CrowdStrike Security Cloud Integrates with Network Detection and Response Solutions For Comprehensive Platform Responses to Threats

April 23, 2021 Off By David

CrowdStrike announced a series of integrations with CrowdStrike Security Cloud that correlates the CrowdStrike Falcon platform’s enriched endpoint and workload telemetry with network telemetry for greater end-to-end visibility and contextual insights to combat threats. These integrations with leaders in network detection and response (NDR) and network threat analytics (NTA) help mutual customers build a cohesive platform tailored to protect and defend against any threats across all enterprise software components, wherever those threats are encountered.

With the surge in remote workforces and ever-increasing cloud adoption, modern security operation centers (SOCs) are faced with increased attack surface blind spots and an uptick in operational challenges due in part to lack of interoperability across point security solutions. Security professionals are spending too much time and resources investigating increased alert volume impacting their productivity and efficiency in addition to compromising their security posture.

CrowdStrike customers desire a strong connection between the Falcon platform and the NDR ecosystem to boost their security efficiency and efficacy with shared contextual telemetry and indicators of compromise (IOCs). Today, along with our partners we are delivering to customers better ways to maximize their investment in the Falcon platform. With CrowdStrike’s integrations with ExtraHop, Vectra, Awake Security, Corelight, Darktrace, IronNet and ThreatWarrior, mutual customers can now integrate CrowdStrike’s industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) with leading NDR solutions that monitor east-west traffic and communications within the network itself and help surface any blind spots that span across network and cloud environments. Through these integrations, customers can take advantage of:

  • Concise and actionable insights based on coordination of alerts and telemetry across CrowdStrike and leading NDR solutions
  • Integrated data feeds that enable enhanced response capabilities to identify and isolate risks faster with cloud-scale artificial intelligence (AI)
  • Enhanced threat intelligence to pinpoint novel attack methods with identification of new attack signatures
  • Customizable response actions are available for partners to execute leveraging Real-Time Response capabilities (RTR) on the Falcon platform, based on early attack behaviors observed on the network
  • Open ecosystem of purpose-built integrations for cloud-delivered extensibility and flexibility

“The increased complexity in corporate networks, coupled with the heightened sophistication of cyber threats, can quickly overwhelm today’s security analysts. While many point solutions promise comprehensive security, security teams are often not only left with blind spots in their environments but also siloed tools and data in the IT stacks that put security teams at risk of missing or overlooking critical alerts,” said Amol Kulkarni, chief product officer, CrowdStrike. “CrowdStrike’s Security Cloud is an open platform enabling seamless integration with best of breed solutions. This integration with NDR partners provides mutual customers a comprehensive, holistic cybersecurity solution with enhanced visibility, streamlined detection and response and frictionless automation to address protection and operational challenges, while helping drive total cost of ownership down.”