The company has added key strategic partners to the CrowdXDR Alliance.
This week Crowdstrike made two important announcements. First, they introduced Humio for Falcon, a new capability that extends data retention of CrowdStrike Falcon telemetry for up to one year or longer, enhancing threat analytics and threat hunting abilities for organizations while helping them meet compliance requirements.
Humio for Falcon brings together an industry-leading security platform in CrowdStrike Falcon, with the powerful search capabilities of CrowdStrike’s centralized logging offering, Humio. The new capability gives security teams the ability to store security and IT telemetry from the Falcon platform, which is enriched and contextualized across endpoints, workloads and identities to address the challenge of operationalizing the ever-growing volumes of data. Humio for Falcon helps security teams analyze and act on all data – both real-time and historical data – in their environment. With longer data retention due to advanced compression of ingested data, security teams can uncover and detect potential threats within their environments with deep, contextual analytics and sub-second search results at any scale through a modern, index-free architecture.
Helping customers choose their best XDR approach
The second big announcement concerned the company’s CrowdXDR Alliance, what Crowdstrike calls a “first-of-its-kind technology ecosystem”. Specifically, they expanded the CrowdXDR Alliance to include key strategic partners across web and email security (Menlo Security), identity and access management (Ping Identity) and network detection and response (Vectra AI).
CrowdStrike also introduced new capabilities for the Falcon XDR (Extended Detection and Response) module to speed up detections for security teams, including an integration with ServiceNow, an existing CrowdXDR Alliance partner, to dramatically simplify security operations workflows with automated ticket creation.
“CrowdStrike continues to bring together the best of both open and native approaches to XDR,” said Michael Sentonas, chief technology officer at CrowdStrike. “For organizations seeking an open approach, we continue to expand third-party support for the CrowdXDR Alliance, which is delivering a standardized schema for data sharing to enrich XDR detections,” he said.
“Ultimately, we are offering a solution that allows customers to choose an XDR approach that best fits their needs.”