sb-eu logo
Story image

CrowdStrike adds variety of new tools

28 Feb 2020

CrowdStrike is launching a developer portal, has new features available to partners in its store, and has improved its integration with Service Now.

For technology alliance partners, CrowdStrike Store partners, and developers, CrowdStrike is launching the CrowdStrike Developer Portal. 

The portal provides an onboarding experience for partners using CrowdStrike’s APIs to build new store apps and integrations on the cloud-scale telemetry of the CrowdStrike Falcon platform.

The Developer Portal provides a low-friction method for partners to engage with CrowdStrike while developing applications. 

It includes documentation, use cases and tutorials to guide the development of apps that help solve different security issues.

The two latest partners launching in the CrowdStrike Store, SafeGuard Cyber and Hunters.AI, focus on digital risk protection and advanced threat hunting respectively.

  • The SafeGuard Cyber Digital Risk Protection app works with CrowdStrike's Falcon platform to extend visibility into threat activities occurring on protected accounts across social, mobile and collaboration channels, such as LinkedIn, WhatsApp, or Slack.
    It utilises Falcon Threat Intelligence APIs to evaluate Indicators of Compromise (IOCs) against known and unknown threats and provides coordinated response across both virtual and physical endpoints. The SafeGuard Cyber Digital Risk Protection app improves the security posture of an organisation by providing a more comprehensive view in the Falcon platform, including the extent of a threat within the network and digital assets, and by extending digital risk protection to apps on unmanaged devices.
  • Hunters.AI autonomous threat hunting detects attacks that bypass existing controls, in every environment. It leverages endpoint telemetry collected by the Falcon platform to interconnect with a wide array of environments and data sources, such as AWS Cloudtrail logs, and others.
    Hunters.AI enriches threat signals with its TTP-based attack intelligence as well as Falcon threat intelligence feeds and intelligently correlates them across environments, proactively hunts for attack patterns, and reveals multi-stage attacks.
    Hunters.AI provides high fidelity attack stories that include attack details by timeline and a business summary.

The Service Now integration with the Falcon Spotlight App for Security Operations means that users now have the ability to integrate real-time endpoint vulnerability data and patch validation with prioritisation and response workflows provided by ServiceNow. 

The app provides scanless and near real-time identification of endpoint vulnerabilities, as well as verification of patched vulnerabilities with enhanced reporting and visualisation. 

By bringing the data from Falcon Spotlight into Vulnerability Response, IT and security teams can operationalise and streamline the management, prioritization and remediation of critical vulnerabilities, minimising risk of cyber threats, such as data breaches and service disruption.

Benefits of CrowdStrike’s Falcon Spotlight App for Security Operations for ServiceNow include:

  • Comprehensive Visibility: Get comprehensive, near real-time and historical visibility into endpoint vulnerabilities to prioritise potential high-impact exposure for remediation.
  • Operational Efficiency: By automatically sending vulnerability findings to ServiceNow automated workflows can quickly activate prioritisation, grouping, assignment, and response workflows in ServiceNow Vulnerability Response. Vulnerable items are closed by the integrated solution once they are no longer detected, replacing manual and prolonged tracking.
  • Reduced Exposure: By driving prioritisation and remediation tasks like vulnerability patching or network segmentation, the integration helps close the window of exposure to breaches and service disruption.
  • Customised Reporting and Dashboards: Using endpoint vulnerability data reported by the CrowdStrike Spotlight App, customers can build customised dashboards and centralised reporting to search, filter, drill down, and understand vulnerability response workflows and track vulnerability remediation in real-time.
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More
Story image
Emotet malware is on a rampage after months of silence
CERT agencies around the world are reporting a surge in cyber attacks related to the Emotet malware, which is being distributed by email.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More