sb-au logo
Story image

CrowdStrike adds variety of new tools

28 Feb 2020

CrowdStrike is launching a developer portal, has new features available to partners in its store, and has improved its integration with Service Now.

For technology alliance partners, CrowdStrike Store partners, and developers, CrowdStrike is launching the CrowdStrike Developer Portal. 

The portal provides an onboarding experience for partners using CrowdStrike’s APIs to build new store apps and integrations on the cloud-scale telemetry of the CrowdStrike Falcon platform.

The Developer Portal provides a low-friction method for partners to engage with CrowdStrike while developing applications. 

It includes documentation, use cases and tutorials to guide the development of apps that help solve different security issues.

The two latest partners launching in the CrowdStrike Store, SafeGuard Cyber and Hunters.AI, focus on digital risk protection and advanced threat hunting respectively.

  • The SafeGuard Cyber Digital Risk Protection app works with CrowdStrike's Falcon platform to extend visibility into threat activities occurring on protected accounts across social, mobile and collaboration channels, such as LinkedIn, WhatsApp, or Slack.
    It utilises Falcon Threat Intelligence APIs to evaluate Indicators of Compromise (IOCs) against known and unknown threats and provides coordinated response across both virtual and physical endpoints. The SafeGuard Cyber Digital Risk Protection app improves the security posture of an organisation by providing a more comprehensive view in the Falcon platform, including the extent of a threat within the network and digital assets, and by extending digital risk protection to apps on unmanaged devices.
  • Hunters.AI autonomous threat hunting detects attacks that bypass existing controls, in every environment. It leverages endpoint telemetry collected by the Falcon platform to interconnect with a wide array of environments and data sources, such as AWS Cloudtrail logs, and others.
    Hunters.AI enriches threat signals with its TTP-based attack intelligence as well as Falcon threat intelligence feeds and intelligently correlates them across environments, proactively hunts for attack patterns, and reveals multi-stage attacks.
    Hunters.AI provides high fidelity attack stories that include attack details by timeline and a business summary.

The Service Now integration with the Falcon Spotlight App for Security Operations means that users now have the ability to integrate real-time endpoint vulnerability data and patch validation with prioritisation and response workflows provided by ServiceNow. 

The app provides scanless and near real-time identification of endpoint vulnerabilities, as well as verification of patched vulnerabilities with enhanced reporting and visualisation. 

By bringing the data from Falcon Spotlight into Vulnerability Response, IT and security teams can operationalise and streamline the management, prioritization and remediation of critical vulnerabilities, minimising risk of cyber threats, such as data breaches and service disruption.

Benefits of CrowdStrike’s Falcon Spotlight App for Security Operations for ServiceNow include:

  • Comprehensive Visibility: Get comprehensive, near real-time and historical visibility into endpoint vulnerabilities to prioritise potential high-impact exposure for remediation.
  • Operational Efficiency: By automatically sending vulnerability findings to ServiceNow automated workflows can quickly activate prioritisation, grouping, assignment, and response workflows in ServiceNow Vulnerability Response. Vulnerable items are closed by the integrated solution once they are no longer detected, replacing manual and prolonged tracking.
  • Reduced Exposure: By driving prioritisation and remediation tasks like vulnerability patching or network segmentation, the integration helps close the window of exposure to breaches and service disruption.
  • Customised Reporting and Dashboards: Using endpoint vulnerability data reported by the CrowdStrike Spotlight App, customers can build customised dashboards and centralised reporting to search, filter, drill down, and understand vulnerability response workflows and track vulnerability remediation in real-time.
Download image
Why there's a huge push for NFV in today's enterprises
To help networking and IT professionals better understand the opportunities and challenges associated with deploying NFV technology, new research based on responses from more than 1,300 IT and networking professionals from around the world is now available. More
Story image
Reports suggest spike in vaccine-related phishing campaigns
According to new research from Check Point, the primary attack delivery method is email, constituting 82% of all attack vectors for malicious files in the last month.More
Story image
42% more plaintext HTTP servers than HTTPS counterparts - report
Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.More
Story image
Machine identities increasingly exploited, new research finds
Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.More
Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More
Story image
Video: 10 Minute IT Jams – Who is Claroty?
Its focus is on simplifying OT availability, reliability, and safety for a more secure working environment – without requiring downtime or dedicated teams.More