sb-as logo
Story image

CrowdStrike adds variety of new tools

28 Feb 2020

CrowdStrike is launching a developer portal, has new features available to partners in its store, and has improved its integration with Service Now.

For technology alliance partners, CrowdStrike Store partners, and developers, CrowdStrike is launching the CrowdStrike Developer Portal. 

The portal provides an onboarding experience for partners using CrowdStrike’s APIs to build new store apps and integrations on the cloud-scale telemetry of the CrowdStrike Falcon platform.

The Developer Portal provides a low-friction method for partners to engage with CrowdStrike while developing applications. 

It includes documentation, use cases and tutorials to guide the development of apps that help solve different security issues.

The two latest partners launching in the CrowdStrike Store, SafeGuard Cyber and Hunters.AI, focus on digital risk protection and advanced threat hunting respectively.

  • The SafeGuard Cyber Digital Risk Protection app works with CrowdStrike's Falcon platform to extend visibility into threat activities occurring on protected accounts across social, mobile and collaboration channels, such as LinkedIn, WhatsApp, or Slack.
    It utilises Falcon Threat Intelligence APIs to evaluate Indicators of Compromise (IOCs) against known and unknown threats and provides coordinated response across both virtual and physical endpoints. The SafeGuard Cyber Digital Risk Protection app improves the security posture of an organisation by providing a more comprehensive view in the Falcon platform, including the extent of a threat within the network and digital assets, and by extending digital risk protection to apps on unmanaged devices.
  • Hunters.AI autonomous threat hunting detects attacks that bypass existing controls, in every environment. It leverages endpoint telemetry collected by the Falcon platform to interconnect with a wide array of environments and data sources, such as AWS Cloudtrail logs, and others.
    Hunters.AI enriches threat signals with its TTP-based attack intelligence as well as Falcon threat intelligence feeds and intelligently correlates them across environments, proactively hunts for attack patterns, and reveals multi-stage attacks.
    Hunters.AI provides high fidelity attack stories that include attack details by timeline and a business summary.

The Service Now integration with the Falcon Spotlight App for Security Operations means that users now have the ability to integrate real-time endpoint vulnerability data and patch validation with prioritisation and response workflows provided by ServiceNow. 

The app provides scanless and near real-time identification of endpoint vulnerabilities, as well as verification of patched vulnerabilities with enhanced reporting and visualisation. 

By bringing the data from Falcon Spotlight into Vulnerability Response, IT and security teams can operationalise and streamline the management, prioritization and remediation of critical vulnerabilities, minimising risk of cyber threats, such as data breaches and service disruption.

Benefits of CrowdStrike’s Falcon Spotlight App for Security Operations for ServiceNow include:

  • Comprehensive Visibility: Get comprehensive, near real-time and historical visibility into endpoint vulnerabilities to prioritise potential high-impact exposure for remediation.
  • Operational Efficiency: By automatically sending vulnerability findings to ServiceNow automated workflows can quickly activate prioritisation, grouping, assignment, and response workflows in ServiceNow Vulnerability Response. Vulnerable items are closed by the integrated solution once they are no longer detected, replacing manual and prolonged tracking.
  • Reduced Exposure: By driving prioritisation and remediation tasks like vulnerability patching or network segmentation, the integration helps close the window of exposure to breaches and service disruption.
  • Customised Reporting and Dashboards: Using endpoint vulnerability data reported by the CrowdStrike Spotlight App, customers can build customised dashboards and centralised reporting to search, filter, drill down, and understand vulnerability response workflows and track vulnerability remediation in real-time.
Story image
Creating private data regulations for employees
Whether employees are hired on a part-time or full-time basis, everyone must know about data privacy regulations. Everyone needs to be responsible for keeping the organisation’s data secure. More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Report: Power utilities increasingly at risk of devastating cyber-attacks
“Utilities’ existing systems are becoming increasingly connected through sensors and networks, and, due to their dispersed nature, are even more difficult to control.”More
Story image
How to secure your business against DDoS Attacks
With the upward trend of DDoS attacks this year, and an increased dependency on online channels across all industries, businesses need to be prepared, so they don’t suffer any disruption. More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More