Representative offices: 

Request callback

CrowdStrike took first place in the market share of Modern Endpoint Security 2020!


According to an IDC report, CrowdStrike is «on its track to become the first vendor to have annual revenue in the enterprise endpoint protection market to exceed $ 1 billion».

CrowdStrike took first place by the share of revenue in 2020 in the global market of corporate security endpoints according to IDC Worldwide Corporate Endpoint Security Market Shares. The report is further evidence of CrowdStrike's market leadership and demonstrates the proven effectiveness of the CrowdStrike Falcon platform as the company continues to outperform its competitors in performance, strategy and innovation.

The report said the COVID-19 pandemic facilitated a rapid transition to a remote work environment and forced organizations to prioritize increased costs for EDR solutions to enhance security in a high-risk environment. Organizations around the world have moved from local data centers to public clouds and expanded the need to protect both endpoints and workloads in their environments at a time when ransomware and phishing attempts were growing daily as attackers used the pandemic.

Unlike customers who choose other endpoint security vendors, those who choose CrowdStrike get the most out of crowdsourcing data, which can be scaled across enterprise networks and different ecosystems through the use of cloud and machine learning-based automation.

CrowdStrike is a pioneer in the field of modern endpoint security through innovations such as the introduction of the first and largest cloud knowledge base on security, which receives about 6 trillion unique data from endpoints per week. The CrowdStrike security cloud helps protect customers of all sizes with automated threat analysis and next-generation EDR.

According to Michael Suby, research vice president, Security and Trust at IDC, “The corporate endpoint security market is highly competitive and evolving. With threat actors relentlessly targeting end users and their devices as their first steps in attack campaigns, endpoint security is an essential first line of defense. As a first line of defense, organizations want more. They are expecting vendors to deliver a broader set of integrated and synergistic prevent, protect, and post-compromise detect and respond capabilities.”

CrowdStrike completely handles this. Customers get better protection, better performance, and lightning-fast payback with CrowdStrike from the Falcon cloud platform.

CrowdStrike recently took the lead in the 2021 Gartner Magic Quadrant among endpoint protection platforms. In addition, CrowdStrike received the highest score in the 2021 Gartner Critical Capabilities for Endpoint Protection Platforms Report. The company was also named the leader in endpoint security software in the Forrester Wave Q2 2021 report, receiving the highest scores on 17 criteria.

iIT Distribution is the official distributor of CrowdStrike. Our partners, customers and organizations of all sizes can get access to CrowdStrike Falcon, ordering a trial version from us.


The invitation to the third virtual forum of CrowdStrike


CrowdStrike, the world leader in endpoint protection invites everyone to join on the 17 - th of June the third CrowdStrike Virtual Forum 2021 to get a huge experience from the first people in the field of cybersecurity online!

This exclusive digital event provides an unparalleled opportunity to hear the opinion of a research team of security strategists and technical experts from around the world, as well as CrowdStrike customers who will share their experience in implementing and integrating CrowdStrike cybersecurity solutions and, which is important, impact on their business and results.

New threats appear every day, and the use of new generation technologies and methods — is the only way to stop criminals.

Why it is important to participate?

With the help of this forum you will learn how to transform effectively your security system, how to prioritize security and invest in it with a result oriented approach, how to protect and defend against the risks of information security breaches.

The program

Like cybersecurity the event is evolving at an exorbitant pace, and new speakers are being added to the CrowdStrike Virtual Forum discussion panel every day. You can always watch the latest program by the link.

We encourage you to pay attention to the speeches of CrowdStrike Product Director Amola Kulkarni and Humio Strategic Alliance Director Ken Green. Humio is the only journal management platform that provides complete real-time and full-scale tracking of all streaming logs and it is now a part of CrowdStrike. Through the collaboration of two leaders, Humio and CrowdStrike can open a enterprise-level solution that can handle the processing of large and ever-increasing amounts of event data, enabling organizations to collect, monitor, analyze and interact with all structured and unstructured data in their environment, which help to solve corporate IT tasks, including within the DevOps and DevSecOps models. You can learn more about the merger of Humio and CrowdStrike and its benefits for customers in our news by the link.

The most interesting cases

Business executives and security executives from companies such as Ernst & Young, the multinational human resources consulting firm Randstad, technology company MED-EL and even global universities will share their practical experience of using CrowdStrike products and the business results of their implementation.

The hottest and most anticipated event within the forum for partners and clients from Ukraine will be the speech of Adrian Pavlykevych, who is the Director of Information Security of ukrainian company SoftServe, which is known worldwide! It is an IT company working in the field of software development and consulting services. SoftServe has extensive experience in software development in the areas of Cloud, Security, UX Design, Big Analytics, Internet of Things.

Speed and flexibility in software development is of paramount importance for the company, as these factors allow better customer service and more effective competition in the market. But security is often seen as a barrier to DevOps, as many believe it hinders the rapid delivery of new applications and the ability to scale the infrastructure to meet business opportunities.

CrowdStrike knows how to implement the DevOps model without sacrificing security through automated compliance policies, detailed controls, and configuration management techniques.

In addition, the development of cloud technologies, as well as containers and microservices, has radically changed the way software is developed, but at the same time has led to new security risks that need to be considered. Organizations that want to integrate IT operations, the security team, and application developers need to make security a key component of the software development workflow. SoftServe will tell how they succeeded from its experience .

Choose the right tools for continuous security integration! Learn how CrowdStrike can help maintain the health and stability of your cybersecurity at CrowdStrike Virtual Forum 2021!



How subtle attacks maximize hackers' profits and what defensive actions need to be taken immediately

Articles and reviews

Demanding programs change their image. Do they pay ransom, how to protect themselves and what to do in case of ransomware attacks?

The main news since the beginning of last month have been allegations of criminal activity by hacker groups around the world in order to obtain funds for stolen and encrypted data. Therefore, the month of May was marked by a number of major cyberattacks, including the use of software ransomware.


Liverpool's subway has been hit by a Lockbit encryption attack, a Brazilian state's court system has been shut down due to malicious file encryption on computers on the system, and Babuk Locker hackers who attacked the Metropolitan District of Columbia have threatened to pay bribery reveal police informants.

The Conti attack seriously undermined Ireland's healthcare system and its affiliates insurance giant AXA were subjected to cyberattacks using a ransomware program, by which hackers stole 3 TB of confidential data from Asian units of AXA.

The target of all these attacks, unfortunately, are critical infrastructure, government and commercial social institutions that function as life support systems for our daily lives. Thus, attacks on such facilities can lead to far-reaching consequences from the activities of criminal groups.


Even the security of companies like Apple was attacked: the brand fell victim to extortionists. A group of cybercriminals, Sodinokoby, stole confidential information about the brand's future products (MacBook laptops and other devices) through the REvil blackmail program, hacking into Apple Quanta Computer (Apple's partner) systems. Hackers were waiting for a ransom from Quanta Computer of $ 50 million by April 27 and threatened to publish more than a dozen diagrams and drawings of components. It was also noted that the size of the ransom could be reduced from 50 million to 20 million, if it is paid by May 7. Later, REvil malware operators removed stolen Apple schemes from their data source site for unknown reasons. At the same time, stolen data from another large company was offered for purchase in the darknet this month.

Spanish Glovo food delivery service, who fell in love with Ukrainians, also felt the effects of a hacker attack during which, the data of tens of millions of users (160 GB of data with information about names, phone numbers, passwords) were put up for sale for $ 85,000.

Toyota suffered a double cyberattack in May: the first hit European operations of Daihatsu Diesel Company, a subsidiary of Toyota, and later Toyota Auto Parts Manufacturing Mississippi uncovered another attack using a ransomware program. Reports say some financial and customer data has been stolen and made public by attackers.


The largest ransomware attack during this period halted the largest US pipeline. On May 6, the operator of the Colonial Pipeline pipeline was subjected to a cyberattack by the DarkSide group, as a result of which the company was forced to suspend the transportation of fuel along the entire length of the 9,000 kilometer pipeline. DarkSide penetrated the Colonial Pipeline network and received almost 100 GB of data. After receiving the data, hackers blocked the data on some computers and servers, requesting a ransom. In case of non-payment, hackers threatened to leak data. The Colonial Pipeline website was unavailable, and the company itself admitted that it would resume transportation, which was suspended on May 7, only on May 15-16.

The scale of the attack on Colonial Pipeline was similar to the NotPetya incidents and the attack on Solar Winds.


There is a stunning reality of extortion programs: 92% of organizations do not receive all their data, even if they have paid a ransom. Nevertheless, 32% of companies in 2021 are still willing to pay for it, hoping for a full recovery of their information. Due to this willingness of companies to comply with any conditions of criminal groups, only in the first three months of 2021 the amount of ransom increased significantly and now averages $ 220,000, while in the last three months of 2020 this figure was at $ 154,000. even after paying such crazy money, a third of organizations have not been able to recover more than half of their encrypted data.

It is also worth noting that the concept of blackmail program attack is evolving day by day, and now such attacks include payment requirements even without data encryption. Attackers demand payment in exchange for preventing leaks of stolen information on the Internet. But even after paying the extortionists in this case, the company has no guarantees and can not remain protected from the publication or sale of this data. Because does it make sense to rely on the honesty of fraudsters?

Threats from extortionist programs almost always have valuable consequences for business, including disruptions and theft of confidential data. So is it worth taking such a valuable risk?


Readiness for extortion programs has become so mandatory for all organizations that even executives and directors recognize it as part of their responsibility for the operation of the business. The company's team CrowdStrike - the developer of cybersecurity systems, which protects thousands of Amazon-sized companies from hackers, regularly assists organizations in both training and preventive protection, and in responding to attacks by extortionist programs. The company announces some of the practices it recommends in such a turbulent time from attacks.

1. Increasing the resilience to threats of applications with Internet access

It is not recommended to connect RDP directly to the Internet. Attackers use one-factor authentication and unregistered Internet applications. Hackers regularly target systems through Remote Desktop Protocol (RDP), which is available from the Internet.

It is recommended that you use a VPN with multifactor authentication and make sure that any CVEs associated with the VPN platform and the underlying authentication application have priority for fix. This principle should apply to all remote methods and Active Directory (AD) and Citrix Gateway.

2. Introduction and improvement of e-mail security

The victim organization is caught through a phishing letter - this is the most common tactic. Typically, these phishing emails contain a malicious link or URL that delivers data to the recipient's work platform.

Therefore, it is recommended that you implement an email security solution that filters URLs, as well as an isolated attachment software environment. In addition, organizations may prohibit users from receiving password-protected zip files, executable files, javascripts, or Windows Installer package files unless there is a legitimate business need to do so. Adding the "External] tag to non-organization emails and a warning message at the top of the email helps remind users to exercise caution when handling such emails.

Users should also have a documented process to report any emails they are unsure of. In addition, organizations should consider restricting users' access to personal email accounts.

3. Endpoint protection

During the lifecycle of an attack, which ends with the deployment of a ransomware, attackers often use a number of methods to exploit endpoints. These operating methods range from the use of bad AD configurations to the use of public exploits against unprotected systems or applications.

That is why we have to:

  • Provide full coverage of all endpoints in your network for endpoint security products and for the endpoint detection and protection platform (EDR).
  • Develop a vulnerability and patch management program.
  • Follow Active Directory security guidelines: avoid easy passwords with weak authentication methods; avoid having regular users with a domain with local administrator privileges and local administrator accounts with the same passwords for the entire enterprise; restrict data exchange between workstations; avoid sharing privileged credentials.

4. Offline backup

The only reliable way to save data during a ransomware attack is backups that are protected from those programs. When developing a stand-alone backup infrastructure, protected from extortionate programs, keep in mind that:

  • Standalone backups as well as indexes (which describe what data is contained) must be completely separated from the rest of the infrastructure.
  • Access to such networks must be controlled through strict access control lists (ACLs), and all authentications must be performed using multifactor authentication (MFA).
  • Administrators who have access to both stand-alone and network infrastructure should avoid re-using account passwords.
  • Cloud storage services with strict ACLs and rules can also serve as a stand-alone backup infrastructure.
  • Emergencies, such as a blackmail attack, should be the only case where a stand-alone infrastructure is allowed to connect to an existing network.

5. Restricting access to virtualization management infrastructure

New attacks use the ability to directly attack virtualized infrastructure. This approach allows you to use a hypervisor that deploys and stores virtual machines (VMDKs). As a result, endpoint security products installed on virtualized machines do not see malicious actions that target the hypervisor.

Many ESXi (VMware hypervisor) systems do not have a Secure Shell (SSH) protocol by default and are usually managed through vCenter. If SSH is disabled, previously stolen administrator credentials are used to enable SSH on all ESXi systems, so:

  • Restrict access to ESXi hosts to a small number of systems and make sure that these systems have proper endpoint monitoring.
  • Make sure SSH access is disabled, or make sure it is MFA protected.
  • Make sure that passwords are unique and secure for each ESXi host, as well as for the web client.

6. Implementation of the identification and access management program (IAM)


Any organization can fall victim to malicious extortion campaigns with seven-figure ransom demands, but much can be done to stop criminals. The damage that companies can suffer from one such attack can be ten times higher than the cost of its prevention and modern protection. Moreover, it is necessary to take into account the fact that every malicious action on the organization leads not only to material losses, but also damages the business reputation, brand and position of the company. Avoid such risks helps iIT Distribution.

iIT Distribution specializes in advanced information security solutions. We not only provide software and hardware, but also provide a full range of support and consulting services. We offer initial examination and assessment of the state of your information security of the enterprise, which is carried out by highly qualified specialists, selection of equipment and software and implementation of comprehensive cybersecurity solutions in the existing infrastructure, so you can be sure of your protection!

Try to contact with us through the feedback form on the website and get advice from professionals!


A series of training workshops from CrowdStrike


The best way to learn about technology is to test it in your own realities. This is exactly the opportunity provided by the company CrowdStrike - a world leader in the field of protection of terminal devices! The company provides overview access to its main solution - the platform Falcon - the first in the field of cloud platform for protection of end devices, and creates a series of interactive workshops!

At its webinars, CrowdStrike will present various aspects of using the Falcon platform in 45-60 minutes. The workshops will feature three streams of interactive seminars that will allow you to fully familiarize yourself with the company's product: familiarization with CrowdStrike Falcon, responding to threats in real time and their detection.


In this workshop, participants will learn about the Falcon Platform by simulating a real attack scenario: an Mummy Spider attacker will break into an organization where he will look for a network port that is used to block it. Participants will navigate the console, read the prompts and mark the features that are presented in Falcon X, Falcon Prevent and Falcon Insight.


At the workshop, participants will learn part of how to fix an attack and learn about the Falcon Console by actively detecting various types of attacks. The goal is to work out attack scenarios and effectively stop violations. After testing the active detection feature, participants will open the RTR console and move from the main tasks in the RTR to the more advanced features available in the Falcon Console.


Participants will begin a threat warning workshop and receive interesting information, after which they will continue to investigate the incident. The basic principles of threat detection will be presented using the Falcon Console. Participants will also learn the value of using a visual search for compromise indicators compared to standard IOC analysis and will be able to assess the importance of integrating these search results with CrowdStrike Intelligence.


The CrowdStrike Falcon solution is the only cloud security platform for single-agent endpoints on the market. It integrates easily into the existing environment, allowing the security team to effectively detect and block malicious activity, preventing negative impact on organizations by protecting next-generation SaaS-based endpoints. Thanks to the interactive seminars, you will be able to get acquainted with the functionality of the platform, test the work, emulate the prevention of the attack: from its penetration, investigation of the incident, and to its neutralization.


Our partners will be able to:

  • increase their knowledge in the field of innovative methods and tools to protect against the latest attacks;
  • increase their competencies and skills in implementing and supporting CrowdStrike solutions for end customers;
  • note the value of using the Falcon platform compared to competing solutions.

End users will be able to:

  • get acquainted and test the work of the Falcon platform;
  • work out live scenarios of incidents and their investigation;
  • evaluate the ease and speed of deployment and operation of the platform;
  • identify weaknesses and blind spots in the existing cyber security infrastructure of the enterprise and take the necessary measures to eliminate them.

Workshops will take place every Wednesday. You can follow the current schedule on our website in the section "Events and webinars". Choose a convenient time and register!

It is necessary to remind that iIT Distribution is the official distributor of CrowdStrike, which provides distribution and promotion of solutions in Ukraine, as well as professional support for their design and implementation. We always provide the necessary level of information support to our partners and customers for each product and solution and are ready to provide advice on any issues to improve the efficiency of your IT infrastructure and its protection.



CrowdStrike has become the leader in the Gartner Magic Quadrant 2021 for the second time among endpoint protection platforms!


Gartner has recognized CrowdStrike as a leader in endpoint security (EPP) security vendors.

CrowdStrike became the only company that not only maintained its position as a leader, but also for the second time in a row took the best position among Visionaries in Magic Quadrant EPP! This demonstrates the extent to which CrowdStrike is committed to meeting the needs of companies around the world and helping them to stay ahead of the changing threat landscape.

This quadrant evaluates innovations that enable organizations to protect their corporate endpoints from attacks and hacks. The development of technologies and practices in this area is due to two trends: the growth and complexity of attacks on endpoints and the sudden surge of remote work. As a industry pioneer, CrowdStrike continues to set standards and change the way organizations deal with security threats. That's why no other vendor has been able to reach CrowdStrike's explosive trajectory within this quadrant.This quadrant evaluates innovations that enable organizations to protect their corporate endpoints from attacks and hacks. The development of technologies and practices in this area is due to two trends: the growth and complexity of attacks on endpoints and the sudden surge of remote work. As a industry pioneer, CrowdStrike continues to set standards and change the way organizations deal with security threats. That's why no other vendor has been able to reach CrowdStrike's explosive trajectory within this quadrant.

"This recognition of CrowdStrike's Falcon platform shows that organizations seek to adapt to the complexities of today's work environment through a cross-cutting platform that offers them the security transformation they need to thrive.", - said Michael Sentonas, CrowdStrike CTO.

Falcon includes an EDR product that focuses on detection and response capabilities to identify and address complex threats; at the same time, it also has a malware prevention file system that uses static and behavioral machine learning to protect against known threats. CrowdStrike continues to invest in additional features, such as the acquisition of Preempt Security and Humio for its platform, advanced firewall management, and mobile security options.


  • CrowdStrike Falcon provides all the basic features of EPP in one agent. Customers appreciate the low use of resources and opportunities for integration with additional third-party solutions. Also note the easy-to-use management console and simplified deployment experience.
  • CrowdStrike has a strong reputation in the marketplace as the only endpoint protection solution for organizations looking to integrate their agents / EPP and EDR solutions. Falcon X threat analytics and Threat Graph cloud data analytics allow you to detect complex threats and analyze user and device data to detect abnormal activity.
  • CrowdStrike is widely known for its brand and has earned a reputation for its professional services. Falcon OverWatch and Falcon Complete are very popular with customers who do not have their own SOC / threat detection teams and those who want to develop their own internal security teams.
  • CrowdStrike has a client base that is highly attacked by attackers. As a result, the company is constantly adapting to changes in attack methods and has achieved positive results in MITER Phase 2 with a consistent definition of tactics and methods.

In addition, CrowdStrike has the highest rating among vendors reviewed in Gartner Peer Insights' Voice of the Customer reports on endpoint attacks detection and response solutions for 2019 and 2020.


A world leader in cybersecurity, rethinking security for our new, cloud-based era through an end-to-end and workload protection platform designed to prevent hacking. The architecture of the CrowdStrike Falcon platform with a single light agent uses cloud artificial intelligence (AI) and provides real-time protection and transparency across the enterprise, preventing attacks on endpoints and workloads on or off the network. CrowdStrike Falcon, based on its own CrowdStrike Threat Graph, correlates in real time over 5 trillion endpoint-related events from around the world, providing one of the world's most advanced data platforms for security. With CrowdStrike, customers get better protection, better performance, and immediate payback with the Falcon cloud platform. Learn more about CrowdStrike by the link.


2021 Gartner Magic Quadrant for Endpoint Protection Platforms

Fill out the form below and get full report


Сrowdstrike named leader in security Threat Detection, Response and Investigation of cyberincidents (MDMR)!


CrowdStrike CrowdStrike continues the good news streak, earning the highest scores on 11 criteria as well as in the market presence category in The Forrester Wave: Managed Detection And Response (MDR) for Q1 2021, making it a leader in its class.

As a reminder, the CrowdStrike Falcon X product was named the Forrester leader among Threat Intelligence providers last week. If you are new to this news, we recommend reading the full overview of the benefits for which CrowdStrike has received the highest marks and is universally recognized here.

CrowdStrike leverages the threat intelligence it collects through incident response and Falcon endpoint protection platforms, integrating organic threat intelligence from these sources into its MDR service delivery approach and delivering significant value to customers. In the Forrester report, CrowdStrike scored the highest possible score on 11 out of 19 criteria.

Based on the report, MDR will become a must-have in 2021. MDR has been around as a category of solutions for years, but analysts are predicting a sharp rise for the technology in the coming year, moving from a niche product to a necessity for many organizations.

For MDR, speed is one of the most important metrics, as it measures the ability to outrun increasingly sophisticated opponents. Forrester especially notes the speed of Falcon Complete:

  • Time of useful activity. Forrester scored 5/5 for its reactive deployment process, which ensures customers can be fully protected within days of installation, rather than weeks or months like many other vendors.
  • Threat response time. Forrester said customers interviewed highlighted that Falcon Complete's speed of response to security incidents is a key benefit and is key to staying ahead of attackers operating at increased speed. Falcon Complete closely monitors response times by following the 1-10-60 rule. This plays a significant role when cybercriminals can do damage in a matter of hours. In the latest report from CrowdStrike Services Cyber Front Lines, the Falcon Complete team showed that they can detect threats in the first minuteinvestigate in 6 minutes and remediate them in 29 minutes.
  • Quick support response. Customers also reported that general support issues such as help deploying the CrowdStrike Falcon or discovery questions were quickly and efficiently resolved by the Falcon Complete team.

CrowdStrike customer feedback highlights the speed with which the vendor responds to both detected security incidents and support issues in general, and the process-oriented nature of investigations as key strengths. Forrester also gave Falcon Complete the highest score possible for its presence in the market for MDR solutions. In less than three years since its first launch, Falcon Complete has grown to become one of the most widely deployed MDR solutions on the planet, providing 24/7 protection to thousands of customers representing millions of endpoints.

This recognition from Forrester strengthens CrowdStrike's position as the market leader in guided detection and response.

Full report The Forrester Wave: Managed Detection And Response (MDR), Q1 2021

The original source


Falcon X від CrowdStrike визнаний лідер у звіті Forrester Wave: External Threat Intelligence Services за перший квартал 2021 року!


Forrester analysts rated Threat Intelligence providers on 26 criteria grouped into three high-level categories:

  • Current offering: Assessment of Analysis Requirements, Baseline Gathering, Information Analysis, Dissemination, Cyber Threats, Risk Analytics, and more.
  • Strategy: product vision, strategic partnerships, business model, and ancillary products and services.
  • Market presence: number of customers and revenue from product line.

CrowdStrike earned the highest possible score in 17 criteria and first place in the Market Presence category, showing us that more customers trust CrowdStrike than any other vendor.

Forrester Wave: External Threat Intelligence Services Q1 2021

Recognition of a company as a leader is associated with an assessment of the quality of the threat analysis life cycle. CrowdStrike defines five stages of the cycle:

  1. Intelligence Requirements: Define plans and targets for intelligence operations.
  2. Raw intelligence: gathering baseline information.
  3. Intelligent Analysis: Answers the questions asked during the requirements phase.
  4. Dissemination: Displays analysis results in a convenient format for end users.
  5. Feedback: Get feedback from customers and improve.

This set of five criteria is critical as they form the foundation upon which each vendor's threat intelligence capabilities are built. CrowdStrike received the highest scores on four of the above five criteria. These ratings confirm that CrowdStrike is unmatched in professionalism and analytics.

CrowdStrike received the highest score in the gathering phase of all vendors. We believe this important criterion highlights CrowdStrike's ability to collect data that no one else can, resulting in threat intelligence that no other vendor can provide.

Given the ratings, it is no surprise to us that CrowdStrike scored the highest possible score on Cyber Threat Intelligence.

CrowdStrike Falcon X enables organizations of all sizes and ages to easily deploy intelligence at the Security Management Center (SOC) and receive best-in-class analytics and technical analysis backed by a dedicated team of intelligence professionals. Based on CrowdStrike Threat Graph telemetry, which correlates over 5 trillion endpoint events per week, data collected from over a million unique sources and reviewed by the CrowdStrike analyst team, which tracks over 150 hacker groups, Falcon X gives organizations insight into tactics, methods and adversary actions, allowing clients to take proactive measures to detect and defend against current and future attacks.

CrowdStrike is also named a leader in The Forrester Wave: Enterprise Detection And Response, Q1 2020 and The Forrester Wave: Endpoint Security Suites (ESS), Q3 2019.

For more information on the benefits that helped Falcon X become a leader see CrowdStrike..

Read the full report The Forrester Wave: External Threat Intelligence Services, Q1 2021.


New Forrester study shows all the economic benefits of using the Falcon Complete!

Articles and reviews

A recent large-scale study commissioned by Forrester Consulting commissioned by CrowdStrike, entitled “The Overall Economic Impact of Using CrowdStrike Falcon Complete,” uncovered the full benefits of CrowdStrike's Managed Detection and Response (MDR) approach.

Based on customer surveys, independent analysis, and financial simulations, Forrester estimates that a customer can save nearly $ 6 million in 3 years, representing an estimated return on investment (ROI) of 403% for Falcon Complete with a ROI in less than three months.

In interviews with a diverse group of Falcon Complete customers, Forrester assessed several distinct benefits that organizations can benefit from using Falcon Complete:

    • Operational efficiency and expansion.
      Organizations gain additional capabilities equivalent to 11 full-time SOC analysts.

    • The risk of being hacked is significantly reduced.
      Forrester's analysis found that the proactive management and customization provided by the Falcon Complete team, coupled with CrowdStrike's breach prevention guarantee, almost eliminates information security risks.

    • Eliminate redundant tools.
      CrowdStrike provides improved protection and performance while reducing costs by replacing many other security tools.

    • Reduced downtime due to security incidents.
      Falcon Complete can fully remediate violations in minutes, rather than relying on reimaging or replacing compromised endpoints.

Naturally, it is necessary to evaluate all the advantages in terms of the cost of certain solutions. Throughout its research, Forrester closely monitored the costs incurred by security services throughout the endpoint security lifecycle, including costs associated with:

    • acquisition and deployment of endpoint protection technologies;

    • 24/7/365 global monitoring and control;

    • 24/7/365 proactive threat search;

    • complete remediation and recovery of systems affected by incidents;

    • service and customization.

Comparing these overarching costs to the benefits organizations get from using Falcon Complete, Forrester has posted an astounding 403% ROI on the product.

More importantly, none of the organizations surveyed reported any serious intrusions since partnering with CrowdStrike Falcon Complete. As a result, Falcon Complete delivers amazing security results at a price far lower than purchasing and creating similar enterprise security environments with other solutions, manpower, and maintenance costs.

You can read the full study here.


iITD is the official partner of the International Grand Forum "BIT & BIS-2021"!


On March 3, Kiev will host the main event of the domestic ICT market - the International Grand Forum "BIT & BIS-2021"!!

This annual unique industry event promises visitors a unique atmosphere and an impressive informational charge.

Partners and experts of the event will share the latest in the IT industry, their personal experience and advice.

Company iIT Distributionan official partner of the event, together with NetBrain and CrowdStrike, will share their knowledge in the field of information security.

The main problem for cybersecurity departments in most companies remains the lack of the necessary level of automation and visual control over the cyber environment. The lack of an automated mechanism for collecting data, contextual understanding of security incidents and visual control over hidden potential threats in the network significantly increases the risk of an organization becoming a victim of a cyber attack and reduces its confidence in its own security.

That is why Sergey Aleinikov, Head of Technical Department at iIT Distribution, will tell you about CrowdStrike – Identity Threat Detection. A solution for tracking the authentication process, questionable user behavior and detecting threats in real time! Identity Threat Detection correlates events around the user, their activity and the device to improve response to a threat, thereby reducing the need for complex, time-consuming analyzes by SOC employees, and shortening the response time to events.

Expect our second talk from Andrievsky, network engineer at iIT Distribution, who will tell you how to get rid of heavy manual work and save time and money with the Network Automation from NetBrain.

Organizations are constantly adding new solutions and connected devices to their networks. Traffic is increasing, and there is no understanding of the maximum capabilities of many products and ways to provide protection. During the pandemic and the transition to remote work, new devices were added spontaneously, and there was not enough time to fully study the functionality. It is time to structure the work of IT resources and build a unified and functional information security system! How exactly? We are ready to answer all your questions!


CrowdStrike has announced the acquisition of Humio's leading high-performance log management platform!


CrowdStrike introduces the industry-leading next generation XDR data processing platform.

CrowdStrike adds to its portfolio best-in-class Humio a logging and aggregation platform for unlimited, comprehensive event analysis - on-premises or in the cloud. The solution offers 1 TB of downloads per day, in-memory streaming, live, shared dashboards, alerts, analysis and real-time visualization of any events. Founded in 2016, Humio Event Log Management Platform is the fastest and most efficient solution with proven ability to do large scale jobs, making it ideal for extending CrowdStrike's capabilities.

The Humio data platform minimizes the problem of the ever-growing volume of event data and enables users to collect and analyze this data (structured or unstructured) at full scale. Leading organizations around the world such as Aruba HPE, Bloomberg, Decisiv and others have chosen Humio for the best technology and performance.

Humio will help CrowdStrike deliver a deeper, index-free XDR at a speed and scale that no other vendor can match. This EDR and XDR partnership is based on a combination of endpoint event logging with network visibility, account and identity management, and massive telemetry of all workloads, whether they are on-premises, in the cloud, or even deployed in a container.

Humio and CrowdStrike togetherwill create an enterprise-grade solution that solves the challenge of handling large and growing volumes of event data by empowering organizations to collect, observe, analyze and interact with all the structured and unstructured data in their environment to help meet enterprise IT challenges. including within the framework of the DevOps and DevSecOps models.

Customers and partners will be able to take advantage of the new data collection capabilities of the CrowdStrike Falcon platform to provide better analytics, threat detection and inter-event connectivity. All of this is delivered through a single intelligent server with great speed and efficiency.

CrowdStrike continues to innovate and improve its platform to solve real-world end-user problems, enriching it with additional capabilities.

Contact the iIT Distribution team , the official distributor of CrowdStrike, to learn more about the CrowdStrike Falcon platform and its new features!

Full release by the link.


Mobile Marketing