I get excited when I see any technology that is built on a core platform that enables customers and partners to easily extend the functionality and capabilities of that platform to solve other complex issues within their own enterprise. The security industry has many of these platforms – heck, I was one of the original pioneers of the first network security platform called OPSEC at Check Point Software, (some of you may remember the complicated APIs, ongoing maintenance, and complexity of integration).
The acceptance of Cloud computing and SaaS-delivered security solutions has given rise to a new kind of platform in our industry, one that embraces standards-based APIs and enables customers and partners to innovate quickly without the complexity of on-premise systems. The CrowdStrike Falcon™ Platform embodies all of this. It is powered by the CrowdStrike Threat Graph™ technology and offers a whole range of integration points allowing customers and partners to leverage the information collected by our sensors, providing visibility of endpoint activity, context to provide better security and control to automate and orchestrate other activities.
First, you need to understand that the platform is built on the CrowdStrike Threat Graph, which as George explains here, is the brains behind the platform that we use to stop breaches, capable of processing and collecting 10 billion events per day. Consider this the “DVR” in your environment, recording what’s happening on every endpoint in the enterprise. Pretty cool, huh?
Now consider what other functionality and capabilities you can build if you had access to this rich source of data in your environment. Consider traditional IT tasks such as:
- How many nodes in the enterprise are using a particular version of some software?
- How many people have upgraded to the latest version of Microsoft Office?
- How many people have disabled AV?
These and many other tasks traditionally required a heavy agent on the endpoint or polling the endpoint on a regular basis, which bogged down the system and your network. This level of visibility can now be accomplished without ever touching the endpoint or even connecting to it. You can query the CrowdStrike Threat Graph in the cloud using web APIs and pull information into your app, quick, easy and with zero overhead on the endpoint or your network.
Next, we all understand the importance of coordinating our security solutions to better fight the adversary. Here again, the CrowdStrike Threat Graph provides partners and customers the ability to understand the context and set appropriate controls of their endpoints in the enterprise at any particular moment in time, using our web APIs. Security orchestration, SIEM and other solutions can leverage this contextual information to automate security operations. Security gateway solutions can leverage the controls provided by the platform to take immediate actions such as quarantining a particular endpoint.
The other aspect I am really excited about here at CrowdStrike is our ability to deliver the solutions in an innovative fashion, leveraging new routes to market alongside our partner community. It is no longer acceptable to sell, setup and configure a security tool for a customer and walk away, expecting the customer to figure out how to derive value. Our partners are more than the trusted advisor to the customer; they are the customer-success managers that provide additional services, tools and in some cases, leveraging the integration capabilities of the Falcon Platform to extend its capabilities for the customer. Our Elevate Solution Provider and Managed Service Provider (MSP) partners go above and beyond just reselling CrowdStrike solutions; they enable our customers to detect and block any type of adversary activity targeting their organization, offering flexible ways to deploy Falcon. Our announcement today of the Elevate Partner Program, reflects the elevated role our partners play when delivering integrated solutions to our customers.
A couple of really exciting paradigm shifts in the security industry are occurring right now, and CrowdStrike is well positioned to help our customers and partners leverage these shifts and ensure we succeed in defeating the adversary and stop the breach.