “No matter how many endpoints and mobile devices are under management – whether it be 10 or 10 million – the Falcon platform will return comprehensive results in five seconds or less,” he explained.
Falcon for Mobile also uses an app-centric approach to protect user data. Larson noted that the mobile agent does not meaningfully impact operation of the mobile device and doesn’t monitor personal apps, email, photos, or browsing history.
“We will monitor only the enterprise apps that the administrator specifies and we will make it clear to the user which apps are being monitored and which ones aren’t,” Larson explained. “This approach also reduces our footprint on the device, minimizing battery and data usage.”