CrowdStrike extends XDR to Falcon Insight, adds new third-party telemetry
CrowdStrike Holdings Inc. announced today that its Falcon Insight product is now Falcon Insight XDR and that it has added additional third-party telemetry from partners and third-party providers to enhance its extended detection and response capabilities.
The new Falcon Insight XDR name reflects the addition of XDR to the service, enabling customers to leverage the power of native and hybrid XDR as a fundamental platform capability. Existing endpoint detection and response customers can activate XDR capabilities through simple-to-consume connector packs that unlock cross-domain detections, investigations and response actions across all security domains from a unified console.
The addition of XDR is not entirely new, with CrowdStrike noting that its customers have been leveraging the CrowdStrike Falcon platform for XDR use cases for years. CrowdStrike has been enriching endpoint telemetry, including threat intelligence and network visibility, with telemetry from cloud workloads — on-premises, in the cloud or in a container — vulnerability management and identity data from other Falcon modules.
“Our XDR strategy has been clear from the beginning: bring the right information into the Falcon platform at the right time,” Michael Sentonas, chief technology officer at CrowdStrike, said in a statement. “With the introduction of Falcon Insight XDR, CrowdStrike is making it easier than ever for our customers to implement XDR and get EDR-like benefits from native integrations of other Falcon modules from the Falcon platform.”
On the third-party front, CrowdStrike has further integrated telemetry from CrowdXDR Alliance partners. They now include Cisco Systems Inc., ForgeRock Inc. and Fortinet Inc. as new members, and third-party vendors, which now include Microsoft Corp. and Palo Alto Networks Inc. In doubling down on third-party integrations, CrowdStrike says, it’s committed to supporting leading vendors across all key security domains – email, firewall, identity, network detection and response, and security service edge (cloud access security broker and web) – to enrich detections, investigations and response actions.
Additionally, CrowdStrike is releasing new expert-developed detections, including data from Falcon Identity Protection and integrating into Insight XDR additional telemetry from Falcon Horizon, for cloud security posture management, and Falcon Spotlight, for vulnerability Management. Insight XDR also now integrates with the Zscaler Zero Trust Exchange to drive response actions from XDR detections or via automated Falcon Fusion or SOAR workflows.
“With the introduction of additional third-party integrations, including new CrowdXDR Alliance partners in Cisco, ForgeRock and Fortinet, we are empowering our customers to effectively and elegantly enrich a variety of data sources,” Sentonas added.
The news comes a day after CrowdStrike announced that it has invested in application programming interface startup Salt Security through its Falcon Fund investment vehicle. The amount of the investment was not disclosed.
As part of the deal, Salt Security and CrowdStrike are partnering to bring together leading technology to apply API discovery and runtime protection on applications and enable security testing to harden APIs before release.
Salt Security last raised funding in February with a $140 million Series D round on a $1.4 billion valuation.
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.