Avalon Healthcare Secures 100+ Million Members with the CrowdStrike Falcon Platform

When Avalon Healthcare Solutions launched, CISO and SVP Information Systems Jesse Webb had a rare opportunity to build cybersecurity into the company’s DNA from day one. As employee number two, he designed Avalon’s cloud infrastructure, compliance framework, and IT systems from scratch.

But as the company grew to manage sensitive diagnostic lab and genetic data for over 100 million members, its early mix of point tools could no longer keep up. “We started with a secure foundation,” Webb said. “But as our environment matured, we needed a more unified, scalable solution to see and secure everything across AWS and our endpoints.”

That next step led Avalon to the AI-native CrowdStrike Falcon® platform, which replaced its legacy stack with a single, integrated layer of visibility and control.

Before CrowdStrike, Avalon’s small security team was managing a patchwork of point solutions — from endpoint protection to separate CSPM and vulnerability management tools. Visibility was fragmented, response times lagged, and admins had to wait for remediation scans for confirmation that patches worked.

“As our environment grew, our legacy AV just couldn’t keep up, especially in the Linux space,” Webb said. “We made the move to CrowdStrike as a maturity step … to get one platform that could see everything: assets, applications, identity, and vulnerabilities.”

The switch brought increased clarity and efficiency. With CrowdStrike Falcon® Cloud Security replacing Avalon’s legacy CSPM, and CrowdStrike Falcon® Exposure Management unifying risk visibility, the company consolidated with CrowdStrike.

For Avalon, exposure management isn’t a security add-on, it’s the centerpiece of how the company prioritizes and mitigates vulnerability risk. Each week, Webb’s security, app dev, and IT operations (DevSecOps) teams can review exposure management dashboards, which show vulnerabilities, attack paths, and risk scores across interconnected systems.

“Exposure management and vulnerability management are key focus areas for Avalon,” Webb explained. “We used to only run weekly scans and review open exposures together with the app dev and IT ops teams. The holistic real-time view from CrowdStrike shows us not just what’s vulnerable, but how those risks connect. We still meet weekly but when we find a critical attack path, we pull the team in immediately.”

That context changed everything. During one review, Falcon Exposure Management revealed an attack path linking Avalon’s customer portal and its backend database — two different systems for two separate teams. “When we showed them the attack path, it was an ‘aha’ moment,” said Webb. “They could see exactly how those vulnerabilities were linked. Suddenly, everyone understood why rapid remediation mattered.”

Falcon Exposure Management’s attack path analysis and ExPRT.AI risk ratings now drive Avalon’s prioritization process. Instead of chasing hundreds of CVEs, teams can focus on the few that matter most.

CrowdStrike’s real-time feedback loop has eliminated one of Avalon’s biggest operational bottlenecks: delayed patch validation.

“Before exposure management, our admins would have to wait days for the next vulnerability scan or request a rescan to verify a patch,” Webb said. “Now, with CrowdStrike, they get feedback in minutes. They know almost instantly that the fix worked and can move on to the next issue.”

That speed has saved countless hours and transformed collaboration across teams. “Everyone’s looking at the same data,” Webb added. “It’s reduced most arguments about priorities.”

CrowdStrike has also helped Avalon evolve its security culture. Rather than treating cybersecurity as a separate function, Webb uses Falcon Exposure Management to empower system administrators with shared visibility and accountability.

“Security is no longer the sole domain of the security team,” Webb said. “With CrowdStrike, my admins can see risk ratings and vulnerabilities directly. They’re proactive about patching, and they own the security of their systems.”

By giving every team a clear view of risk, Webb’s small security staff can focus on strategy instead of constant triage. “They have the data, they see the risks, and they act,” he said.

Operating entirely in AWS, Avalon relies on Falcon Cloud Security to extend CrowdStrike’s protection across its infrastructure, applications, and workloads. The Falcon platform’s unified dashboards allow Webb to track cloud posture, identity activity, and vulnerabilities in context — all through a single lens.

“When you’re protecting over 100 million members across multiple software platforms and cloud services, it’s complicated,” Webb said. “CrowdStrike lets me see everything and how it all interrelates. That saves time, money, and resources for a midsize business with a small team.”

CrowdStrike’s mature Linux coverage was another deciding factor in Avalon’s migration. “One of the areas our legacy AV provider wasn’t keeping up with was Linux,” Webb explained. “CrowdStrike’s protection in that space is top-tier and critical for us.”

Webb credits CrowdStrike’s support and responsiveness as a major differentiator. “CrowdStrike support is fantastic,” he said. “When we reach out, we get answers fast. That’s critical when you’re remediating issues in production.”

The results speak for themselves. Avalon recently cut its cyber liability insurance premiums by 25%, a reflection of its strengthened security posture. “That reduction came directly from how we run our security program,” Webb said. “CrowdStrike is a big part of that.”

As Avalon continues to mature its exposure management workflows, Webb is exploring deeper automation through CrowdStrike’s AI and SOAR capabilities. “We’re still integrating exposure management into our workflows,” he said. “As trust grows, I can see us patching certain systems on demand.”

For now, the focus remains on continuous improvement: refining visibility, accelerating response, and protecting sensitive healthcare data.

“Healthcare data reveals everything about a person … their relationships, their vulnerabilities,” Webb concluded. “Protecting that data isn’t just compliance, it’s a mission. CrowdStrike helps us fulfill that mission every day.”