CrowdStrike speeds up proactive threat defense through partner intelligence data
CrowdStrike Inc. announced the availability of contextual enrichment for threat detections via a unified console experience. This new capability seamlessly integrates third-party threat intelligence data with CrowdStrike Falcon detections and incidents, delivering a comprehensive picture of an organization’s threat landscape.
As cyberattacks have increased in frequency and severity, organizations have responded by adding cumbersome point products to the security stack in an effort to fortify their defenses. This has resulted in complex security operations environments which has hindered organizations’ speed of response in identifying threat activity and hampered their ability to stop breaches.
To address these challenges and the complex process involved with different solutions having their own management consoles and varied threat intelligence data, CrowdStrike has introduced a unified console experience for security teams, where threat intelligence from various vendors enrich detections from the Falcon platform. This provides security teams with complete visibility and richer context of threat detections required to quickly understand, stop, and remediate incidents.
“In today’s fast-moving threat environment, organizations cannot afford to waste time triaging incidents in multiple, disparate solutions, before understanding the best course of action to take against a threat actor,” said Andy Horowitz, Vice President, CrowdStrike Store Business. “With advanced contextual enrichment on the Falcon platform, we give CrowdStrike customers the ability to better understand alerts and incidents external data sources. These capabilities remove the complexity and burden of managing multiple feed views and reduce manual investigation and triage work, bringing simplicity and effectiveness to security operations.”
Rich intelligence data delivered from CrowdStrike Store partners can be accessed using the cloud-native Falcon platform without requiring security teams to pivot across multiple management consoles, providing a better user experience. Organizations can simply enable the third-party app within the CrowdStrike Store to leverage threat intelligence feeds, such as indicators of compromise (IOCs), for additional context during an incident investigation, streamlining threat operations and significantly increasing the velocity of triage and remediation.
Features and Capabilities:
● Context enrichment: Use threat intelligence data from CrowdStrike partners to enrich security incidents, correlate and triage alerts faster, accelerating incident investigation and response.
● Time to value: Seamless built-in integrations to bring in rich data from other third-party applications regarding IP addresses, domains and hashes that help with faster alert triaging, response and security incident investigation.
● Simplified layered defense: Simplified security stack with multiple integrated solutions that helps streamline threat operations and management, getting ahead of sophisticated adversaries.
Newest Addition to the CrowdStrike Store:
In addition, CrowdStrike introduces a new app available for free trial from Perception Point, called X-Ray. It leverages Falcon threat detections to provide containment and remediation of malicious incidents, offering interception of content-based attacks across different collaboration channels like email, cloud storage, CRM apps, and messaging platforms.