If you follow the SD-WAN market you know that there is a move towards SASE or secure access service edge with the idea being securing applications from the cloud to the edge. This is what we thought of when we learned cybersecurity companies ExtraHop and CrowdStrike have a new integration between ExtraHop Reveal(x) and CrowdStrike Falcon, marrying cloud-native detection and response capabilities to provide protection from the network to the endpoint.
As businesses and government agencies have transitioned employees to remote work and moved more of their operations off-premises, it exposed gaps in availability, access, and security. Adversaries around the world quickly took advantage of the chaos, exploiting misconfigured remote desktop protocol vulnerabilities and ramping up phishing scams. With cloud adoption surging and a major spike in the use of personal computing devices for work, it is more critical than ever for organizations to maintain a clear picture of managed and unmanaged devices on their network, as well as determine which are being adequately monitored and secured.
The integration between ExtraHop Reveal(x) and CrowdStrike Falcon merges complete network visibility, machine learning behavioral threat detection and real-time decryption of SSL / TLS sessions to extract de-identified metadata for analysis. This approach provides joint customers with powerful endpoint security and instant remediation of threats.
- Real-time Detection: The integration allows security teams to rapidly detect threats observed on the network such as network privilege escalation, lateral movement, suspicious VPN connections, data exfiltration and more. It also helps thwart those occurring on the endpoint, including ransomware, local file enumeration, directory traversal, and code execution. This provides complete coverage across the entire attack surface.
- Instant Response: When Reveal(x) detects urgent threats it notifies the Falcon platform to contain the impacted devices so analysts can rapidly investigate and resolve threats. This cuts off access to network resources and endpoints before a security incident can turn into a breach.
- Continuous Endpoint Visibility: With automatic discovery and device classification, Reveal(x) continuously updates and maintains a list of devices impacted by threats, even on devices where the CrowdStrike agent is not yet present. This alerts CrowdStrike customers to newly connected and potentially compromised devices that need instrumentation for device-level visibility. It also extends edge visibility to include IoT, (bring your own device) BYOD, and devices incompatible with agents.
We think this is a great move by both companies as hackers are increasingly probing for weakness in the holes enterprises have left as their network evolve to cloud and multicloud. The collaboration means customers have one less thing to worry about.
This Event has been called the BEST SHOW in 5 YEARS and the Best TECHNOLOGY EVENT of 2020.
2020 participants included: Amazon, Cisco, Google, IBM, ClearlyIP, Avaya, Vonage, 8×8, Comcast Business, BlueJeans, CoreDial, Dell, Edify, Epygi, FreeSWITCH, Grandstream, Granite, Intrado, Frontier Business, Fujitsu, Jenne, West, Konftel, Intelisys, Martello, NetSapiens, OOMA, Oracle, OpenVox, Peerless Network, Phone Sentry, Phone.com, Poly, QuestBlue, RingByName, Sangoma, SingTel, SkySwitch, Spracht, Spectrum, Sprint, Tallac, Tech Data, Telarus, TCG, Teledynamics, Teli, Telinta, Telispire, Telstra, TransNexus, Unified Office, Vital PBX, VoIP Supply, Voxbone, VoIP.MS, Windstream, XCALY, XORCOM, Yealink, Yubox, and ZYCOO. Full List.
Join 8K others with $25B+ in IT buying power who plan 2021 budgets! Including 3,500+ resellers!
June 22-25, 2021, Miami Register now and you could win a Tesla on Feb 12th.