cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

CrowdStrike extends general Falcon XDR availability

CrowdStrike announced the general availability of its Falcon XDR module, extending CrowdStrike's endpoint detection and response (EDR) capabilities to improve threat visibility across the enterprise, simplify security operations and speed up response time, containment and remediation of the most sophisticated attacks.

user iconReporter
Tue, 08 Feb 2022
CrowdStrike extends general Falcon XDR availability
expand image

One of the ways to address the cyber security skills gap is to empower security teams to work more effectively, according to Amol Kulkarni, chief product and engineering officer at CrowdStrike.

"Falcon XDR helps to address this problem by correlating weak, siloed threat signals into prioritised alerts from a centralised console for security teams to ensure their investigations are meaningful and efficient," Kulkarni said.

Falcon XDR enables security teams to:

  • Unify detection and response security data. Falcon XDR takes third-party data (including network security, email security, web security, cloud security and cloud access security broker [CASB]) from third-party vendors, including CrowdXDR Alliance partners, and correlates it with data from the CrowdStrike Security Cloud to optimise real-time threat detection, investigation, response and hunting.
  • Get the right answers – fast. Falcon XDR speeds up triage and investigation for security operations centre (SOC) analysts and threat hunters by delivering one central console for accurate alert prioritisation, flexible search scheduling and detection customisation, full attack context and interactive graph visualisation.
  • Turn XDR insight into action. To orchestrate and automate response across security workflows, Falcon Fusion, a security orchestration, automation and response (SOAR) framework, is built natively into the Falcon platform. Security teams can improve SOC and IT efficiencies by building real-time notification and response capabilities, along with customisable triggers based on detection and incident categorisations. Falcon Fusion is free for CrowdStrike customers.
  • Increase efficiency of SOC operations. Falcon XDR automatically correlates and provides high-quality detection data across the security stack. It dramatically speeds investigation and hunting by providing a common search interface directly from the CrowdStrike Security Cloud.
  • Improve return on investment (ROI) of existing security investments. Falcon XDR uncovers actionable insights from previously siloed data in disparate, disconnected security products from across the IT stack.

According to Dave Gruber, principal analyst at Enterprise Strategy Group (ESG), CrowdStrike has spent years building and refining their detection and response automation capabilities.

“As market interest in XDR continues to accelerate, CrowdStrike is well-positioned to expand into XDR, capitalising on their existing, mature and scalable EDR infrastructure, as they invest in new data ingest, analysis and advanced threat detection capabilities required to respond to a more sophisticated threat landscape.

"CrowdStrike’s alliance-driven XDR strategy should enable them to readily ingest telemetry from a broad range of third-party security solutions into their Security Cloud, offering security teams flexibility in their choice of other core security controls," Gruber said.

[Related: China suspected of cyber attack on News Corp]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.