Elevate Technology Partner Ecosystem
A collaborative and coordinated approach is the key to stopping today’s breaches. The CrowdStrike Falcon Platform was built from inception to be open and extensible, so our customers and partners can easily expand their solutions to stop breaches in real time. And with the CrowdStrike Orchestration and Automation initiative, partners can further enhance their security offerings and tools to better detect, investigate and respond to security threats, faster and more efficiently.
Partners can easily extend their existing security offerings with several robust APIs to build extensions and integrations to the CrowdStrike Falcon Platform. These APIs span functional areas including detection, management, response and intelligence. Learn More »
An open source tool built on CrowdStrike’s Falcon Connect APIs, CrowdStrike Falcon Orchestrator allows partners to take advantage of powerful workflow automation and actions for incident response, security forensics, remediation, asset monitoring, and alert management. Learn More »
Featured Technology Partners
AttackIQ, a leader in the emerging market of continuous security validation, built the industry’s first platform to give enterprises the ability to test and measure the effectiveness of their security capabilities. The open-system FireDrill™ platform, which codifies the the MITRE ATT&CK framework within automated workflows, provides deep insights into how well current security tools, products and processes are working from an adversarial perspective. With its FireDrill™ platform and purpose-built community, AttackIQ is changing the security game. For more information visit www.attackiq.com.
E8 Security is transforming security operations by automating the learning of user and device behaviors to discover malicious activity unknown to security analysts, resulting in improved alert quality and accelerated investigations to make security operations more proactive. E8 Security raises the bar, as the first behavioral analytics vendor to make it easier for security teams to quickly identify unknown threat behaviors across endpoints, users and networks. The E8 Security Fusion platform provides a focused view of the network, so that analysts can quickly see hidden threats and know where to spend their time, reducing the investigation time from hours to minutes. In short, E8 Security helps security teams to detect, hunt, and respond by recognizing what is normal in their network so they can quickly respond to what is not. E8 Security is headquartered in Silicon Valley and is funded by Strategic Cyber Ventures, March Capital Partners, Allegis Capital and The Hive. Find out more at www.e8security.com.
Exabeam is a leading provider of user and entity behavior analytics, based on security-based data science and innovative Stateful User Tracking technology. We enable customers to detect and thwart cyber attacks that would otherwise go unseen by most enterprises. At the same time, we exponentially increase the productivity and effectiveness of valuable security operations teams by enabling them to cut through the noise of thousands of alerts and focus immediately on high-risk user profiles and behaviors. Built by seasoned security and enterprise IT veterans from Imperva and Sumo Logic, Exabeam is headquartered in San Mateo, California. Exabeam is privately funded by Norwest Venture Partners, Aspect Ventures, Icon Ventures, and investor Shlomo Kramer. Learn more: www.exabeam.com
HPE is a leading provider of security and compliance solutions for the modern enterprise that wants to mitigate risk in their hybrid environment and defend against advanced threats. Based on market leading products from HPE Security ArcSight, HPE Security Fortify, and HPE Security—Data Security, the HPE Security Intelligence Platform uniquely delivers the advance correlation and analytics, application protection, and data security to protect today’s hybrid IT infrastructure from sophisticated cyber threats.
IBM® QRadar® SIEM
IBM® QRadar® SIEM consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalizes and correlates raw data to identify security offenses, and uses an advanced Sense Analytics engine to baseline normal behavior, detect anomalies, uncover advanced threats, and remove false positives. As an option, this software incorporates IBM X-Force® Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents. Learn more: http://www-03.ibm.com/software/products/en/qradar-siem
RiskVision, the Big Data Risk Company, is the leading independent provider of integrated solutions for Operational and Security Risk programs. Learn more: www.riskvisioninc.com
Securonix is re-defining the next generation of cyber-threat detection using the power of entity context, machine learning, and big data. Our purpose-built, security analytics platform mines, enriches, analyzes, scores and visualizes data into actionable intelligence on the highest risk threats. Using machine learning techniques that track user, account and system behavior, Securonix detects the most advanced insider threats, cyber threats and fraud attacks in real-time. Globally, customers are using Securonix to address needs around insider threat detection, privileged misuse, cloud security, cyber threat detection, patient data monitoring, fraud detection and application security monitoring. Learn more: www.securonix.com.
Splunk’s market-leading platform powers Operational Intelligence and has pioneered innovative, disruptive solutions that make machine data accessible, usable and valuable to everyone. More than 10,000 customers in over 100 countries use Splunk software and cloud services… Learn more: www.splunk.com
Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack. More than 1,000 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth. Founded in 2010, Sumo Logic is a privately held company based in Redwood City, CA and is backed by Accel Partners, DFJ, Greylock Partners, IVP, Sequoia Capital and Sutter Hill Ventures. Learn more: www.sumologic.com
Sumo Logic Joint Solution Brief
Amazon Web Services
For 11 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS offers over 90 fully featured services for compute, storage, networking, database, analytics, application services, deployment, management, developer, mobile, Internet of Things (IoT), Artificial Intelligence (AI), security, hybrid, and enterprise applications, from 42 Availability Zones (AZs) across 16 geographic regions in the U.S., Australia, Brazil, Canada, China, Germany, India, Ireland, Japan, Korea, Singapore, and the UK. AWS services are trusted by millions of active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructure, make them more agile, and lower costs. Learn more: https://aws.amazon.com.
BluVector is an innovative next-generation machine learning solution that defends enterprises against evolving security threats. Leveraging patented technology and based upon years of malware analysis and classification, BluVector delivers fast, highly scalable and integrated detection of malicious software targeting enterprise networks to help security teams stay ahead of advanced threats and protect against data breaches and theft. BluVector’s installed base of customers includes Fortune 100 and public sector customers. BluVector is a product of Acuity Solutions Corporation. Learn more: www.bluvectorcyber.com
Centripetal Networks is a cyber-security solutions provider specializing in Active Network Defense. Centripetal’s RuleGate® operationalizes threat intelligence at scale, which drives an active cyber defense without impacting network performance. Learn more: www.centripetalnetworks.com
Cyphort delivers the Adaptive Detection Fabric, an innovative, distributed software security layer which stops threats that go undetected by in-line security tools. Cyphort’s open fabric integrates with existing security tools, delivering continuous insight and analysis of web and email traffic, prioritizing threat alerts for security teams, and providing auto-mitigation capabilities. Learn more: www.cyphort.com
Dragos is the trusted leader in industrial threat detection and response. Our team applies expert human intelligence in the form of threat behavior analytics and investigation playbooks to redefine industrial control system (ICS) cybersecurity. Dragos’ solutions include: the Dragos Platform, software providing ICS-specific asset discovery, threat detect, and investigation capabilities; Dragos Threat Operations Center, providing ICS security services including threat hunting, incident response, and training; and Dragos ICS WorldView, providing the industry’s only dedicated industrial threat intelligence in the form of weekly reports and critical alerts upon discovery. For more information, please visit www.dragos.com or read about our joint solution here.
ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more: www.forescout.com
Google Cloud Platform
PGoogle Cloud Platform is a cloud computing service by Google that offers hosting on the same supporting infrastructure that Google uses internally for end-user products like Google Search and YouTube. Cloud Platform provides developer products to build a range of programs from simple websites to complex applications. Learn more: https://cloud.google.com
Vectra® is an artificial intelligence company transforming cybersecurity. Its Cognito platform is the fastest, most efficient way to detect and respond to cyberattacks, reducing security operations workload by 168X. Cognito performs real-time attack hunting by analyzing rich metadata from network traffic, relevant logs and cloud events to detect attacker behaviors within all cloud and data center workloads, and user and IoT devices. Cognito correlates threats, prioritizes hosts based on risk and provides rich context to empower response. Cognito integrates with endpoint, NAC, firewall security to automate containment, and provides a clear starting point for searches within SIEM and forensic tools. Learn more: vectra.ai.
Anomali delivers earlier detection and identification of adversaries in your organizations network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. Learn more: www.anomali.com
Anomali Joint Solution Brief
EclecticIQ helps organizations to turn cyber threat intelligence into business value through products built for cyber security professionals in threat intelligence, threat hunting, SOC, and Incident Response. EclecticIQ Platform is the analyst-centric threat intelligence platform based on STIX/TAXII that meet the full spectrum of intelligence needs. EclecticIQ Fusion Center enables the acquisition of thematic bundles of cyber threat intelligence from leading suppliers with a single contract. The company won Deloitte’s Technology FAST50 Rising Star Award for “Most Disruptive Innovator”. EclecticIQ is headquartered in Amsterdam, The Netherlands. Learn more: www.EclecticIQ.com
IID’s flagship product, ActiveTrust, adds clarity to cyberthreat intelligence by distilling threat data from thousands of trusted sources, and fusing it into actionable intelligence delivered tosecurity professionals and automated infrastructure. Fortune 500 companies and U.S. Learn more: www.infoblox.com
King & Union
King & Union is outsmarting cyber adversaries by uniting security professionals and amplifying the power of the cybersecurity analyst. The company’s flagship product, Avalon, is a threat analytics platform built with collaboration at its core. Avalon provides a dynamic workspace where security operators and analysts can lean in, cut through the noise, and reduce the time to address threats from hours to minutes. The platform provides access to truly unique and exclusive data sources, automates repetitive workflows, and leverages real-time collaboration to deliver unparalleled insight and full context based on facts. Learn more: www.kingandunion.com
ThreatConnect® is an enterprise solution that bridges incident response, defense, and threat analysis. Our premiere cyber threat intelligence platform allows global organizations to effectively manage the massive amounts of threat information that comes in daily. Organizations are able to… Learn more: www.threatconnect.com
ThreatConnect Joint Solution Brief
ThreatQuotient is an on-premise, vendor-agnostic threat intelligence management appliance that automates network defense workflows. Detect adversaries more quickly through streamlined threat intel lifecycles that automatically deploy to your enterprise. Learn more: www.threatq.com
ThreatQuotient Joint Solution Brief
Demisto helps Security Operations Centers scale their human resources, improve incident response times, and capture evidence while working to solve problems collaboratively. Demisto Enterprise is the first comprehensive, Bot-powered Security ChatOps Platform to combine intelligent automation with collaboration. Demisto’s intelligent automation is powered by DBot which works with teams to automate playbooks, correlate artifacts, enable information sharing and auto document the entire incident lifecycle. Demisto is backed by Accel and has offices in Silicon Valley and Tel Aviv. Learn more: www.demisto.com
Demisto Joint Solution Brief
DFLabs is a recognized global leader in Security Automation and Orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milan, Italy. Learn more: www.dflabs.com
Hexadite is the only agentless intelligent security orchestration and automation platform for Global 2000 companies. By easily integrating with customers’ existing security technologies and harnessing artificial intelligence that automatically investigates every cyber alert and drives remediation actions, Hexadite enables security teams to amplify their ability to mitigate cyber threats in real-time. Learn more: www.hexadite.com
Hexadite Joint Solution Brief
Phantom automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Phantom was founded by enterprise security veterans Oliver Friedrichs and Sourabh Satish who have helped propel companies like Symantec, Sourcefire, Cisco and others to success. Learn more: www.phantom.us
Your enterprise needs to move faster, but lack of process and legacy tools hold you back. Every day, thousands of customer requests, IT incidents, and HR cases follow their own paths—moving back and forth between people, machines and departments. Unstructured. Undocumented. Unimproved for years. With the ServiceNow® System of Action™ you can replace these unstructured work patterns of the past with intelligent workflows of the future. Now every employee, customer and machine can make requests on a single cloud platform. Every department working on these requests can assign and prioritize, collaborate, get down to root cause issues, gain real‑time insights and drive to action. Your employees are energized. Your service levels improve. And you realize game‑changing economics. Work at Lightspeed™. Learn more: www.servicenow.com
Swimlane is an automated security operations and incident response platform leveraged by the Fortune 500 and US Federal Government agencies, enabling them to automatically triage, respond to and hunt for threats at machine speeds. The company’s Swimlane platform centralizes an organization’s security operations activities, automates incident resolution and integrates with threat intelligence. In addition, Swimlane provides security-specific business intelligence that boosts security performance and help executives, managers and analysts users make more informed decisions. Learn more: www.swimlane.com
Syncurity, synchronized security, is the force behind IR-Flow a rapidly deployable cybersecurity incident response solution. Our virtual SOC is scalable from small business to full enterprise deployments, Syncurity IR-Flow helps security professionals streamline their operations and transition to a collaborative incident response process tailored to their unique operating environment. Learn more: www.syncurity.net
WitFoo exists to mature the craft of Information Security and to stop systemic failure in incident response. Founded in early 2016, WitFoo develops tools that significantly reduce the noise associated with cyber-attacks and builds processes that accelerate incident response. Learn more: www.witfoo.com
Learn more about our CrowdStrike Technology Partners.
More Partnership Opportunities
Interested in becoming a CrowdStrike Elevate Partner? Contact us for more information.