- New CrowdXDR Alliance partners include Menlo Security, Ping Identity and Vectra AI
- New Falcon XDR capabilities include native integration with Falcon Fusion SOAR workflows to streamline and simplify security operations
CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workload, identity and data, announced today that it has expanded the CrowdXDR Alliance to include key strategic partners across web and email security (Menlo Security), identity and access management (Ping Identity) and network detection and response (Vectra AI). CrowdStrike also introduced new capabilities for the Falcon XDR (Extended Detection and Response) module to speed up detections for security teams, including an integration with ServiceNow, a current partner in the CrowdXDR Alliance, to dramatically simplify the workflows in security operations using automated ticketing.
New Falcon XDR capabilities include:
- Falcon Fusion workflows based on XDR detections: Natively integrated with Falcon XDR, Falcon Fusion (CrowdStrike’s SOAR framework) now automates many workflows directly from a Falcon XDR detection including:
○ Ticket making through ServiceNow, a partner in the CrowdXDR Alliance.
○ Notifications via email, Slack or webhook.
○ Incident details from status changes to team assignments and comments.
- XDR detection event timeline: Speed test and investigation with a timeline view that shows the important events of a discovery in chronological order to easily understand how the activity progresses.
- Graph visualization of custom XDR detections: Create custom XDR detections from queries written to look for environmental threats. The Falcon XDR graph explorer shows how events and entities relate to a custom XDR detection, allowing security analysts to quickly orient and explore cross-domain data connections..
“CrowdStrike continues to bring together the best in both open and native XDR techniques,” said Michael Sentonas, chief technology officer at CrowdStrike. “For organizations seeking an open approach, we continue to expand third-party support for the CrowdXDR Alliance, delivering a standardized schema for data sharing to improve XDR detections. We welcome Menlo Security, Ping Identity and Vectra AI to the CrowdXDR Alliance and look forward to partnering with them to deliver third-party integrations. For organizations seeking a native approach, we continue to leverage Falcon XDR with new capabilities that accelerate threat detection and response efforts across data sources and the environment. Ultimately, we offer a solution that allows customers to choose the XDR approach that best suits their needs. ”
Partner Quotes
- Poornima DeBolle, Menlo Security co-founder and chief product officer: “The Internet must be safe, seamless, and effective for all workers. However, cybercriminals complicate this by deploying more sophisticated malware, including ransomware powered by Highly Evasive Adaptive Threats. We need to prevent such malware and zero-day exploits from going to endpoints. Menlo Security is excited to join CrowdStrike’s CrowdXDR Alliance. Our integration with CrowdStrike Falcon XDR will allow organizations to offer a secure online experience, without having to sacrifice productivity for security. “
- Loren Russon, vice president of product management at Ping Identity: “We are excited to join CrowdStrike’s CrowdXDR Alliance and continue to expand our integrated solutions. Customers demand a broad partner ecosystem through easy-to-deploy integrations, and this partnership delivers it through enterprise-proven identity security along with comprehensive visibility and protection against threats. ”
- Michael Porat, senior vice president, corporate and business development at Vectra AI: “As the size and intensity of cyberattacks continue to spread, it reminds us that prevention alone will not protect organizations from current attacks. To successfully mitigate modern security threats, organizations must implement more advanced threat detection and response mechanisms that accurately identify attacker behavior and stop attackers from navigating through hybrid clouds. We are excited to join CrowdStrike’s CrowdXDR Alliance and hope to share our experience in threat detection and response with other reputable security vendors as we all work together on a common goal – the detection and stopping of malicious actors. ”
Additional Resources
- For more information on CrowdXDR Alliance and Falcon XDR, please visit our blog.
- CrowdStrike was named Strong Performer in The Forrester New Wave for Extended Detection and Response (XDR) Provider, Q4 2021.[1]
About CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global leader in cybersecurity, has redefined modern security using one of the world’s most advanced cloud-native platforms for protecting critical enterprise risk areas- endpoint and cloud workload, identity and data.
Powered by CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform uses real-time attack indicators, threat intelligence, emerging adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper- accurate detection, automated protection and remediation, elite threat hunting and priority observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers fast and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.