This year at RSA 2020, I was excited to announce the launch of several new offerings for our growing global ecosystem of technology alliance partners, CrowdStrike® Store application partners and Managed Security Service Providers (MSSPs).
Our new offerings are focused on making it easy for our partners to leverage our rich endpoint telemetry, cloud-delivered native CrowdStrike Falcon® platform and powerful Application Programming Interfaces (APIs) to build advanced security use cases and bring new, innovative solutions to their customers. At RSA 2020, we met with many strategic partners and customers, showcasing new apps and reaffirming our commitment to staying ahead of today’s sophisticated and evolving adversaries. Since the successful launch of the CrowdStrike Store in February 2019, we have continued to add partners and apps, enabling them to use our rich collect-once-reuse-everywhere data sets, backed by the power of artificial intelligence, to solve IT and security use cases — all without the need to deploy or design new workload sensors, or invest in new cloud platforms for additional analytics and storage.
CrowdStrike announced three new developments at RSA 2020: new Falcon platform capabilities tailored for MSSP solutions, an exciting new developer portal that makes it easier for partners to develop apps and integrations for the Falcon platform, and new CrowdStrike Store partners that are providing solutions to address specific security challenges our customers want to solve.
Simplify Customer Account Management and Provide Comprehensive Threat Protection with CrowdStrike Falcon Packaged MSSP
Designed with CrowdStrike MSSP partners in mind, several new capabilities of the Falcon platform have been introduced to simplify user and security policy management and ease day-to-day operational challenges. These new capabilities reduce the burden of operationalizing, configuring and optimizing endpoint security for MSSPs to accelerate workflow management, while providing comprehensive threat protection and remediation to keep their customers’ environments safe.
Key Benefits of New Capabilities for MSSPs:
- Simplified alert management: In today’s rapidly evolving threat landscape, the expanding number of alerts MSSPs must triage across all of their customer environments, combined with the challenge of consolidating disparate security consoles, can often result in alert fatigue and compromised security postures. It also makes it difficult for MSSPs to integrate comprehensive end-to-end visibility and threat detection into their customers’ digital footprint. With the new CrowdStrike Falcon platform offering, MSSPs have visibility into all threat detections across all of their customers’ environments via a single integrated user interface (UI), helping them identify, investigate and remediate specific threats efficiently.
- Efficient user management: A new self-service user management console helps MSSPs onboard new customers, and set up and manage multiple tenants — all from a single aggregated view for end-to-end customer lifecycle management.
- Effective policy management: MSSPs are now able to apply new security policies to specific deployment groups of customer environments, choosing either a global superset that spans all customer environments, or creating granular security policies for a specific set of customers or even a single customer. This enables MSSPs to manage and secure a variety of customer environments — scaling across different verticals with ease.
- Ease of deployment: With CrowdStrike Falcon’s cloud-delivered, highly scalable platform and automation capabilities, getting new customers up and running, managing and configuring security policies, upgrading and maintaining agents, and investigating and remediating threats can be achieved easily, with speed and at scale.
- Security expertise and training: With every new security technology added to the customer stack, the complexity and the sheer volume of telemetry are daunting for MSSPs to manage, in addition to dealing with the possibility of “silent failure.” CrowdStrike provides guidance built on years of cybersecurity industry experience, giving MSSPs the professional training and support that can help them succeed in stopping breaches within their customer environments.
- Flexible product offerings: CrowdStrike now offers flexible product bundles with tiered pricing and partner discounts to help meet the various needs of MSSPs to secure their customers.
Foster Community and Drive Innovation with the CrowdStrike Developer Portal
In CrowdStrike’s battle against advanced threat adversaries, we make it easy for our technology alliance partners, including our integration and the Store application partners, to leverage the power of the Falcon platform.
Our valuable crowdsourced data, rich APIs and highly scalable CrowdStrike Threat Graph® allow us to foster a growing ecosystem of cybersecurity and IT alliances in our global battle to fight advanced threats and stop breaches. Threat Graph is CrowdStrike’s purpose-built, cloud-native graph database that collects and analyzes massive amounts of data — currently over 3 trillion events per week — and delivers protection against new and emerging threats in real time across all CrowdStrike customers.
Two weeks ago, I was proud to announce the launch of the CrowdStrike Developer Portal to help provide a seamless onboarding experience for our technology integration and Store partners.
Key Benefits of the Developer Portal
- Seamless collaboration: The self-service portal provides a frictionless onboarding and user experience for our CrowdStrike technology alliance partners, Store partners and the developer community.
- Innovative solutions: The portal helps partners and customers define new solutions that employ Falcon’s rich suite of APIs, solve new security and IT use cases, and define orchestration and automation workflows.
- Access to developer tools: The personalized, interactive and easy-to-use portal offers extensive API documentation, use case examples, tutorials and schema definitions to help drive API adoption.
- Engagement with the developer community: The portal allows partners to engage directly and share common scripts and workflows that address similar pain points, further bolstered by collaboration channels and forums.
New CrowdStrike Store Apps to Counter Digital Risks and Multistage Attacks
Recent additions to the CrowdStrike Store focus on a variety of security solutions, including patch management, insider threat detection, vulnerability prioritization and attack service management. The two latest launch partners, SafeGuard Cyber and Hunters.AI, focus on digital risk protection and autonomous threat hunting, respectively. These apps expand the use cases addressed by the CrowdStrike Store, leveraging rich endpoint telemetry with no additional agent or platform installation required.
Use Case: Social and Digital Risk Protection
App: SafeGuard Cyber works with the CrowdStrike Falcon platform to extend visibility of detected threat activities occurring on protected accounts across over 50 social, mobile and collaboration channels, such as Facebook, Twitter, LinkedIn, WhatsApp, Slack, Microsoft Teams, SalesForce, etc. The SafeGuard Cyber application:
- Improves visibility and digital risk protection for your entire organization across digital assets, including unmanaged or “bring your own device” (BYOD) endpoints.
- Stops attacks on digital channels by utilizing Falcon threat intelligence APIs to evaluate IOCs (indicators of compromise) against known and unknown threats across digital channels and actual endpoints.
Use Case: Autonomous Threat Hunting
App: Hunters.AI leverages endpoint telemetry collected by the CrowdStrike Falcon platform to interconnect across other environments and a variety of data sources to proactively hunt for rare attack patterns and reveal multistage attacks. The Hunters.AI application:
- Provides end-to-end visibility into elusive cyberattacks that bypass existing controls, by enriching hunters’ threat signals with endpoint data collected by Falcon and overlaying data from other relevant sources, such as reported events from AWS, Azure and others, and network events.
- Enriches reporting by correlating Falcon threat intelligence feeds with threat hunters’ multidimensional data streams from different sources, to identify threats throughout all attack surfaces and reveal multistage attacks.
Through the CrowdStrike Store, customers can discover, try and seamlessly deploy these applications to extend their existing investment in the CrowdStrike Falcon platform and help optimize their security stacks.
Visit the CrowdStrike Store
Customers can learn more about the new partner apps and how they can solve and simplify your specific security challenges by accessing the CrowdStrike Store via the CrowdStrike Falcon UI console. The CrowdStrike Store provides auto-provisioning of in-app trials to allow you to easily deploy and try an app before investing.
Learn More About CrowdStrike MSSP Offerings
If you are interested in becoming an MSSP partner or want to learn more about CrowdStrike product offerings for MSSPs, visit the MSSP webpage. Learn how the CrowdStrike approach — exclusively tailored for MSSPs — provides an endpoint protection solution that is easy to implement and manage, and delivers powerful protection and comprehensive visibility to help stop breaches.
- Read the press release.
- Visit the MSSP Partner webpage if you are interested in becoming an MSSP partner.
- Learn more about the CrowdStrike Store by visiting the webpage.
- Visit the CrowdStrike Store Partner webpage if you are interested in becoming a CrowdStrike Store partner.
- Get a full-featured free trial of CrowdStrike Falcon Prevent™ and learn how true next-gen AV performs against today’s most sophisticated threats.