Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/5/2019
09:30 AM
Dark Reading Staff
Dark Reading Staff
Products and Releases
50%
50%

CounterFlow AI and CrowdStrike Partner to Help Companies Accelerate Threat Detection and Response

CHARLOTTESVILLE, VA- November 4, 2019 – CounterFlow AI, the first security provider to deliver AIOps for network forensics, today announced a new partnership with CrowdStrike®, a leader in cloud-delivered endpoint protection, to accelerate threat detection and response  for enterprise security teams. Through this partnership, CounterFlow AI is enhancing its purpose-built machine learning engine (MLE) with CrowdStrike’s Falcon X, enabling security teams to better prevent future attacks.

Organizations want greater data fidelity from threat insights gained from their networks’ endpoints without creating an unwieldy security stack or larger data storage footprint. CounterFlow AI’s integration with CrowdStrike gives security teams an automated way to assess streaming network data with real-time contextualized threat intelligence and the assurance they record only the data with high investigative value. It alerts customers with detailed Indicators of Compromise (IoCs), such as domain and IP information, to help security teams more quickly detect existing threats and perform incident investigations more effectively.

CounterFlow AI’s ThreatEye® AIOps platform for network forensics enables intelligent packet capture and network intelligence. Designed for hybrid cloud deployments, ThreatEye brings together full packet capture, machine learning, and visualization to provide timely and actionable insights. Unlike many network traffic analysis (NTA) solutions built on proprietary, black-box architecture, ThreatEye is an open, scalable, platform designed for SOC analysts who want the flexibility to create a customized packet capture and more intelligent foundation for incident response and threat hunting, easy integration with existing workflows and the explainability to keep the “human-in-the-loop”. CounterFlow AI’s open platform integrates seamlessly with the cloud-native intelligent, single-agent platform that is CrowdStrike Falcon®. CrowdStrike’s unique approach enables frictionless deployment at scale to stream high-fidelity data to the cloud, equipping customers with prioritized threat analysis and response.

 “We are ushering in the next era of network forensics that helps organizations increase the signal-to-noise ratio of their network data. That requires best-in-class threat intelligence, and there is no better firm who possesses the quality and scale of capabilities than CrowdStrike,” said Randy Caldejon, co-founder and chief executive officer, CounterFlow AI. “Together, we’re helping security teams start investigations sooner and from a more confident jumping off point.”

CrowdStrike is a leading endpoint security company that helps organizations around the world stop major breaches. The CrowdStrike Falcon platform integrates 10 cloud modules that span multiple capabilities, including next-generation endpoint protection, security operations, IT hygiene, and threat intelligence to deliver comprehensive breach protection against today’s sophisticated attacks. CrowdStrike’s Threat Graph® technology processes, correlates, and analyzes over two trillion endpoint-related events per week and continuously looks for malicious activity with graph analytics powered by cloud-scale AI. This creates a powerful network of crowdsourced intelligence that provides actionable insights to customers. The platform enables intelligent, dynamic automation at scale to detect threats and stop breaches.  

Recently, CrowdStrike was positioned by Gartner, Inc. in the Leaders Quadrant of the Magic Quadrant for Endpoint Protection Platforms. The report, which evaluates vendors based on completeness of vision and ability to execute, positioned CrowdStrike furthest for completeness of vision in the entire Magic Quadrant.[i]

“We’re thrilled to partner with a firm like CounterFlow AI, who is introducing a more intuitive way to approach packet capture and eliminate the time-consuming activities that have historically been associated with it,” said Amol Kulkarni, chief product officer, CrowdStrike. “By integrating the benefits of CrowdStrike Falcon with CounterFlow AI ThreatEye, we are offering customers contextualized threat intelligence to help enable security teams to move from a reactive state to a proactive one. This powerful combination delivers a more efficient way to help organizations conduct investigations, including the critical intelligence necessary to get ahead of known and unknown threats.”

For more information, visit https://counterflow.ai/.

Additional resources:

Follow CounterFlow AI on Twitter

Follow CounterFlow AI on LinkedIn

 

[i] Gartner Magic Quadrant for Endpoint Protection Platforms by Peter Firstbrook, Dionisio Zumerle, Prateek Bhajanka, Lawrence Pingree, Paul Webber, 20 August 2019.

Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About CounterFlow AI

CounterFlow AI is a cybersecurity software company offering an AIOps platform for network forensics. The flagship product, ThreatEye®, integrates advanced security technologies into a streaming machine learning pipeline to identify network faults, anomalies and threats at wire speed. ThreatEye® is built for hybrid cloud deployments to easily extend customer network and security operations.

For more information, visit www.counterflow.ai

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Palo Alto Networks to Buy CloudGenix for $420M
Dark Reading Staff 3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5300
PUBLISHED: 2020-04-06
In Hydra (an OAuth2 Server and OpenID Certifiedâ„¢ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique identifier for the t...
CVE-2019-19699
PUBLISHED: 2020-04-06
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. To e...
CVE-2020-11102
PUBLISHED: 2020-04-06
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
CVE-2020-11507
PUBLISHED: 2020-04-06
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded.
CVE-2020-11544
PUBLISHED: 2020-04-06
An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for...