Cybersecurity conference highlights cloud, XDR, observability, SOAR, endpoint and workload security

CrowdStrike has unveiled a series of new customer offerings and partnerships during the fifth annual Fal.Con cybersecurity conference. These new offerings showcase the CrowdStrike Falcon® platform and CrowdStrike’s continued innovation in the security space and give Security, IT and DevOps teams the comprehensive tools needed to stop breaches and stay two steps ahead of today’s adversary.

“It has been an unparalleled year of customer-focused innovation at CrowdStrike. We are innovating relentlessly across the entire platform to make it easier for customers and partners to build on this foundation – efforts that are yielding the amazing cloud, observability, XDR and threat hunting capabilities we’re sharing this week at Fal.Con,” said Amol Kulkarni, chief product officer at CrowdStrike. “We are now initiating over 500 deployments every week and 100 new releases per year, and we’re just getting started.”

During Fal.Con 2021, CrowdStrike unveiled the following:

Humio’s Community Edition

Humio Community Edition is the only free offering of its size in the industry designed to bring the power of Humio’s streaming observability to everyone. Available immediately, the new offering enables users to ingest 16 GB of data per day and retain the data up to seven days – all while giving users ongoing access with no limited trial period. Additionally, customers can ingest and use their Falcon Data Replicator (FDR) data within Humio Community Edition showing the power of CrowdStrike Falcon and Humio together. This allows customers to stream data at scale and in real-time, helping teams to prevent, recover from, and quickly understand the root cause of incidents.

Falcon XDR

CrowdStrike’s new Falcon XDR module extends CrowdStrike’s industry leading endpoint detection and response (EDR) capabilities to deliver real-time detection and automated response across the entire security stack. Falcon XDR provides security teams with a faster way to respond, contain and remediate sophisticated attacks and enables defense in depth with shared telemetry, improves security efficacy and accelerates response by automating complex workflows.

CrowdXDR Alliance

The CrowdXDR Alliance is a groundbreaking partnership with industry leaders to establish a common XDR language for data sharing between security tools and processes. The CrowdXDR Alliance launch partners include Google Cloud, Okta, ServiceNow, Zscaler, Netskope, Proofpoint, Extrahop, Mimecast, Claroty and Corelight. The Alliance, with security and IT leaders from industries spanning cloud, web, email, identity, network, OT and IT operations, overcomes the traditional lack of standards for data sharing across security platforms that can create gaps in investigations and threat hunting. The goal of the alliance is to ensure that EDR data is enriched with the most relevant, vendor-specific security telemetry to extend detection and response across an integrated security stack.

Falcon Fusion

CrowdStrike Falcon Fusion will be available for free for all Falcon Prevent™ and Falcon Insight™customers, extending support to under-pressure SOC teams. Falcon Fusion provides rich contextual insights and valuable customization to modernize security teams, enabling them to deploy repeatable workflows at scale. Falcon Fusion helps customers stop breaches by staying ahead before lateral movement takes place. It enables customers to automate processes that shouldn’t require human involvement. This increases the efficiency and efficacy of the SOC team so they can focus their time on tasks that can’t be automated. It helps streamline security analyst workflows by automating actions around specific and complex scenarios with an intuitive, no-code easy to use interface.

Falcon FileVantage

Falcon FileVantage is a new solution that streamlines the security stack and offers full visibility on critical file, folder and registry changes. Falcon FileVantage offers central visibility for malicious changes in databases in real-time and comprehensively monitors all critical files and systems through modernized workflow policies, adding valuable detection context. Central visibility combined with insights from threat intelligence empowers security teams with the ability to move fast, pinpointing potential adversary activity within IT environments, allowing for quick prioritization of remediation efforts around affected files. FileVantage uses the customer’s existing Falcon sensor so there are no additional agents to deploy, while the Falcon Platform’s collect once, use multiple times approach ensures low overhead on the system. This enables SOC teams to track changes, at a granular level and run operations more efficiently.

ExPRT.AI for Falcon Spotlight

ExPRT.AI or Exploit Prediction Rating for Falcon Spotlight uses artificial intelligence (AI) to offer a dynamic-based threat context score to improve the prioritization of vulnerabilities. ExPRT.AI allows customers to more effectively prioritize vulnerabilities to improve their overall security posture and reduce risk. This new capability additionally diminishes the time needed to prioritize network vulnerabilities by predicting which pose the most risk for an organization, while also providing improved remediation.

The new rating system relies on an AI model, which uses a sophisticated algorithm to identify and prioritize cyber threats. It produces this algorithm by collecting data from various sources, including CrowdStrike’s threat intelligence database. The AI then identifies which vulnerabilities pose the greatest risk for an organization by redistributing the most time-sensitive vulnerabilities for an organization’s IT staff to patch first. This rating system also relies on the ExPRT.AI model for greater remediation prioritization beyond what the standard Common Vulnerability Scoring System (CVSS) currently supports.

Falcon CWP Complete

Powered by the CrowdStrike Falcon® platform, Falcon Cloud Workload Protection (CWP) Complete is the first and only fully-managed Cloud Workload Protection solution, delivering 24/7 expert security management, threat hunting, monitoring, and response for cloud workloads. Backed by CrowdStrike’s industry-leading Breach Prevention Warranty, this solution provides managed detection and response (MDR) for cloud workloads and containers, enabling teams to build, run and secure applications with speed and confidence. Falcon CWP Complete delivers unparalleled security for cloud workloads by combining CrowdStrike’s leading Cloud Runtime Protection (CRP) and Falcon OverWatch™ managed threat hunting, together with the expertise and 24/7/365 engagement of the Falcon Complete team. Falcon CWP Complete solves the major pain point of implementing and running an effective and mature cloud security program without the challenges, burden and costs associated with building one internally.

UIPath Partnership

CrowdStrike and UiPath (NYSE: PATH), a leading enterprise automation software company, have partnered to deliver a new level of security protection and visibility with the UiPath Robotic Process Automation (RPA) platform and the CrowdStrike Falcon® platform. UiPath and CrowdStrike, leaders in their respective fields, are the first RPA and Endpoint Security vendors to come together to extend endpoint security to RPA, enabling full visibility to enhance protection and speed of response. Together, CrowdStrike and UiPath automatically detect threat activity, whether initiated by humans or robots, to grant security teams real-time visibility across environments and enable proactive responses. The ability to quickly and easily distinguish between an RPA-initiated process and a human-initiated process will provide security teams with real-time visibility across the environment for proactive threat hunting, incident investigation and remediation.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational cloud services that is unique on the market, enabling clients across the world to meet the challenges of managing their data in the edge to cloud continuum, in line with the highest jurisdictional data governance requirements. Part of the Atos' OneCloud initiative, Atos OneCloud Sovereign Shield is a comprehensive edge to cloud platform ecosystem and highly secure service that improves the level of control clients have over the data they produce and exchange, helping them regain control and effectively deal with legal dependencies.
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets across Europe with further expansion into APAC planned.
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses (SMBs) in the UK are connecting to the corporate network using personal devices that do not have any security controls in place, according to IT Decision Makers (ITDMs) within SMBs.
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% offer backup services.
Trend Micro has published new research revealing that 90% of IT decision makers claim their business would be willing to compromise on cybersecurity in favor of digital transformation, productivity, or other goals. Additionally, 82% have felt pressured to downplay the severity of cyber risks to their board.
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability.