CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs Evaluations

  • CrowdStrike wins third consecutive Best Endpoint Detection and Response 2024 Award from SE Labs
  • The award recognizes that the CrowdStrike Falcon® platform demonstrates consistent results in detecting real-world adversary tradecraft, both in SE Labs testing and in real-world scenarios
  • CrowdStrike remains committed to participating in independent testing that provides transparency into the Falcon platform’s AI-native detection and automated prevention capabilities 

The CrowdStrike Falcon platform has received the Best Endpoint Detection and Response 2024 Award from SE Labs for the third consecutive year. This award honors CrowdStrike’s leadership in demonstrated detection, prevention and investigation capabilities. This repeat performance is made possible by CrowdStrike’s unified, AI-native platform, which delivers unsurpassed protection through a single lightweight agent and console, fueled by CrowdStrike’s petabytes of cross-domain intelligence and award-winning threat intelligence and advanced AI and machine learning capabilities. The recognition also highlights our continued commitment to transparency in public testing.

In describing the significance of this award, SE Labs notes:

The best security involves having a good understanding of your enemy and the extent of the impact they could make (or have already made) on your IT infrastructure. Endpoint Detection and Response are the boots on the ground when it comes to seeing, stopping and investigating cyber threats on the network. A great solution makes it easier for security teams to be more effective.

The SE Labs Best Endpoint Detection and Response 2024 Award reflects CrowdStrike’s consistent, year-long testing results in detecting real-world attacker behavior with the highest protection accuracy during SE Labs EDR tests. In the ransomware-specific testing, the Falcon platform detected and blocked all attacks, with zero false positives, to achieve a 100% ransomware protection score.

In addition, as part of this award, SE Labs incorporates results reported by customers. To earn this third straight win, the Falcon platform showed that it delivers best-in-class results during sophisticated lab-based testing and in real-world engagements. From ransomware to sophisticated attack chains, the Falcon platform defends against attacks at every stage, neutralizing adversaries.

An Adversarial Approach to Testing Endpoint Detection and Response

SE Labs Endpoint Detection and Response testing involves using current threat intelligence on known and relevant adversaries to build similar attack chains in a practice known as adversary emulation. This involves replicating tradecraft from sophisticated adversaries such as Turla, Ke3chang, Threat Group-3390 and Kimsuky to make test cases as similar as possible to real-life engagements. The intent behind these attacks is to infiltrate systems and breach target networks, realistically mirroring the methods that adversaries use to compromise systems. 

Ransomware is a big part of SE Labs’ testing. It inflicts damages totaling billions of dollars and it’s increasingly used for extortion by big game hunting (BGH) adversaries — the number of data theft victims named on BGH dedicated leak sites spiked by 76% year-over-year in 2023, as detailed in the CrowdStrike 2024 Global Threat Report.

It is critical to test EDR vendors’ ability to detect the tactics of cybercriminal ransomware groups, as well as known and unknown ransomware. By creating attack chains that replicate tactics — such as the use of stolen identities or lateral movement — and using ransomware samples employing typical methods like phishing, these ransomware-specific EDR tests are meant to evaluate whether security vendors can detect and protect businesses against real-world scenarios.

Throughout 2023, SE Labs included realistic adversary tradecraft in its EDR attack chains, as well as real-world tactics used by ransomware operators, to evaluate detection and prevention capabilities. The ransomware-specific test involved 615 ransomware variants from 10 different ransomware families being employed in sophisticated attacks mimicking the tradecraft of real-world adversaries.

The SE Labs Best Endpoint Detection and Response 2024 Award stands as a unique accolade in the industry, recognizing practical success in seeing, stopping and investigating advanced threats by understanding adversary behaviors.

Additional Resources

Related Content