Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/5/2019
09:30 AM
Dark Reading Staff
Dark Reading Staff
Products and Releases
50%
50%

CounterFlow AI and CrowdStrike Partner to Help Companies Accelerate Threat Detection and Response

CHARLOTTESVILLE, VA- November 4, 2019 – CounterFlow AI, the first security provider to deliver AIOps for network forensics, today announced a new partnership with CrowdStrike®, a leader in cloud-delivered endpoint protection, to accelerate threat detection and response  for enterprise security teams. Through this partnership, CounterFlow AI is enhancing its purpose-built machine learning engine (MLE) with CrowdStrike’s Falcon X, enabling security teams to better prevent future attacks.

Organizations want greater data fidelity from threat insights gained from their networks’ endpoints without creating an unwieldy security stack or larger data storage footprint. CounterFlow AI’s integration with CrowdStrike gives security teams an automated way to assess streaming network data with real-time contextualized threat intelligence and the assurance they record only the data with high investigative value. It alerts customers with detailed Indicators of Compromise (IoCs), such as domain and IP information, to help security teams more quickly detect existing threats and perform incident investigations more effectively.

CounterFlow AI’s ThreatEye® AIOps platform for network forensics enables intelligent packet capture and network intelligence. Designed for hybrid cloud deployments, ThreatEye brings together full packet capture, machine learning, and visualization to provide timely and actionable insights. Unlike many network traffic analysis (NTA) solutions built on proprietary, black-box architecture, ThreatEye is an open, scalable, platform designed for SOC analysts who want the flexibility to create a customized packet capture and more intelligent foundation for incident response and threat hunting, easy integration with existing workflows and the explainability to keep the “human-in-the-loop”. CounterFlow AI’s open platform integrates seamlessly with the cloud-native intelligent, single-agent platform that is CrowdStrike Falcon®. CrowdStrike’s unique approach enables frictionless deployment at scale to stream high-fidelity data to the cloud, equipping customers with prioritized threat analysis and response.

 “We are ushering in the next era of network forensics that helps organizations increase the signal-to-noise ratio of their network data. That requires best-in-class threat intelligence, and there is no better firm who possesses the quality and scale of capabilities than CrowdStrike,” said Randy Caldejon, co-founder and chief executive officer, CounterFlow AI. “Together, we’re helping security teams start investigations sooner and from a more confident jumping off point.”

CrowdStrike is a leading endpoint security company that helps organizations around the world stop major breaches. The CrowdStrike Falcon platform integrates 10 cloud modules that span multiple capabilities, including next-generation endpoint protection, security operations, IT hygiene, and threat intelligence to deliver comprehensive breach protection against today’s sophisticated attacks. CrowdStrike’s Threat Graph® technology processes, correlates, and analyzes over two trillion endpoint-related events per week and continuously looks for malicious activity with graph analytics powered by cloud-scale AI. This creates a powerful network of crowdsourced intelligence that provides actionable insights to customers. The platform enables intelligent, dynamic automation at scale to detect threats and stop breaches.  

Recently, CrowdStrike was positioned by Gartner, Inc. in the Leaders Quadrant of the Magic Quadrant for Endpoint Protection Platforms. The report, which evaluates vendors based on completeness of vision and ability to execute, positioned CrowdStrike furthest for completeness of vision in the entire Magic Quadrant.[i]

“We’re thrilled to partner with a firm like CounterFlow AI, who is introducing a more intuitive way to approach packet capture and eliminate the time-consuming activities that have historically been associated with it,” said Amol Kulkarni, chief product officer, CrowdStrike. “By integrating the benefits of CrowdStrike Falcon with CounterFlow AI ThreatEye, we are offering customers contextualized threat intelligence to help enable security teams to move from a reactive state to a proactive one. This powerful combination delivers a more efficient way to help organizations conduct investigations, including the critical intelligence necessary to get ahead of known and unknown threats.”

For more information, visit https://counterflow.ai/.

Additional resources:

Follow CounterFlow AI on Twitter

Follow CounterFlow AI on LinkedIn

 

[i] Gartner Magic Quadrant for Endpoint Protection Platforms by Peter Firstbrook, Dionisio Zumerle, Prateek Bhajanka, Lawrence Pingree, Paul Webber, 20 August 2019.

Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About CounterFlow AI

CounterFlow AI is a cybersecurity software company offering an AIOps platform for network forensics. The flagship product, ThreatEye®, integrates advanced security technologies into a streaming machine learning pipeline to identify network faults, anomalies and threats at wire speed. ThreatEye® is built for hybrid cloud deployments to easily extend customer network and security operations.

For more information, visit www.counterflow.ai

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5421
PUBLISHED: 2020-09-19
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
CVE-2020-8225
PUBLISHED: 2020-09-18
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
CVE-2020-8237
PUBLISHED: 2020-09-18
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVE-2020-8245
PUBLISHED: 2020-09-18
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11....
CVE-2020-8246
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...