- CrowdStrike Services
- Cyber Front Lines Report
- Incident Response Insights that Matter for 2020
- Download Now
ELEVATE TECHNOLOGY PARTNER ECOSYSTEM
A collaborative and coordinated approach is the key to stopping today’s breaches. The CrowdStrike Falcon Platform was built from inception to be open and extensible, so our customers and partners can easily expand their solutions to stop breaches in real time. And with the CrowdStrike Orchestration and Automation initiative, partners can further enhance their security offerings and tools to better detect, investigate and respond to security threats, faster and more efficiently.
Partners can easily extend their existing security offerings with several robust APIs to build extensions and integrations to the CrowdStrike Falcon Platform. These APIs span functional areas including detection, management, response and intelligence. Learn More »
An open source tool built on CrowdStrike’s Falcon Connect APIs, CrowdStrike Falcon Orchestrator allows partners to take advantage of powerful workflow automation and actions for incident response, security forensics, remediation, asset monitoring, and alert management. Learn More »
MORE PARTNERSHIP OPPORTUNITES
AttackIQ, a leader in the emerging market of continuous security validation, built the industry’s first platform to give enterprises the ability to test and measure the effectiveness of their security capabilities. The open-system FireDrill™ platform, which codifies the the MITRE ATT&CK framework within automated workflows, provides deep insights into how well current security tools, products and processes are working from an adversarial perspective. With its FireDrill™ platform and purpose-built community, AttackIQ is changing the security game. For more information, visit www.attackiq.com
Exabeam is a leading provider of user and entity behavior analytics, based on security-based data science and innovative Stateful User Tracking technology. We enable customers to detect and thwart cyber attacks that would otherwise go unseen by most enterprises. At the same time, we exponentially increase the productivity and effectiveness of valuable security operations teams by enabling them to cut through the noise of thousands of alerts and focus immediately on high-risk user profiles and behaviors. Built by seasoned security and enterprise IT veterans from Imperva and Sumo Logic, Exabeam is headquartered in San Mateo, California. Exabeam is privately funded by Norwest Venture Partners, Aspect Ventures, Icon Ventures, and investor Shlomo Kramer. Learn more: www.exabeam.com
IBM® QRadar® SIEM
IBM® QRadar® SIEM consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalizes and correlates raw data to identify security offenses, and uses an advanced Sense Analytics engine to baseline normal behavior, detect anomalies, uncover advanced threats, and remove false positives. As an option, this software incorporates IBM X-Force® Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents. Learn more: http://www-03.ibm.com/software/products/en/qradar-siem
King & Union
King and Union helps security teams simplify security analysis and reporting and reduce time spend on manual, administrative tasks. With Avalon, our analysis delivery platform, teams can quickly visualize data, investigate together in real time, then efficiently create and deliver the finished intelligence required to key stakeholders, all in a single interactive workspace.
Micro Focus Interset
Micro Focus Interset user and entity behavioral analytics (UEBA) gives security teams a new lens through which to find and respond to difficult-to-find insider threats or targeted outside attacks. Bypassing rules and thresholds, Interset uses unsupervised machine learning to measure the unique digital footprint of systems and users. Interset then distills billions of events into a prioritized list of high-quality security leads to focus and accelerate the efforts of the security operations center (SOC). What used to take months, can now take minutes. Learn more: microfocus.com
Securonix is re-defining the next generation of cyber-threat detection using the power of entity context, machine learning, and big data. Our purpose-built, security analytics platform mines, enriches, analyzes, scores and visualizes data into actionable intelligence on the highest risk threats. Using machine learning techniques that track user, account and system behavior, Securonix detects the most advanced insider threats, cyber threats and fraud attacks in real-time. Globally, customers are using Securonix to address needs around insider threat detection, privileged misuse, cloud security, cyber threat detection, patient data monitoring, fraud detection and application security monitoring. Learn more: www.securonix.com
Splunk Inc. (NASDAQ: SPLK) was founded to pursue a disruptive new vision: make machine data accessible, usable and valuable to everyone. Organizations use market-leading Splunk solutions with machine learning to monitor, investigate and act on all forms of business, IT, security, and Internet of Things (IoT) data. Learn more: www.splunk.com
Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack. More than 1,000 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth. Founded in 2010, Sumo Logic is a privately held company based in Redwood City, CA and is backed by Accel Partners, DFJ, Greylock Partners, IVP, Sequoia Capital and Sutter Hill Ventures. Learn more: www.sumologic.com Sumo Logic Joint Solution Brief
Every business relies on mission-critical applications. TrueFort ensures that businesses understand the behavior of those applications in order to detect and protect against threats – especially those that breach endpoint and perimeter security. With tools for real-time visibility and behavior analytics, TrueFort offers comprehensive data center application security and full-stack cloud workload protection. And now as a premier CrowdStrike Store integrated solution, CrowdStrike customers can get this power at their fingertips and fortify their environment with visibility down to the process and identity level leveraging the CrowdStrike unified agent they’ve already deployed. With over 100+ years of combined experience at top global investment banks and ecommerce companies, and funding from leading investors like Evolution Equity Partners, Lytical Ventures and Emerald Development Managers, TrueFort can help you fortify your mission-critical applications. Learn more: www.truefort.com
Acalvio’s mission is to detect Advanced Attackers with precision and speed. Our patented innovations in the area of Cloud, AI (Artificial Intelligence) and SDN (Software Defined Networking) has allowed us to deliver our award winning Autonomous Deception platform, ShadowPlex. ShadowPlex represents an architectural leap over earlier generation Deception Solutions in its Detection Efficacy and Deployment Efficiency. The Silicon Valley-based company is led by an experienced team with a track record of innovation and market leadership and backed by marquee investors. www.acalvio.com
Airlock Digital makes Application Whitelisting practical to deploy and maintain in both small to enterprise scale environments. Supporting both desktops and servers, Airlock Digital enables your organisation to implement a proactive and extremely effective security strategy, without the technical overhead typically associated with Application Whitelisting. Learn more at: www.airlockdigital.com
Amazon Web Services
Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS offers over 125 fully featured services trusted by millions of active customers around the world, including the fastest growing startups, largest enterprises, and government, to power their infrastructure, make them more agile, and lower costs. Learn more: aws.amazon.com
Automox is the cloud-native cyber hygiene platform that reduces exploitable attack surface by eliminating the vulnerabilities that adversaries target most. Automox dramatically speeds system hardening by automating and enforcing critical patches, software updates, security configurations and custom scripting across diverse endpoint environments – whether on-prem, in the cloud or on the move. Learn more: www.automox.com
Centripetal Networks is a cyber-security solutions provider specializing in Active Network Defense. Centripetal’s RuleGate® operationalizes threat intelligence at scale, which drives an active cyber defense without impacting network performance. Learn more: www.centripetalnetworks.com
Dell Technologies (NYSE:DELL) is a unique family of businesses that helps organizations and individuals build their digital future and transform how they work and live. The company provides customers with the industry’s broadest and most innovative technology and services portfolio spanning from edge to core to cloud. The Dell Technologies family includes Dell, Dell EMC, Pivotal, RSA, Secureworks, Virtustream and VMware. Learn more:
The Dragos Platform is the industry’s most comprehensive industrial control systems (ICS) cybersecurity software. Providing in-depth asset identification, threat detection, and response capabilities, the Dragos Platform distills decades of real-world experience from an elite team of ICS cybersecurity experts across the U.S. intelligence community and private industrial companies. Dragos also offers professional ICS services, including threat hunting, incident response, assessments, and training, as well as unique ICS threat intelligence, Dragos WorldView. For more information about Dragos app on the CrowdStrike Store, please visit here.
ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more: www.forescout.com
Google Cloud Platform
Google Cloud Platform is a cloud computing service by Google that offers hosting on the same supporting infrastructure that Google uses internally for end-user products like Google Search and YouTube. Cloud Platform provides developer products to build a range of programs from simple websites to complex applications. Learn more: cloud.google.com
Mimecast is a cybersecurity provider that helps thousands of organizations worldwide make email safer, restore trust and bolster cyber resilience. Mimecast’s expanded cloud suite enables organizations to implement a comprehensive cyber resilience strategy. From email and web security, archive and data protection, to awareness training, uptime assurance and more, Mimecast helps organizations stand strong in the face of cyberattacks, human error
and technical failure. Learn more: www.mimecast.com
Netskope is the leader in cloud security. We help the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control through one cloud-native interface, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. Netskope — smart cloud security. Learn more:
NopSec provides vulnerability risk prioritization, remediation, and automated IT security control measurement solutions to help businesses protect their IT environments from security breaches. The company’s flagship SaaS product, Unified VRM, utilizes passive analysis, active exploitation and contextual enrichment that enables security teams to visually forecast threat risk, and dramatically reduce the time to remediation of critical security vulnerabilities across infrastructure and applications. Learn more: www.nopsec.com
Proofpoint, Inc. (PFPT) is a leading cybersecurity company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint to mitigate their most critical security and compliance risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com
Vectra® is an artificial intelligence company transforming cybersecurity. Its Cognito platform is the fastest, most efficient way to detect and respond to cyberattacks, reducing security operations workload by 168X. Cognito performs real-time attack hunting by analyzing rich metadata from network traffic, relevant logs and cloud events to detect attacker behaviors within all cloud and data center workloads, and user and IoT devices. Cognito correlates threats, prioritizes hosts based on risk and provides rich context to empower response. Cognito integrates with endpoint, NAC, firewall security to automate containment, and provides a clear starting point for searches within SIEM and forensic tools. Learn more: vectra.ai
Zscaler enables organizations to securely transform their networks and applications for a mobile and cloud-first world. Zscaler cloud-delivered services securely connect users to their applications and cloud services, regardless of device, location, or network, while providing comprehensive threat prevention and a fast user experience. All without costly, complex gateway appliances. The integration with CrowdStrike empowers customers with best-in-class seamless protection and visibility across network and endpoint. Security policies are enforced more robustly and zero-day threats are detected and contained faster and more effectively. Learn more: zscaler.com
Anomali delivers earlier detection and identification of adversaries in your organizations network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. Learn more: www.anomali.com Anomali Joint Solution Brief
EclecticIQ helps organizations to turn cyber threat intelligence into business value through products built for cyber security professionals in threat intelligence, threat hunting, SOC, and Incident Response. EclecticIQ Platform is the analyst-centric threat intelligence platform based on STIX/TAXII that meet the full spectrum of intelligence needs. EclecticIQ Fusion Center enables the acquisition of thematic bundles of cyber threat intelligence from leading suppliers with a single contract. The company won Deloitte’s Technology FAST50 Rising Star Award for “Most Disruptive Innovator”. EclecticIQ is headquartered in Amsterdam, The Netherlands. Learn more: www.EclecticIQ.com
IID’s flagship product, ActiveTrust, adds clarity to cyberthreat intelligence by distilling threat data from thousands of trusted sources, and fusing it into actionable intelligence delivered to security professionals and automated infrastructure. Fortune 500 companies and U.S. Learn more: www.infoblox.com
King & Union
King & Union is outsmarting cyber adversaries by uniting security professionals and amplifying the power of the cybersecurity analyst. The company’s flagship product, Avalon, is a threat analytics platform built with collaboration at its core. Avalon provides a dynamic workspace where security operators and analysts can lean in, cut through the noise, and reduce the time to address threats from hours to minutes. The platform provides access to truly unique and exclusive data sources, automates repetitive workflows, and leverages real-time collaboration to deliver unparalleled insight and full context based on facts. Learn more: www.kingandunion.com
RiskIQ is the global leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, security teams, and CISOs, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action. Its software protects businesses, brands, and customers.
Secureworks®️ (NASDAQ: SCWX) is a technology-driven cybersecurity leader that protects organizations in the digitally connected world. Built on proprietary technologies and world-class threat intelligence, our applications and solutions help prevent, detect, and respond to cyber threats. Red Cloak™️ software brings advanced threat analytics to thousands of customers, and the Secureworks Counter Threat Platform™️ processes over 300B threat events per day. We understand complex security environments and are passionate about simplifying security with Defense in Concert™️ so that security becomes a business enabler. More than 4,000 customers across over 50 countries are protected by Secureworks, benefit from our network effect and are Collectively Smarter. Exponentially Safer.™️ Learn more: www.secureworks.com
Designed by analysts but built for the entire team (security operations, threat intelligence, incident response and security leadership), ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. Centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness in one place. To learn more about our threat intelligence platform (TIP) or security orchestration, automation, and response (SOAR) solutions, visit www.ThreatConnect.com
ThreatQuotient is an on-premise, vendor-agnostic threat intelligence management appliance that automates network defense workflows. Detect adversaries more quickly through streamlined threat intel lifecycles that automatically deploy to your enterprise. Learn more: www.threatq.com ThreatQuotient Joint Solution Brief
ThreatSTOP operationalizes threat intelligence to proactively block threats at the network layer. ThreatSTOP’s SaaS platform transforms real-time threat intelligence feeds into automatically updated network traffic policies that can be enforced by popular brands of firewalls, routers, DNS servers and more to prevent communication with malicious IP addresses and domains. Companies use ThreatSTOP to stop attacks before they become breaches by interrupting the ability for attackers to communicate with devices inside their network. Founded in 2009, ThreatSTOP has operationalized threat intelligence for over 800 customers in sectors such as finance, healthcare, technology, manufacturing, education and government. For more information, visit www.threatstop.com
D3 SOAR is the leading security orchestration and automation platform and the only solution to operationalize the MITRE ATT&CK framework for automated incident response. D3 SOAR integrates quickly and easily with your security stack and provides intelligent Kill Chain Playbooks that focus responders on critical threats and suspicious behaviors. Learn more: d3security.com
DFLabs is a recognized global leader in Security Automation and Orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milan, Italy. Learn more: www.dflabs.com
Your enterprise needs to move faster, but lack of process and legacy tools hold you back. Every day, thousands of customer requests, IT incidents, and HR cases follow their own paths—moving back and forth between people, machines and departments. Unstructured. Undocumented. Unimproved for years. With the ServiceNow® System of Action™ you can replace these unstructured work patterns of the past with intelligent workflows of the future. Now every employee, customer and machine can make requests on a single cloud platform. Every department working on these requests can assign and prioritize, collaborate, get down to root cause issues, gain real-time insights and drive to action. Your employees are energized. Your service levels improve. And you realize game-changing economics. Work at Lightspeed™. Learn more: www.servicenow.com
Siemplify, the leading independent security orchestration, automation and response (SOAR) provider, is redefining security operations for enterprises and MSSPs worldwide. The Siemplify platform is an intuitive workbench that enables security teams to manage their operations from end to end, respond to cyberthreats with speed and precision, and get smarter with every analyst interaction. Learn more: www.siemplify.co
Splunk Phantom automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating security operations. Focused on closing the security gap by enabling enterprise security operations to be smarter, faster and stronger; Phantom provides the flexibility to connect in-house and third-party systems into one consolidated, integrated and extensible platform. Learn more: www.splunk.com
Swimlane is an automated security operations and incident response platform leveraged by the Fortune 500 and US Federal Government agencies, enabling them to automatically triage, respond to and hunt for threats at machine speeds. The company’s Swimlane platform centralizes an organization’s security operations activities, automates incident resolution and integrates with threat intelligence. In addition, Swimlane provides security- specific business intelligence that boosts security performance and help executives, managers and analysts users make more informed decisions. Learn more: www.swimlane.com
Syncurity, synchronized security, is the force behind IR-Flow a rapidly deployable cybersecurity incident response solution. Our virtual SOC is scalable from small business to full enterprise deployments, Syncurity IR-Flow helps security professionals streamline their operations and transition to a collaborative incident response process tailored to their unique operating environment. Learn more: www.syncurity.net
Provide your clients threat intelligence and advanced security tools and expertise to defeat adversaries.
Leverage CrowdStrike's platform to develop monitored, managed and packaged services.
Deliver valuable and innovative security solutions and services that scale fast.
Interested in becoming a CrowdStrike Elevate Partner? Contact us for more information.