Falcon Complete and CrowdStrike Adversary Emulation Pen Testing Recognized as “Cyber Catalysts” in Marsh Cyber Risk Evaluation

Marsh, one of the world’s leading insurance broker and risk adviser, has named CrowdStrike® as a recipient of its first-ever “Cyber Catalyst" designations. CrowdStrike achieved designations for Falcon CompleteTM and CrowdStrike Services Adversary Emulation Penetration Testing. This is a significant achievement because it not only provides guidance to organizations seeking cybersecurity solutions and services, it also means that in adopting Cyber-Catalyst-designated solutions, companies may be considered for enhanced terms and conditions on individually negotiated cyber insurance policies with participating insurers.

Leading Cyber Insurers Participated

Eight leading insurers participated in Marsh’s Cyber Catalyst program, which evaluated more than 150 cybersecurity products and services, spanning a range of functionality in areas such as data, hardware, network, infrastructure, endpoint, application and messaging security, as well as IoT controls, identity and access management, and risk and compliance. The solutions were evaluated based on their ability to have a meaningful impact on cyber risk. The participating insurers include Allianz, AXIS, AXA XL, Beazley, CFC, Munich Re, Sompo International and Zurich North America. They chose 17 vendors for recognition.

Why CrowdStrike Falcon® Complete Was Chosen

The insurers that evaluated vendors for this recognition rated CrowdStrike Falcon® Complete highest on the criteria of cyber risk reduction, performance and efficiency. Here are some quotes from their evaluation:
  • “A superb product. The cradle-to-grave approach to managed threat response is a differentiator, along with ease of deployment and short response cycle.”
  • “An innovative approach that combines excellent endpoint security with an additional layer of client assistance that will work for a majority of companies regardless of size or industry.”
  • “A unique product warranty that complements a very good product.”

Comprehensive Endpoint Protection

Falcon Complete is CrowdStrike’s comprehensive endpoint protection solution that provides companies with an instantly optimized security posture – without the burden, overhead and cost of managing a program internally. It delivers the technology, platform, actionable intelligence and security expertise necessary to provide beginning-to-end endpoint security. This powerful combination of people, processes and technology delivers the highest level of endpoint security maturity, alleviating the need for a company to build it themselves – or to hire, train and retain qualified security personnel. In addition, Falcon Complete comes with a breach warranty of up to $1 million in the event that a customer using this solution experiences a breach within the protected environment.

Why CrowdStrike Adversary Emulation Penetration Testing Was Chosen

In evaluating CrowdStrike Adversary Emulation Penetration Testing, insurers gave it the highest ratings on the criteria of cyber risk reduction, efficiency and flexibility. In their evaluation, insurers said of the CrowdStrike’s Adversary Emulation service:
  • “This approach and expertise behind this service would provide very concrete outcomes to improve on a company’s security capabilities.”
  • “The capability to emulate different types of threats can be very effective in ensuring ‘blue teams’ are prepared for risks they may face.”
  • “The ability to mirror the current threat landscape with this unique product should encourage companies to gauge their readiness for an array of attacks.”

Measuring Cybersecurity Readiness

CrowdStrike’s adversary emulation service goes beyond basic

 

penetration testing
to help organizations gauge their security readiness and ability to defend against a targeted attack. Creating a simulated attack, CrowdStrike takes a step-by-step approach that follows the kill chain, mimicking tactics, techniques and procedures used by real-world adversaries as they try to gain access to a company’s network. Adversary emulation helps organizations gain insight into their network security postures, ensures they are ready for a targeted attack, and provides insight and the ability to predict what an adversary could do inside the network.

Evaluation Criteria

The evaluation process for these designations involved two stages. First, evaluators conducted a deep-dive assessment into the eligible participants they felt warranted review. Second, they attended product and service demonstrations to see the solutions and services in action. Voting was independent by each insurer, with Marsh calculating the results. In order to achieve the Cyber Catalyst designation, a product or service had to be chosen by at least six of the eight insurers.

 

 

The participating insurers evaluated cybersecurity vendors based on the following criteria:
  • Reduction of cyber risk: Demonstrating the ability to address major enterprise cyber risks, such as data breach, theft or corruption; business interruption; or cyber extortion.
  • Key performance metrics: Demonstrating the ability to quantitatively measure and report on factors that reduce the frequency or severity of cyber events.
  • Viability: Based on client-use cases and successful implementation.
  • Efficiency: Demonstrating the ability of users to successfully implement and govern the use of the product to reduce cyber risk.
  • Flexibility: Solution has a broad applicability to a range of companies/industries.
  • Differentiation: Solution has distinguishing features and characteristics.

Implementation Principles

Participating insurers working with vendors whose solutions are Cyber Catalyst-designated have developed “implementation principles” for each product or service. Implementation principles are included in the fact sheet for each specific Cyber Catalyst-designated solution. Learn more by download the Marsh fact sheets for Falcon Complete and CrowdStrike Services Adversary Emulation Penetration Testing.

Additional Resources