sb-au logo
Story image

CrowdStrike launches threat-scoring platform

08 Aug 2019

Endpoint protection solutions provider CrowdStrike has announced the launch of CrowdScore, a new industry innovation on the CrowdStrike Falcon platform.

CrowdScore is a simple metric that enables CSOs to instantly see the real-time threat level their organisations are facing, allowing them to quickly mobilise resources to respond.

Speed of detection, investigation and response are essential for effective security.

CrowdStrike research on breakout time shows that security teams should strive to detect threats on average in 1 minute, understand them in 10 minutes and contain them in 60 minutes to be effective at stopping breaches.

Traditionally, organisations have struggled to meet these metrics due to lack of resources and prioritisation of an ever-growing number of alerts.

CrowdScore changes the game by solving both problems.

CSOs now can ensure that they are instantly made aware of incidents in their environment that demand activation of crisis management plans.

In addition, CrowdScore empowers security operations teams to move away from tactical alert resolution to strategic incident management.

“With the introduction of CrowdScore, CrowdStrike is aiming to revolutionise the approach organisations take to understand and respond to threats and transforms the way customers use the CrowdStrike Falcon platform,” says CrowdStrike chief technology officer and co-founder Dmitri Alperovitch.

“Because of CrowdStrike’s cloud-native platform and AI-based analytics, we are able to offer customers a simple view into their organisation’s threat exposure and the ability to prevent the most critical threats in their environment to meet the 1-10-60 rule metrics.”

Key features of CrowdScore include:

  • The CrowdScore offers a real-time organisational threat score that helps security leaders understand the real-time state of the threat inside their organisation. CrowdScore supports better executive decisions and more effective strategic planning.
  • The Incident Dashboard, which automatically compiles related security alerts into manageable incidents and uses AI-based prioritisation to ensure that the most critical threats are handled first. Incident Dashboard eliminates the burden and delays associated with manually triaging large volumes of security alerts.
  • The Incident Workbench, which delivers a comprehensive view of cyber threats through sophisticated visualisations and deep context. The Incident Workbench automates the labour-intensive steps in investigating threats, dramatically reducing the time investigators need in order to understand threats and drive the optimal response.

IDC Cybersecurity Research program vice president Frank Dickson says, “The elephant in the room that we often fail to publicly acknowledge is security teams do not have the bandwidth to address all incidents and all alerts.

“Today's reality is that successful security teams are the one that correctly selects which alerts and incidents to address and when to address them. With CrowdScore, CrowdStrike looks to provide the tools to make threat analysis and response capabilities better informed, faster, and more effective so security professionals can strategically respond to the most critical threats in their environment at the right time.”

Story image
Glenn Maiden to lead FortiGuard Labs A/NZ as director of threat intelligence
Maiden will focus specifically on threat intelligence sharing for organisations across A/NZ, so that those organisations may protect their businesses from existing and emerging cyber threats.More
Link image
The who, what, and why of multifactor authentication
Frost & Sullivan examines the considerations an organisation must take into account when formulating its authentication strategy. More
Story image
Guardicore Labs exposes brute force MS-SQL attack campaign
The cyber attack campaign uses password brute force to breach victim machines, deploys multiple backdoors and executes numerous malicious modules, such as multifunctional remote access tools (RATs) and cryptominers. More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
Employee errors 'the most significant threat to personal data' - report
According to a report released today by nCipher Security, employees actions and mistakes are increasingly being recorded as one of the most significant risks to an organisation’s security posture.More
Story image
Organisations take cloud-first approach to security, though concerns remain
"While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital and many organisations are now taking a cloud-first approach to security.”More