The technology behind CrowdStrike cybersecurity solution relies on lightweight agents or sensors to monitor for threats and collect vital security data. As organizations have learned, some agents can be lighter than others.

“Many times when you look at them, they are not lightweight; they take a lot of effort to install, and they need reboots,” said Michael Sentonas (pictured), chief technology officer at CrowdStrike Holdings Inc. “We have a smart agent with smart filtering built in, so we’re very careful in terms of the data we collect. I’ve spoken to organizations who said they had budgeted to roll out our product in 18 months because of what they’ve experienced in the past, and we did it in seven weeks. That’s a lightweight agent.”

Sentonas spoke with theCUBE industry analyst Dave Vellante during theCUBE @ Fal.Con 2022, an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the expansion of CrowdStrike’s partner network and how the company built a unique telemetry processing engine for enterprise security. (* Disclosure below.)

Growing third-party data

CrowdStrike’s use of lightweight agents to pull in telemetry data from a wide range of sources formed the basis for several key announcements at Fal.Con this week. This included news that its Falcon Insight product with extended detection and response or XDR would add third-party telemetry from CrowdStrike’s growing network of partners.

“My keynote was to show everybody the work that we’ve been doing to bring in data from Zscaler and Proofpoint,” Sentonas said. “We announced that we were going to be pulling in telemetry from Palo Alto Networks, Microsoft and others. XDR is about first-party and third-party integration and making all of the telemetry work together.”

As Sentonas explained, CrowdStrike built its own engine to handle the vast amount of telemetry data and drive the speed of response necessary to deal with it.

“We’ve had to build the technology from the ground up,” Sentonas said. “Today we are processing over 7 trillion events every single week. The reason why I believe we stand alone in electronic data interchange is because of the time element; we just have so much context that makes it easy for the threat hunter. Speed and ease of use are critical in cyber.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:

(* Disclosure: CrowdStrike Holdings Inc. sponsored this segment of theCUBE. Neither CrowdStrike nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE