Customers Can Get More Value from New Apps in the CrowdStrike Store
In order to provide our partners and customers with access to the complete potential of the Falcon platform, the CrowdStrike® Store is still striving to achieve this aim. We’re happy to introduce a terrific selection of brand-new third-party apps that the CrowdStrike Store will soon provide. These apps support a variety of specific customer security use cases and capitalize on our clients’ prior investments in the CrowdStrike Falcon® platform. Customers can use the CrowdStrike Store, which provides seamless interaction with the Falcon platform, to test out innovative security solutions from industry pioneers.
As seen by the partner applications that were just released today, CrowdStrike is committed to innovation and will continue to expand the Falcon platform with new features and solutions through internal development as well as outside partnerships. Our goal is to provide our clients with a seamless experience that enables them to investigate and test cybersecurity applications that leverage the power of the Falcon agent and the AI capabilities of the cloud-native platform.
The new application lineup targets a number of cybersecurity use cases, including patch management, application-allow listing/control, vulnerability risk prioritization, autonomous deception, insider threat detection, and digital attack surface management. These applications make use of the Falcon platform and comprehensive real-time endpoint telemetry. Partners benefit from this as well since customers can now easily locate, test, and integrate these apps to improve their security posture, boost threat defense, and improve their security stacks.
Below are some details on use cases and new apps that customers can employ to address them in the CrowdStrike Store. These are helpful upgrades to the CrowdStrike Store versions of the Dragos, Interset, and Truefort apps.
Creative CrowdStrike Store Apps Solve User Problems
Use Case: Cunning / Advanced Threat Detection
With deception technology, security personnel may watch intruders from a small area while trapping them in a maze of enticing honeypots or decoy systems, giving them a considerable advantage over potential assailants. Furthermore, it makes precise and timely identification possible. By employing deceit, you can understand the bad actors’ tactics for lateral mobility within your company as well as their reasons. Once you know how to prevent the enemy from attacking again, it’s easy to eliminate them and keep them out of your territory.
Application: Acalvio delivers quick, precise, and sophisticated threat hunting that blends in seamlessly with your environment by fusing deception capabilities with a wealth of endpoint information from the CrowdStrike Falcon® platform.
Use Case: Allow listing and Application Control.
When combined with endpoint protection, application allowlisting provides a powerful and effective defense against sophisticated targeted and non-targeted cyberattacks. This improves your ability to implement a proactive strategy where you choose the scripts and files that can be trusted to run on your endpoints. The remaining scripts and files are blocked by default. This improves your ability to stop future assaults utilizing known and unknown malware, as well as zero-day attacks, through interaction with Falcon’s endpoint security features.
It also gives you a default-deny policy for devices with fixed functions that don’t change all that much.
Use Digital Utilization of Airlock: By restricting the programs and scripts that can be executed on your endpoints that are managed by the CrowdStrike Falcon® platform, safe listing helps implement a proactive security approach.
Patch management and endpoint security are the use cases.
It’s no secret that hardening endpoints proactively against known vulnerabilities and configuration drift can improve security results. As a result, the assault surface that can be used is reduced. Still, old-fashioned patch and remediation management techniques ought to be more proactive and time-consuming to protect you against vulnerabilities before they become weapons.
Apply: Mitigate CrowdStrike Falcon®-discovered endpoint vulnerabilities to prevent Automox from weaponizing them.
Use Case: User and Entity Behavior using Entity Analytics (UEBA)
The number of people using mobile devices and working remotely is increasing, along with the use of cloud software.
Security flaws have been raised by the extraordinary access to sensitive data that has resulted from this. Insider threats always include the negligent or intentional compromise of devices belonging to trusted users. UEBA solutions are effective in detecting unauthorized data access, illegal data transfer and exfiltration, compromised accounts, bizarre behavior from users and devices, and policy violations.
Use: Exabeam Advanced Analytics for CrowdStrike offers UEBA by analyzing Falcon endpoint telemetry and supporting the identification of insider threats and unauthorized lateral movements within your environment.
Use Case: Giving Vulnerability Risk Priority
Modern IT systems have become more sophisticated as a result of microservices, the cloud, containers, and DevOps methodologies, which increase the attack surface. The number and severity of vulnerabilities rise quickly with increasing environmental complexity. Prioritizing vulnerabilities that already exist, utilizing cutting-edge machine learning (ML) techniques.
Application: To prioritize vulnerability remediation, NopSec Unified Vulnerability Risk Management (VRM) integrates CrowdStrike Falcon® endpoint vulnerability data with contextual enrichment and deeper insights.
Use Case: Digital Attack Surface Management
Since attackers reside in the most remote parts of the internet, conventional security techniques are restricted to internal networks and require more access to these places. Beyond the firewall, an organization’s digital attack surface extends far into the dynamic and vast internet.
Use: RiskIQ Illuminate for CrowdStrike provides a 360-degree view of your digital attack surface to help you better detect attacks and protect your company.
About the CrowdStrike Store
The CrowdStrike Store, a cloud-based ecosystem of reliable apps that was introduced in February 2019, gives our clients access to a carefully curated range of security providers and solutions. Our powerful, lightweight agent powers all CrowdStrike Store applications, providing rich endpoint telemetry to the Falcon cloud-native platform. The CrowdStrike Store aims to give users an easy method to access third-party apps by leveraging our clients’ vast threat intelligence data and flexible platform architecture.
