SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
CrowdStrike announces new integrations as enterprises struggle to secure operations
Fri, 28th May 2021
FYI, this story is more than a year old

CrowdStrike has announced new store partner integrations from Rapid7, Google Cloud, ExtraHop and Siemplify.

Additionally, the company is announcing the release of a new survey report which unpacks the current state of IT security.

The global IT security survey, commissioned by CrowdStrike, aims to better understand the complexities that IT security teams face when implementing a mature security strategy that includes disparate solutions.

The report was independently conducted by Vanson Bourne, and surveyed 900 senior IT decision-makers and IT security professionals globally and across all industry sectors.

92% of respondents say their organisations have faced operational challenges due to the implementation of IT security projects, and 71% of respondents said that integration complexity between technology and security stacks requires improvement.

Other key findings include:

  • 44% believe one of their top three biggest issues when purchasing new IT security solutions for their organisation is supporting existing solutions with interoperability
  • More than half of respondents (54%) feel that their organisation experiences a performance impact when implementing IT security in their organisation
  • 64% of respondents report their organisation needs to have IT security specialists in order to use their IT security solutions
  • 82% admit that their organisation's IT security would be more effective if all of their security solutions shared the same aggregated pool of data

CrowdStrike vice president of Technology Alliances and CrowdStrike Store Andy Horwitz says, “This research confirms how enterprises are struggling with the complexity surrounding the implementation of a comprehensive security strategy.

"The CrowdStrike Store was built to extend the power of the CrowdStrike Falcon platform through a curated and diverse partner ecosystem that provides instant interoperability with a variety of technologies to strengthen our customers' security posture with the click of a button.

The CrowdStrike Store offers customers a unified Security Cloud ecosystem of third-party applications and add-ons alongside the Falcon platform.

It offers a variety of vendor technologies to choose from, all managed by a single cloud platform.

The latest additions to the CrowdStrike Store deliver customers Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Network Detection and Response (NDR) and Threat Intelligence integrations.

The new integrations include:

Rapid7's InsightIDR (SIEM): Leveraging insights from Rapid7's global services and threat intelligence network and the Falcon platform's enriched telemetry, customers can unlock endpoint and workload visibility alongside user, network, cloud and other security data for complete coverage of modern hybrid environments.

Siemplify's Security Operation Platform (SOAR): Customers are able to make security operations smarter, more efficient and more effective by combining workflow capabilities with the Falcon platform to deliver case management and accelerated investigation for improved security operations centre (SOC) performance.

ExtraHop Reveal(x) 360 (NDR): Threat intelligence telemetry from Falcon proves to contextualise its AI-based behavioural detections with known indicators of compromise (IOCs), enhancing the accuracy of real-time threat alerts and further accelerating investigation and response across hybrid and multicloud environments.

VirusTotal's threat intelligence: Integrating with CrowdStrike Falcon, this allows cybersecurity teams to search for and identify files or URLs that are relevant to an investigation to uncover previously unknown threats.

VirusTotal enhances the Detections within the Falcon console, enabling customers to more effectively track adversaries and generate detection rules that can eliminate blind spots in their footprint.

Commenting on the integraiton, Rapid7 senior vice president of detection and response Richard Perkett says, “As attack surfaces expand and become more complex, successful security teams need efficient ways to find and extinguish threats fast - wherever they happen.

"Teams with a disparate security infrastructure face an uphill battle of context switching and managing through blindspots.

"With CrowdStrike's Falcon Insight and Rapid7's InsightIDR SIEM together, SOC teams now have the complete picture across endpoints, users, network, cloud, deception technology, and other critical security data for seamless, enhanced threat detection coverage across the modern environment.