In 2020, we saw a rapid shift to digital transformation, accelerating the adoption of cloud technologies across industries. This secular technology trend has increased the opportunities for targeted attacks, presenting security teams with a complex set of challenges rooted in disparate systems and data, a wider range of managed and unmanaged endpoints and identities, and end-user access to hundreds of personal and business applications required for everyday work.
After completing our second “100 in 100” customer tour during which I met with 100 customers and prospects in 100 days, I heard unequivocally that organizations are looking for a modern, identity- and workloads-centric Zero Trust security strategy to lay the foundation for their security transformation. What I heard was that the traditional firewall was disappearing and that what mattered to customers was Endpoint and Identity.
Combining workload security with identity protection is foundational for establishing true Zero Trust environments. Furthermore, Zero Trust requires reliable, real-time data about the state of all workloads, networks, and identities. As the leader in endpoint and cloud security, CrowdStrike, along with leading technology partners, offers exceptional capabilities to support workload security and enables data-driven Zero Trust visibility and enforcement.
According to the Verizon Business 2020 Data Breach Investigations Report, more than 80% of breaches incorporate some element of compromised or weak credentials. It’s clear that insider threats and attacks that leverage identity stores remain a blind spot for even the most advanced organizations.
To address these challenges and advance our customers’ Zero Trust journeys, I am pleased to announce that CrowdStrike has agreed to acquire Preempt Security, a leading provider of conditional access based on the detection and prevention of identity-based attacks. With this acquisition, CrowdStrike plans to expand our Zero Trust capabilities to incorporate critical information around identity and we plan to deliver a new module as part of the CrowdStrike Falcon® platform, once the integration of Preempt is complete. The combination of our workload security technologies and Preempt’s conditional access capabilities will help customers achieve end-to-end visibility and enforcement to protect users, workloads, and data. The addition of Preempt will also expand CrowdStrike’s total addressable market to include Identity Security, which is estimated to be $2 billion in 2020*.
Preempt’s technology is not only an important component of the Zero Trust journey but it also allows customers to improve detection and prevention of attacks such as Zerologon or reconnaissance tools such as Bloodhound.
As highlighted in the latest CrowdStrike Services Cyber Front Lines Report, these tools are a critical piece in the lateral movement and privilege escalation phases of most intrusions. With the integration of Preempt’s technology, the CrowdStrike Falcon platform will gain further visibility and prevention capabilities to stop these sophisticated “living off the land” attacks.
One of the unique features of the Preempt platform is its ability to meet the conditional access requirements of an organization without putting unnecessary burden on security staff. The technology detects identity-based attacks and unauthorized access attempts, allowing customers to block, notify, force re-authentication, or challenge the user with multi-factor authentication. Preempt identifies threats with a high degree of accuracy while ensuring that legitimate activities are not disrupted. This conditional access is achieved by applying machine learning on data gathered from Active Directory, cloud SSO from partners such as Okta and Ping, NTLM logs, and other sources. Combined with CrowdStrike Falcon’s industry-leading threat telemetry, that correlates over 3 trillion endpoint-related events per week in real time from across the globe, customers will receive a highly effective solution to apply advanced access controls and detect anomalous activities in real-time.
Earlier this year, CrowdStrike jointly announced an alliance with Okta, NetSkope and Proofpoint to help organizations implement a modern, comprehensive, and integrated Zero Trust strategy. By integrating our technology with best-of-breed solutions, including with CrowdStrike Store partners, combined with our planned acquisition of Preempt, CrowdStrike is leading the charge in delivering an end-to-end Zero Trust solution for customers.
*Source: International Data Corporation #US45384120 – Worldwide Identity Forecast, 2020–2024 (Advanced Authentication market)