What CrowdStrike is actually selling, is someone who actually looks at the system logs and who pushes a button when something pops up. Roughly.
There are better solutions on the market. Unfortunately CrowdStrike has the more aggressive sales team.
For those wondering, I’m referring to *nix based solutions like SElinux, appArmor, iptables, nftables, cgroups, …
But you need to monitor your logs if you want to take appropriate action.
What CrowdStrike is actually selling, is someone who actually looks at the system logs and who pushes a button when something pops up. Roughly.
There are better solutions on the market. Unfortunately CrowdStrike has the more aggressive sales team.
For those wondering, I’m referring to *nix based solutions like SElinux, appArmor, iptables, nftables, cgroups, … But you need to monitor your logs if you want to take appropriate action.