UPDATED 11:57 EDT / MAY 08 2024

Elia Zaitsev discussed CrowdStrike's next-gen SIEM amidst calls for security consolidation at the RSA Conference. SECURITY

CrowdStrike discusses next-gen SIEM amid calls for security consolidation

A common theme at this week’s RSA Conference with nearly every vendor is customer demand and desire for simplicity. That’s been on the mind of CrowdStrike Inc. in recent months with its Falcon platform.

The company’s Raptor upgrade was its big push to bring in LogScale technology to the Falcon platform for all customers. The migration process has now been concluded, and all customers have now been brought onto the Raptor platform upgrade, according to Elia Zaitsev (pictured), chief technology officer of CrowdStrike Inc.

“That, in turn, has set the stage for the big announcement that we had for this week, which was our next-gen SIEM offering, with a whole lot of Charlotte AI magic added on top of that,” he said. “With that LogScale technology now firmly rooted in place, we can open up the system and now customers can take all their third-party data sets, telemetry, alerts and bring that into the CrowdStrike platform with all of their endpoint identity, cloud data protection information, all in one place.”

Elia Zaitsev discussed CrowdStrike's latest announcements at the RSA Conference.

Elia Zaitsev discussed CrowdStrike’s latest announcements at the RSA Conference.

Zaitsev joined theCUBE Research’s Shelly Kramer, managing director and principal analyst, and Dave Vellante, chief analyst, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio, at the RSA Conference. They discussed CrowdStrike’s next-gen SIEM offering and the need for security consolidation. (* Disclosure below.) 

Security consolidation is driving industry evolution

Consolidation has been a big subject of conversation at this week’s RSA Conference. That’s taking place for a number of reasons, according to Zaitsev.

“We’re just seeing this next wave of consolidation in security. I mean, I think we kind of kicked it off 10 years ago with the endpoint wars, if you will,” he said. “I think we won that one pretty handily, getting rid of legacy AV and a lot of the other point solutions on the endpoint.”

However, organizations are now increasingly looking for broader consolidation beyond the endpoint, bringing in all of their security telemetry into a single platform, according to Zaitsev. Companies are doing that for reduced complexity, increased speed, velocity and cost savings.

“I mean, we’re not in a 0% interest rate world anymore, right?” he said. “Those dollars and cents really matter now, because they want to make sure they’re getting the most value out of what they’re using.”

Right now, companies are coming to CrowdStrike and asking for help to streamline and consolidate. Companies have too many noise machines and aren’t sure what value they’re getting out of it, according to Zaitsev.

“You get to a point, this kind of critical mass, this tipping point, where the overhead of managing all these tools, of having to make sense of it all, bringing all the information in one place and jumping back and forth between multiple consoles, multiple platforms, managing multiple agents, it’s having diminishing effects at this point,” he said. “They want to regain that speed advantage that they really need, because we’re seeing adversaries getting so much quicker.”

The “2024 CrowdStrike Global Threat Report” contained two elements that stuck out to Zaitsev. First was the dramatic increase in adversaries targeting the cloud.

“We call it cloud-conscious adversaries. The other one was the huge increase in legitimate credentials, compromised stolen credentials being used to initiate a lot of these attacks, and the combination of the two, identity-based attacks against cloud services and also using identity as an initial vector and then moving laterally between the cloud and the on-premise environment,” Zaitsev said. “It’s not so much that adversaries are doing that; it’s the volume and how quickly they’ve adapted to that.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the RSA Conference:

(* Disclosure: TheCUBE is a paid media partner for the RSA Conference. Neither RSA Conference LLC, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU