- Role-Specific Solutions
CrowdStrike Completes Acquisition of Preempt Security
Depending on your role and department, you might have different needs when it comes to your enterprise security solution. Meeting those needs and helping you to achieve your security goals are at the forefront of Preempt’s mission.
Preempt’s Conditional Access Platform makes enterprise active directory security effective, cost-efficient, and practical. Whether assets are on-prem or in the cloud, Preempt provides a single view across the entire organization. Risky or suspicious actions can be challenged via MFA/2FA in real-time, allowing valid users to pass through and stopping malicious actors or code without burying key events in an endless stream of Informational alerts.
INCREASE YOUR SECURITY HYGIENE
Preempt’s Insight & Analytics offer a fast risk score across your identity store down to the individual, creating an instant to-do list of credential clean up. Help your identity and access management team know where they need to create and enforce password rules, eliminate stale accounts, reduce service accounts, and avoid abuse of privileged credentials. Using AI and machine learning, Preempt automatically identifies and challenges risks and threats by policy, offering continuous adaptive risk and trust assessment.
GET VISIBILITY EVERYWHERE
Preempt provides a unified approach that connects on-premise, cloud or hybrid, and federated assets. Instead of silos, staff can track user behavior across all assets, portals, and applications for complete enterprise security context.
BETTER USER EXPERIENCE
Preempt gives you more options for challenging suspicious activity than simply Allow or Block. Conditional Access via MFA/2FA subjects high-risk user or anomalous behavior to security policy, automatically resolving suspicious behavior in real-time without disrupting valid work.
REDUCED WORKLOAD ON STAFF
Preempt reduces work for security, identity and access management staff, and even security operations by automating security instead of creating only incidents and events. Suspicious events are either confirmed and challenged/blocked or automatically resolved in real-time, while reducing user lockouts and busy work from identity and IT teams.
EXTEND VALUE OF SECURITY INVESTMENTS
Preempt integrates and extends the value of your existing ecosystem including MFA/2FA, single sign on, and identity and access management solutions. The Preempt Platform easily triggers additional enforcement via integrations with firewalls, NAC, SIEMs, and security orchestration platforms.
REDUCE SECURITY AND IT SPEND
Preempt helps reduce security and IT burden by auto-remediating risky incidents and reducing the number of help desk tickets. In addition, Preempt allows you to save SOC team spend including by reducing log storage, investigation time, and administration.
Preempt makes AI-based threat detection actionable without creating work for security teams. In the past, security enforcement has been limited to signature-based solutions at the firewall or IDS/HIDS, while AI and machine-learning solutions such as SIEM, UEBA, or NTA were used for detection. All this required manual investigation and confirmation from security staff. Preempt changes this by using AI and machine learning to detect threats across the MITRE kill-chain, then automatically challenge suspicious behavior via MFA/2FA to distinguish true threats from valid behavior.
DETECT ATTACKERS AND MALICIOUS INSIDERS
Preempt finds deterministic signs of attackers inside the network, including lateral movement techniques such as Pass-the-Hash/Ticket attacks, Golden Tickets, forged PACs, directory harvesting and more, and automates response via step-up authentication.
CHALLENGE ANOMALIES AND SUSPICIOUS BEHAVIOR
Preempt automatically tracks the behavior of every entity in the environment and detects anomalous behaviors that can indicate a compromise. While most anomaly detection can create unwanted alerts and noise, Preempt can challenge anomalies via MFA/2FA to instantly automate security and distinguish threats from valid behavior.
PROACTIVELY REDUCE YOUR ATTACK SURFACE
Preempt automatically uncovers weaknesses across all entities in the network. This includes finding users with passwords that have been exposed in previous breaches, multiple devices sharing the same administrator password, shared logins, stealthy administrators, devices vulnerable to skeleton key attacks, and much more.
STOP ATTACKERS FROM LIVING OFF THE LAND
Modern attackers often rely on common administrator tools, service accounts, and dated or weak protocols that can be abused. Preempt can detect and apply policies to common tools such as Mimikatz, PsExec, Powershell, and more. The solution also detects use of NTLM and a wide variety of related relay attacks.
TAKE ACTION EARLY IN THE KILL CHAIN
Preempt lets you take action early in an attack without disrupting valid users. Trigger conditional MFA based on multiple aspects of changing risk to distinguish between real users and threats. Choose from any number of security responses such as require password changes, quarantine devices, and more based on the context of the attack.
REDUCE WORKLOAD ON SECURITY TEAMS
Preempt reduces work for staff by automating response instead of simply flagging an event for later examination. Suspicious events are either confirmed or automatically resolved in real-time, while providing a portal for investigation or incident response later. A dedicated Threat Hunting interface lets staff search for threats based on any combination of hundreds of traits tracked by the Preempt platform.
Preempt picks up where Identity and Access Management tools leave off. Preempt extends threat-aware conditional access controls to all of both network and cloud resources based on a real-time and adaptive view of risk. Preempt’s conditional access includes risk contexts such as the posture of the entity (e.g. compromised password), entity behavior (e.g. anomalous access request), threat context (e.g. pass-the-hash), and cumulative risk score over time. All of this is done with the need for agents or or application customization.
EXTEND CONDITIONAL ACCESS TO ANY RESOURCE
Privileged asset management made easy: Extend MFA/2FA to any asset including servers, workstations, custom or legacy applications, cloud and federated apps, all without the need for endpoint agents or customization to the application.
VISIBILITY AND CONTEXT ACROSS LOCAL, CLOUD, AND HYBRID ASSETS
Preempt provides a unified approach that connects on-premise, cloud, and federated assets. Instead of silos and multiple team actions, staff can track a single user behavior across all assets wherever they may be for complete enterprise security vision.
STOP PRIVILEGED ACCOUNT ABUSE
Preempt analyzes all entities and detects privileged accounts including stealthy administrators that may not belong to official Admin groups in Active Directory. Every account is analyzed for a broad range of risks and weakness including password problems, reuse or shared passwords, vulnerability to attacks or unpatched endpoints, and much more.
ENABLE MULTI-FACTOR AUTHENTICATION (MFA)
MFA (or two-factor authentication/2FA) solutions can be difficult to deploy correctly and manage. Preempt makes it easier on both the users and administrators by automatically learning the behavior of every account, and can challenge abnormal behavior at the first signs of compromise. The solution automatically learns behavior across dozens of attributes, including groups, and applies the appropriate challenge based on the level of risk.
FLEXIBLE, ADAPTIVE POLICIES
Easily align policies to the unique needs and risk tolerance and compliance requirements of the organization. Tune policies to the needs of privileged accounts, programmatic accounts, or critical users or assets. Set policies by organization unit, active directory groups, managed vs unmanaged devices. Apply policies that change based on changing risk scores and context that evolve over time.
EASY AND LIGHTWEIGHT ARCHITECTURE
Preempt offers flexible, easy deployment methods that fit your organization’s infrastructure without disrupting operations. In a matter of hours, your organization can get visibility into all network risks and extend threat prevention capabilities everywhere in your global environment.
ENFORCE PASSWORD CHANGES
When password problems are identified, Preempt can require the user to create a new password on the next login. This not only helps improve organizational security but reduce IT costs for password reset help desk tickets.
AUTOMATICALLY MAINTAIN GOOD PASSWORD HYGIENE
Preempt automatically identifies users using passwords that have been compromised in a previous security breach or that exist in password dictionaries. The solution likewise analyzes across device endpoints to find users sharing passwords or users sharing the same credential, or devices that contain the same admin password.
IDENTIFY STALE AND UNUSED ACCOUNTS
Automatically monitor the environment and identify accounts that are no longer in use. Add policies to challenge any new actions from unused or stale accounts via MFA/2FA.
REDUCE ACCOUNT LOCKOUTS
Preempt automatically detects brute force attacks as well as a wide variety of other malicious techniques to compromise user accounts. By challenging unusual or risky behavior with MFA/2FA, organizations can automatically resolve issues and verify users without relying on overly stringent lockout policies.
ENGAGE END USERS IN SECURITY POLICY
While IT and security policies are often viewed as a 1-way controls enforced on users, Preempt enables IT to engage with users on policies. Challenge risky behavior in real time to provide instant feedback to users without disrupting valid user access. This allows users to develop better security habits without fostering an adversarial relationship between users and IT.
FASTER USER ADOPTION
Rolling out new security tools can be met with friction from a diverse user base. Less friction on MFA/2FA challenges will encourage users to adopt security tools faster user, resulting in smoother onboarding and a better security posture for your entire organization.