CrowdStrike and NIST 800-53: Now That’s What I Call a “Twofer”


“Twofer” has entered into the lexicon of everyday use. The Urban Dictionary defines it as the opportunity to receive the value of two, for the price, effort or quantity of one. Who wouldn’t find that appealing?

Today, Crowdstrike releases an independent assessment report on the use of Falcon Host with respect to the National Institute of Standards and Technology (NIST) SP 800-53 framework. For me, it is a great example of a twofer. Why? Well, in deploying and using Falcon Host, organizations not only get best-in-class protection for their endpoints, they also get the assurance that it will help in their efforts to achieve and maintain compliance with NIST SP 800-53. A twofer, if ever I saw one.

The NIST Special Publication 800-53 Revision 4 is a security control standard  that provides guidelines for selecting technical, physical, and operational security controls for components of an information system that processes, stores, or transmits federal information. This framework is intended to ensure that information technology products —  and systems built from these products following the recommended controls — are sufficiently trustworthy.

Today’s report comes from Coalfire, a leading assessor for compliance standards across government, financial, manufacturing, and healthcare industries. Coalfire found that Falcon Host provides capabilities in detection and responding to threats, and associated collection of activities, making CrowdStrike Falcon Host a suitable solution for addressing the system protection and monitoring controls identified in NIST SP 800-53 Rev. 4.

Specifically, Coalfire found that Falcon Host helps implementing organizations with eight separate NIST control families, covering 23 separate controls. The control families identified are:

  • Audit and Accountability
  • Security Assessment and Authorization
  • Configuration Management
  • Identification and Authentication
  • Incident Response
  • Program Management
  • System and Services Acquisition
  • System and Information Integrity

The reality for those organizations required to comply with NIST 800-53 is that they need to prove to auditors that the steps they have taken, regarding both products and processes, meet the controls laid out in the framework. It is one thing to say you comply, but no auditor is going to take that as proof, and that is something we took to heart in setting out to commission this independent report. We asked Coalfire to specify in detail, to customers and potential customers, exactly where Falcon Host can assist in their compliance efforts. Furthermore, we wanted Coalfire to provide detailed and specific information that organizations could turn over  to auditors in support of their NIST-compliant practices. As you will see when you read the report, Coalfire has struck that balance.

At the end of the day, we believe that Falcon Host delivers the best protection, while at the same time assisting organizations reduce their NIST compliance efforts. That’s a twofer.

For more information on how CrowdStrike can assist your organization in meeting compliance and certification frameworks — such as NIST, HIPAA, PCI and others, please visit our Falcon Host compliance page. You can also download the independent assessor’s report, “Crowdstrike Falcon Host Comparison with Nist Sp 800-53 Rev. 4.”

CrowdStrike Falcon Free Trial

Try CrowdStrike Free for 15 Days Get Started with A Free Trial