CrowdStrike expands third-party integrations across key security domains

Cybersecurity solutions company CrowdStrike rebranded its Falcon Insight offering to Falcon Insight XDR (eXtended Detection and Response)to better represent the enhanced features and integration of third-party telemetry from CrowdXDR Alliance partners.

According to CrowdStrike, Falcon Insight XDR enables customers to leverage the power of native and hybrid XDR as a fundamental platform capability, with no disruption to existing EDR capabilities or workflows.

CrowdStrike is allowing all EDR customers to easily activate XDR capabilities within Falcon Insight XDR through simple-to-consume connector packs that unlock cross-domain detections, investigations, and response actions across all key security domains from a unified console.

CrowdStrike detects 1 cyber intrusion every 7 minutes
Cybersecurity a priority post-pandemic for 9 of 10 business leaders in PH

“By combining first-party and third-party integrations, security teams can create a detailed storyline on how an attack develops and progresses from detection to remediation. That’s the power of XDR and what we are delivering to our customers,” said Michael Sentonas, chief technology officer at CrowdStrike.

CrowdXDR Alliance partners

CrowdStrike is also breaking down the silos that limit the value of native XDR approaches by further integrating third-party telemetry from CrowdXDR Alliance partners, which now include Cisco, ForgeRock, and Fortinet as new members, and third-party vendors, which now include Microsoft and Palo Alto Networks. With this release, CrowdStrike is once again disrupting the eXtended Detection and Response (XDR) category.

CrowdStrike said that it is committed to supporting leading vendors across all key security domains — email, firewall, identity, NDR, and SSE (CASB and web) — to enrich detections, investigations, and response actions.

Falcon platform customers who have Falcon Insight XDR and Falcon Cloud Workload Protection, Falcon Identity Threat Protection, and/or Falcon for Mobile (EDR) can add the native XDR connector pack, which will be available at cost to ensure all CrowdStrike customers can leverage the platform’s native XDR capabilities.

Cloud security

CrowdStrike is releasing new expert-developed detections including data from Falcon Identity Threat Protection, as well as integrating additional telemetry from Falcon Horizon (Cloud Security Posture Management) and Falcon Spotlight (Vulnerability Management) into Falcon Insight XDR.

Falcon Insight XDR now integrates with Zscaler Zero Trust Exchange to drive response actions from XDR detections or through automated Falcon Fusion (SOAR) workflows. These automated response actions include limiting or updating user access to applications with adaptive access control policies based on detection criticality and providing full closed-loop remediation across platforms.