Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

5/18/2021
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CrowdStrike Falcon Fusion Streamlines Security Operation Center With Automated Workflows

New cloud-scale framework provides customizable and easy-to-use custom automation to simplify enterprise security workflows.

SUNNYVALE, Calif. – May 17, 2021 – CrowdStrike, a leader in cloud-delivered endpoint protection and workload protection, today announced Falcon Fusion, a unified and extensible framework purpose-built on the CrowdStrike Falcon® platform to orchestrate and automate complex workflows improving security operation center (SOC) efficiency. Falcon Fusion leverages the power of the CrowdStrike Security Cloud and relevant contextual insights across endpoints, identities, and workloads, in addition to telemetry from partner applications via the CrowdStrike Store, to improve SOC and IT efficiency and agility for enterprise customers.

With CrowdStrike Falcon Fusion, enterprise customers can meet the 1-10-60 challenge – 1 minute to identify a breach, 10 minutes to investigate, and 60 minutes to remediate – by streamlining incident investigation, response and remediation capabilities with repeatable and consistent workflows, which helps security teams get the right coverage with accuracy and speed. SOC analysts can define real-time active response workflows using an intuitive graphical user interface, along with customizable triggers based on detection and incident categories. This enables SOC teams to dramatically improve the overall efficiency of their workflows, providing them the necessary context to mitigate security risks to their organizations more quickly and effectively than ever.

“Our customers are dealing with expanding attack surfaces across multi-cloud environments and distributed workforces, making it increasingly burdensome for security teams to sift through an ever-growing number of alerts and continue to keep their business secure,” said Amol Kulkarni, chief product officer of CrowdStrike. “We built Falcon Fusion to provide our customers with rich contextual insights and valuable customization to not only meet their immediate needs but also deploy repeatable workflows at scale. Falcon Fusion combines CrowdStrike’s Security Cloud comprehensive visibility across all business entities with the powerful incident response capabilities delivered by the lightweight Falcon agent to automate and simplify complex SOC workflows.”

Key features of Falcon Fusion include: 

  • Orchestrate and automate complex workflows: Build consistent and customizable workflows using intuitive no-code logic or custom code options for faster active response – all without leaving the console. 
  • Simplify security operations: Easy-to-use automation of workflows reduces the need to switch between different security tools and tasks and improves the efficiency of security team operations, allowing them to focus on more business critical strategic tasks. 
  • Accelerate incident triaging and real-time response: Speed-up incident triaging and incident response by configuring custom actions and notifications based on contextual insights from managed workloads and endpoints, resulting in reduced mean time to respond and remediate threats. 
  • Cut costs and resources: Free up skilled resources and improve cost efficiency by building and scaling workflows on demand employing no-code automation to create repeatable and reliable processes.
  • Build powerful open ecosystem: Seamlessly deploy partner applications from the CrowdStrike Store to bring in additional telemetry to enrich their detection and response logic to further enhance security and IT operations. 

For more information about Falcon Fusion and CrowdStrike’s announcements at RSA 2021, visit the CrowdStrike blog, and tune in to Amol’s talk at RSA 2021: Sponsor Briefing Modernize your SOC with CrowdStrike Security Cloud.

Forward-Looking Statements

This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding the performance and benefits of CrowdStrike’s Falcon Fusion product. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release.

You should not rely on these forward-looking statements, as actual outcomes and results may differ materially from those anticipated or implied by these forward-looking statements as a result of such risks and uncertainties. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

About CrowdStrike

CrowdStrike, a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates over 5 trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security.

With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.

There’s only one thing to remember about CrowdStrike: We stop breaches.

Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.

Learn more: https://www.crowdstrike.com/

 

© 2021 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries.  CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31618
PUBLISHED: 2021-06-15
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why...
CVE-2021-20027
PUBLISHED: 2021-06-14
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.
CVE-2021-32684
PUBLISHED: 2021-06-14
magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec, an...
CVE-2021-34693
PUBLISHED: 2021-06-14
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-27887
PUBLISHED: 2021-06-14
Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim’s browser. This issue affects: Hitachi ABB Power Grids ...