CrowdStrike’s platform plan at Fal.con melds security and observability

Were you not able to attend the event? You can find all of the summit sessions in our library. Here is the place to watch.

The data gaps between IT and security need to be closed in order to deliver on the potential of the platform. CrowdStrike made a lot of announcements at Fal.con.

Adding security should be part of a business plan. George Kurtz, CrowdStrike's founder and CEO, said during his keynote address at the conference that it should be something that adds to business resilience and protects productivity gains.

The company is using security to make it the center of your digital transformation. The company wants to protect its productivity and future.

Workload protection, identity-threat protection, and the company's focus on data dominated the keynote.

MetaBeat is a sequel to Meta Beat.

Thought leaders will give guidance on how metaverse technology will transform the way all industries communicate and do business in San Francisco on October 4.

A majority of the attacks use some form of identity theft.

CrowdStrike will acquire Reposify and make strategic investments in Salt Security and Vanta through its strategic investment vehicle, the Falcon Fund.

Reposify scans the internet daily for exposed assets and allows enterprises to have visibility over them.

He said that Reposify's best-in-class scanning engine would enhance CrowdStrike's capabilities across the Falcon platform and strengthen the core areas.

CrowdStrike CEO: Security and observability need to converge 

CrowdStrike wants to be the leader in merging security and data. Two new products announced at Fal.con are designed to provide real-time observability, actionable insights, search data with sub-secondlatency and telemetry data for the CrowdStrike Threat Graph and Asset Graph.

Secops and ITops are coming together to drive this convergence. "He said that." He said that rich information would be provided for both the security team and the IT team if we could ingest at scale.

The company's vision is based on its core strengths of endpoint security, cloud security, threat intelligence and identity protection. The company is focused on democratizing extended detection and response for all of its customers by building on their strengths.

All of our customers will be able to get XDR for free. If you have Insight, there are licensing add-ons that will help you move to XDR. You will be able to get that through the sales organization. We are excited about what we are doing in XDR.

The XDR is in the tech stack.

CrowdStrike devops is in overdrive  

CrowdStrike and threat hunter teams collaborating and working toward common design goals is shown in other announcements.

In an interview with VentureBeat, Amol Kulkarni, chief product and engineering officer at CrowdStrike, said, "If you have the core infrastructure in the right place, then you can iteratively and build out products much faster." We have the idea of collecting once and using multiple times. Collecting all the data from the security cloud and putting more data on top for different scenarios is what that is. That gives us the ability to move fast.

Expanded loud-native application protection platform (CNAPP) capabilities

New cloud infrastructure entitlement management features and the integration of CrowdStrike Asset Graph have been added to one of CrowdStrike's mostambitious projects.

CrowdStrike's approach to CIEM enables organizations to detect and prevent identity-based threats from improperly configured cloud entitlements across public cloud service providers. They do this by providing continuous detection of identity threats.

Kulkarni showed how CrowdStrike Asset Graph can be used to visualize cloud assets and how CIEM can help secure cloud identities and entitlements. The goal is to perform real-time point queries for rapid response. He said that combining the Asset Graph with CIEM gives more analytical queries for asset management. He showed how the CrowdStrike Threat Graph provides full visibility of attacks and automatically prevents threats in real time.

Falcon Insight is now Falcon Insight XDR, enabling native and hybrid XDR for all customers

XDR is built on the foundation of endpoint detection and response and is designed to speed and simplify near real-time detection, investigation and response. The goal is for Falcon Insight XDR to give all customers the opportunity to leverage the power of native and hybrid XDR as a fundamental platform capability, with no disruption to existing EDR capabilities or workflows.

CrowdStrike supports third party data from CrowdXDR Alliance partners. Third-party vendors include Microsoft and Palo Alto Networks. The Zscaler Zero Trust Exchange can be used to drive response actions from XDR detections.

CrowdStrike customers will be able to leverage the platform's native XDR capabilities if they add the native XDR pack.

Falcon Discover for IoT targets security gaps in and between industrial control systems (ICS)

The world's critical infrastructure for water, power, oil and gas production and process manufacturing aren't designed for security. Among the most porous and poorly protected are the infrastructure facilities they support.

Kulkarni told VentureBeat that DiscoverFalcon is designed to provide comprehensive visibility and continuous risk assessment across the internet of things.

Kulkarni said, "Defining what's present doesn't solve the problem." In order to make the most informed, risk based decisions, organizations need a security platform that can provide deep visibility into cross-domain data and an understanding of their attack surface. With CrowdStrike driving the convergence of security and observability, organizations can do more with their data and bridge the gap between OT and IT environments.

Kulkarni gave a demonstration of Falcon Discover for the internet of things. The demo showed how customers could improve IT/ OT convergence with a centralized and up-to-date inventory of all IT, OT and Internet of Things assets. It is possible to identify and mitigate risks associated with connected devices. Real-time asset monitoring and visibility of IT and OT environments can help identify legacy systems and identify blind spots.

A call for more cyberdefenders 

If there is a modern war that impacts the nation where you're from, you're going to find yourself in a room figuring out how to best protect your nation. Six months is a long time to plan an attack on your company. Always be alert, Mandia said.

CrowdStrike has turned iterative development into a competitive advantage with their rapid pace of development. The Falcon platform has proved to be an innovation catalyst that can quickly span the fast changing customer requirements of threat hunting.

The mission of VentureBeat is to be a digital town square for technical decision-makers to gain knowledge. Our briefings can be found here.