Story image

CrowdStrike and Secureworks partner to integrate UEBA and endpoint protection platform

18 Sep 18

CrowdStrike and Secureworks have announced that they will bring a new endpoint threat detection to the marketplace by teaming up to apply Secureworks’ Red Cloak behavioural analytics and intelligence to CrowdStrike’s Falcon platform data.

The joint offering delivers an endpoint detection and response (EDR) solution with applied analytics and intelligence to accelerate investigations and provides guided remediation steps for more confident response to real threats. 

The announcement follows the launch of the Secureworks Red Cloak Partner Program which allows the company to make its high-fidelity detection and incident investigation capabilities available more broadly in the marketplace while also giving clients the freedom to choose endpoint security solutions.

CrowdStrike global sales and field operations president Mike Carpenter, “We are excited to team up with Secureworks to enable them to apply their well-regarded expertise in threat intelligence and analysis to CrowdStrike’s Threat Graph telemetry data generated by the Falcon endpoint protection platform.”

Secureworks brings experience detecting adversaries across its global client base, and CrowdStrike will bring its endpoint protection and EDR products to deliver the high-fidelity telemetry that makes it possible for Secureworks to apply its analytics and deliver the best possible context for validating and remediating true threats.

“This joint solution simplifies the buying process for companies that are looking to invest in both an endpoint technology solution and a leader in the MSSP and MDR markets,” says Secureworks business and product strategy senior vice president Wendy Thomas.

When the joint offering becomes generally available, both Secureworks and CrowdStrike customers will have access from additional countermeasures driven by the integration.

Powered by the CrowdStrike Threat Graph, the CrowdStrike Falcon platform leverages industry-leading threat telemetry and is now processing over one trillion security events per week.

Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.