Get an iPad Air w/ Smart Keyboard, Pixel 4a Smartphone, or Take $350 Off with Online Training! Offer Ends Soon!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

A New Era in Endpoint Protection: A SANS Product Review of CrowdStrike Falcon Endpoint Protection

  • Friday, June 09, 2017 at 10:30 AM EDT (2017-06-09 14:30:00 UTC)
  • Peter Ingebrigtsen, Dave Shackleford


  • CrowdStrike, Inc.

You can now attend the webcast using your mobile device!



Conventional antivirus solutions are failing to keep pace with today's threats, so many organizations are turning toward Next Generation Antivirus (NGAV). Yet there's a lot of FUD (fear, uncertainty, doubt) around replacing antivirus with NGAV, particularly in legacy environments.

In this webcast, learn what NGAV actually is, where it fits into the IT infrastructure, and how to easily utilize CrowdStrike's Falcon cloud-based services to keep systems updated and safe from Ransomware, malwareless attacks, and other threats first-generation AV normally wouldn't catch.

During the review, senior SANS Analyst and Instructor Dave Shackleford, will discuss his experiences using Falcon for:

  • Detecting Indicators of Attack (IOA) by using behavioral indicators, machine learning and more
  • Detecting and preventing PowerShell-based attack techniques
  • Detecting and preventing unknown malware attacks while offline
  • Managing threat hunting through deploying Falcon OverWatch

Also learn about the new quarantine features in Falcon, its pre- and post-response reporting features, and cloud-based remediation services.

Click Here to be among the first to access Dave Shackleford's written review findings.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Peter Ingebrigtsen

Peter Ingebrigtsen is a technical marketing manager at CrowdStrike, where he uses his comprehensive knowledge of CrowdStrike solutions to create tools that help customers take full advantage of the Falcon platform features to solve problems and experience all the benefits CrowdStrike solutions offer. Peter has been in technical marketing for more than five years, supporting both network and endpoint security products. Prior to his time in technical marketing, he was a sales engineer for a network monitoring company. In that role, he focused primarily on national telcos and large enterprises in the Bay area. When he's not at work, he can be found working with wood, taking guitar lessons or attending one of his children's events.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.