CrowdStrike introduced the CrowdStrike Asset Graph, a new graph database powered by the CrowdStrike Security Cloud that gives IT and security leaders a 360-degree view on all assets (both managed and unmanaged).
It also provides visibility to their attack surface across devices, users, accounts, applications, cloud workload, operational technology (OT) and more to simplify IT operations and stop violations, according to the company.
According to CrowdStrike, Visibility is one of the core principles of cybersecurity because businesses cannot secure and defend assets they do not know exist. This, in turn, creates a race between competitors and the company’s IT and security teams to find these blind spots.
According to a 2022 report from the Enterprise Strategy Group (ESG), 69% of organizations experienced a cyber attack where the attack itself began by exploiting an unknown, unmanaged, or improperly. managed assets facing the internet. ”
The CrowdStrike Asset Graph aims to solve this problem by dynamically tracking and tracing complex interactions between assets, providing a single holistic view of the risks posed by those assets.
While other solutions only provide a list of assets without context, Asset Graph provides graphic visualizations of relationships between all assets such as devices, users, accounts, applications, cloud workload and OT, along with the rich context necessary for proper security hygiene and proactive management of security posture to reduce risk to their organizations.
CrowdStrike chief product and engineering officer Amol Kulkarni said, “Digital innovation has led to an equal and clear acceleration of security innovation in modern business. For the companies farthest along on this journey, the IT operations and security teams – formerly distinct loops – converge, creating a more proactive posture when it comes to security and risk management.
“Specifically developed to address this new dynamic, the CrowdStrike Asset Graph allows organizations to see the assets they have and how they interact with each other, helping them make smart, risk -based decisions – from security to IT performance, utilization, capacity, license management and more – to actively protect and manage their IT environment. ”
The CrowdStrike Falcon platform is specifically built using cloud-native architecture to leverage large amounts of high-fidelity enterprise security and data, and deliver solutions through a single, lightweight agent to keep customers ahead. customers to sophisticated threats.
CrowdStrike’s graph technologies, which started with the company’s Threat Graph, form a distributed data fabric that is interconnected in a single cloud, the Security Cloud, that powers the Falcon platform and CrowdStrike solutions.
Using a combination of AI and behavior pattern matching techniques to relate and contextualize information across the broad fabric of data, CrowdStrike graphs create a “collect data once, reuse it many times ”approach.
According to CrowdStrike, the three graph technologies that underpin the Falcon platform now include:
Threat Graph: The Threat Graph that defines the CrowdStrike industry draws trillions of security data points from millions of sensors, enriched with threat intelligence data and third-party sources, to identify and correlate threat activity together to provide full visibility of attacks and automatically prevent real-time threats across CrowdStrike’s overall customer base.
Intel Graph: By analyzing and linking large amounts of data to adversaries, their victims and their tools, Intel Graph provides unparalleled insights into changes in tactics and strategy, enabling strategy focused on the CrowdStrike protagonist using world-class threat intelligence.
Asset Graph: With this release, users are able to accurately identify assets, identities and configurations across all systems including cloud, on-premises, mobile, Internet of Things (IoT) and more, and connect to it in a graph form. Consolidating and organizing this information into context will lead to new solutions that are changing how organizations implement security hygiene and manage their security posture, the company said.
CrowdStrike says the Asset Graph will allow new Falcon modules and features built on top of it to identify, track and explore relationships between assets within an organization. The first Falcon module to use Asset Graph was Falcon Discover (Security Hygiene), which includes the following enhancements:
New improved dashboards, customizable filters and sharing options: IT teams can tailor their Asset Graph map visualization experience and great search capabilities, all conveniently presented within the Falcon Discover console.
New third-party data integration with ServiceNow: Combining this integration with Asset Graph and Falcon Discover, IT teams get another layer of asset visibility around devices in one console, providing enhanced tracking of unmanaged and unsupported assets.
.