“We don’t have a mission statement — we have a mission.”
— George Kurtz, CrowdStrike CEO and Co-Founder
CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Co-founders George Kurtz and Dmitri Alperovitch realized that a brand new approach was needed– one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware.
CrowdStrike’s mission is simple: to keep the bad guys out of your network.
The Story Behind the CrowdStrike Story
(a letter from our founders)
Prior to starting CrowdStrike, George and Dmitri spent a year traveling the globe visiting the world’s largest organizations, listening to their security challenges. As the Worldwide CTO, and the Vice President of Threat Research (respectively) at one of the largest security vendors on the planet, we were both painfully aware that existing solutions were falling short, unable to meet the latest challenges in information security.
The in-depth investigations we were conducting for customers who had been hacked – along with a glance at the headlines on any given day — confirmed what we already knew: Despite spending millions of dollars on the best security products and personnel available, major organizations were suffering devastating breaches, seemingly on a daily basis. And there was no “silver bullet” technology to offer that could keep our customers from becoming the next headline.
OLD SOLUTIONS FALLING SHORT
We realized that the nature of cyber security problems had changed radically, but the solutions had not. All of the major security providers were still relying on outdated 1990s architecture, and were myopically focused on stopping malware. But the problem was no longer just about the malware, it was about the adversaries themselves, and building technology capable of stopping them would require starting from scratch.
This new breed of adversaries is extremely skilled, often well-funded, and utterly relentless. And they are able to simply outsmart and bypass malware-based defenses. In fact, malware is only responsible for four out of every 10 attacks. What about the other 60 percent? The real challenge going forward was about identifying these sophisticated adversaries – regardless of whether they were professional cyber criminals, nation-state actors, hactivists or malicious insiders – detecting their actions at the earliest possible stage of an attack, and actively preventing them from completing those attacks.
STARTING FROM SCRATCH
To solve the problem, we had to create a new endpoint protection platform from the ground up. Protecting endpoints was critical, because that’s where the data resides in any organization, and it’s exactly where these targeted attacks are focused. Once the endpoint is breached, adversaries can move laterally within your network with relative ease, and quietly siphon off your valuable data and intellectual property for months, sometimes years, without fear of detection.
So we started designing a brand-new security architecture, one delivered entirely in the cloud. Companies already understood the benefits that Software as a Service (SaaS) provided in the form of CRM, HR, financial and other business-critical solutions, and it was high time that security adopted that model, too. Not only would cloud architecture drive down cost and complexity, it would allow us to effectively crowdsource threat information from around the world and provide instant “community immunity” to our customers.
To collect endpoint data as efficiently as possible, and avoid the performance issues that plagued existing endpoint security offerings, we designed an extremely lightweight sensor that could be deployed rapidly and seamlessly across even the largest customer environments. Finally, by employing a cutting-edge Graph Data Model in the cloud, we could look at billions of individual endpoint events simultaneously and analyze them in real time, using a combination of highly advanced algorithms, machine learning and top-notch human intelligence to spot anomalies, identify patterns, and prevent attacks.
SOPHISTICATED PROBLEMS NEED SOPHISTICATED SOLUTIONS
This new platform, which we named Falcon, gives our customers the unique ability to detect and prevent never-before-seen attacks while they are still in progress – protecting them against threats their conventional defenses couldn’t even see. It even gave rise to an entirely new science for detecting adversary activity before it’s too late. Instead of just relying on so-called indicators of compromise (IOCs) to determine whether a breach has already occurred, we are able to identify active indicators of attack (IOAs) to detect and curtail adversary activity before a breach.
For us, it’s all about securing your brand, your data, and your people. At the end of the day, hacking and the attacks we see in the media have real impact on people’s lives. Here at CrowdStrike, we are extremely proud to provide this level of protection to our rapidly expanding base of customers. It’s a responsibility that we take very seriously, and it drives us to constantly push the envelope, hunting for new threats and adversaries, and devising better ways to stop them.
Thank you for joining us on this important journey.
President/CEO & Co-Founder
Co-Founder and CTO
OUR PEOPLE & CULTURE
Our revolutionary approach and mission has allowed us to attract the best and brightest, not just from the technology and security sectors, but also from law enforcement, industry, and intelligence communities. What binds us all together is a shared passion for creating the next-generation technologies and services necessary for defeating today’s toughest adversaries.
You Don’t Have a Malware Problem. You Have an Adversary Problem.