CrowdStrike – Digital IT News

Cohesity Integrates with Crowdstrike to Level the Playing Field

Taylor Graham — Thu, 12 Sep 2024 14:00:51 +0000

Cohesity announced an expanded strategic partnership with CrowdStrike to enhance threat detection and response. This collaboration integrates Cohesity’s advanced data protection with CrowdStrike’s leading threat intelligence, establishing a new benchmark for comprehensive cybersecurity in backup and recovery solutions.

According to CrowdStrike’s 2024 Global Threat Report, adversaries have shifted to more effective tactics, such as credential harvesting and exploiting vulnerabilities, bypassing legacy defenses while using AI and other advanced technologies to rapidly evolve their techniques. Through the latest integration between Cohesity Data Cloud with CrowdStrike Falcon Adversary Intelligence, the partnership is leveling the playing field against sophisticated cyber threats.

Cohesity’s data protection solution, combined with CrowdStrike’s industry-leading threat intel feeds, which tracks over 250 adversaries and incorporates indicators of compromise (IOCs), enables mutual customers to identify the latest threats in their backup copies with higher fidelity and accuracy. The powerful combination offers greater visibility into the attack by providing the latest intelligence on emerging threats while minimizing the attackers’ advantages. Threat hunting on Cohesity backup copies allows customers to investigate stealthily and passively so that adversaries or containment or response activities do not impact investigations.

By implementing Cohesity’s clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment.

“Elevating your organization’s threat detection and response is crucial in today’s threat environment, especially with AI at the disposal of cyber adversaries,” said Craig Martell, Chief Technology Officer, Cohesity. “Secondary data estates offer a perfect opportunity for minimizing attackers’ advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and automate defenses across their security stack.”

Cohesity is focused on bringing together the best of the security industry, allowing customers to choose the right solutions for them without sacrificing functionality or adding complexity. This flexibility allows for a more tailored security posture that can adapt to emerging threats and changes in the IT environment.

“Our continued partnership with Cohesity and latest joint efforts reflect our shared commitment to cyber resilience,” said Daniel Bernard, chief business officer, CrowdStrike. “To stay ahead, enterprises benefit from streamlining threat intelligence and response efforts while also harnessing their vast secondary data to gain security insights. This integration provides the technology and intelligence they need to reduce risk.”

By partnering with industry leaders like CrowdStrike, Cohesity solutions can better safeguard organizations’ digital assets in today’s dynamic threat environment. For more information on this new Cohesity integration with CrowdStrike, visit the website here.

How to Prevent a CrowdStrike IT Outage Repeat

The post Cohesity Integrates with Crowdstrike to Level the Playing Field appeared first on Digital IT News.

Braden Russell Named Bugcrowd’s Chief Product Officer

Taylor Graham — Tue, 27 Aug 2024 18:00:51 +0000

Bugcrowd announced the appointment of Braden Russell as Chief Product Officer. Russell previously served as Chief Technology Officer for CrowdStrike’s Falcon Platform and Next-Gen Security Information and Event Management (SIEM) solution, where he also led the vision and strategy for the company’s first Security Cloud. His arrival coincides with significant momentum at Bugcrowd, marked by ongoing innovations in pen testing and attack surface management.

“I am thrilled to join the Bugcrowd team at such an exciting time in the company’s growth,” said Braden Russell, Chief Product Officer, Bugcrowd. “Bugcrowd’s mission to harness the power of the global hacker community aligns perfectly with my passion for innovation and cybersecurity, and I’m eager to work alongside such a talented group of individuals as we continue to scale, innovate, and deliver cutting-edge security solutions that make a real impact. Together, we’ll push the boundaries of what’s possible in crowdsourced security and drive forward Bugcrowd’s vision for making the internet safer.”

Prior to CrowdStrike, Russell held leadership positions at Foundstone, McAfee, Intel Security, and Cylance. In his new role leading Bugcrowd’s fast growing product portfolio, Russell will assume responsibility for all R&D groups within the company, including Product, Engineering, Infrastructure, and Data Science, reporting directly to Chief Executive Officer Dave Gerry.

Russell is joining Bugcrowd as the company is experiencing a wave of product and channel momentum in the first half of 2024, beginning with its major $102 million funding round. Since then, over 130 new customers joined the Bugcrowd Platform, including Google, New Relic, OpenSea, KuCoin, bringing the total number of customers to over 1,200. The company also saw unprecedented growth in the channel, including the launch of its CrowdConnect program in January with over 100% growth in channel-led business.

“As we continue to rapidly accelerate, drive innovation on our platform, and plan additional acquisitions, it became clear that we needed a leader with the experience of scaling large SaaS platforms to hundreds of millions in revenue,” said Dave Gerry, CEO of Bugcrowd. “Braden is a cybersecurity leader with 20 years of both strategic and technical experience. I’m eager to work closely with him as we continue our rapid momentum alongside customers, hackers, and partners.”

The company’s product portfolio saw significant innovations in 2024. Some top milestones include an acquisition of UK-based attack surface management provider Informer in May, resulting in the subsequent launch of Bugcrowd’s Continuous Attack Surface Penetration Testing solution on its AI-powered crowdsourced platform. Along with many new product launches and collaborations with global partners and resellers, Bugcrowd launched its AI Bias Assessment for Large Language Models and its AI Powered Pentesting, both within the first half of 2024. In addition, Google selected Bugcrowd as its new payment platform as the tech behemoth sought to improve the scale and speed of payments to its bug hunters.

Read this blog to learn more about Braden Russell and his vision for Bugcrowd’s growth.

Bugcrowd AI Pen Tests Introduced to Improve Confidence in AI Adoption

The post Braden Russell Named Bugcrowd’s Chief Product Officer appeared first on Digital IT News.

How to Prevent a CrowdStrike IT Outage Repeat

Taylor Graham — Wed, 14 Aug 2024 13:00:37 +0000

A CrowdStrike software issue caused widespread problems with its Falcon Sensor product. This IT outage caused by a content update affected millions of Windows hosts across multiple industries worldwide.

Let’s talk about the cause of the CrowdStrike issue, what unscathed companies did right, and what professionals have to say about preventing this from happening again.

What Caused the Software Issue: Lax Software Testing Processes or More?

Many believe adequate software testing would have prevented this catastrophe. However, others have concluded that multiple layers of bugs caused the issue, which is more difficult to catch in a fully automated testing system.

Even testing for one minute would have discovered these issues …In my mind, that one minute of testing would have been acceptable. – Kyler Middleton, senior principal software engineer at Veradigm

Testing continues to be a significant point of friction [in application development]…Software quality governance requires automation with agile, continuous quality initiatives in the face of constrained QA staff and increasing software complexity…Software testing, both for security and quality, appears to be among the most promising uses for generative AI in other IDC surveys…I am hopeful that the next few years will see improvements in these statistics…However, AI can’t fix the lack of or failure to follow policy and procedures. – IDC analyst Katie Norton

The CrowdStrike flaw was caused by multiple layers of bugs. That includes a content validator software testing tool that should have detected the flaw in the Rapid Release Content configuration template — an indirect method that, in theory, poses less of a risk of causing a system crash than updates to system files themselves …This is a challenge in fully automated systems because they, too, rely on software to progress releases from development through delivery … If there’s a bug in the software somewhere in that CI/CD pipeline … it can lead to a situation like this. So to discover the testing bug in an automated way, you’d have to test the tests. But that’s software, too, so you’d have to test the test that tests the tests and so on. – Gabe Knuth, analyst at TechTarget’s Enterprise Strategy Group.

How Some Companies Went Unscathed

Not every company that got the blue screen of death had to shut down. Some had procedures in place that helped them recover relatively quickly.

We’ve really focused on business continuity, redundancies, safety nets, and understanding of the difference between cybersecurity as a task and cybersecurity as a cultural commitment of your organization…It’s a validation of our investments while so many of our peers were languishing…The redundancies are numerous…They’re not necessarily terribly sophisticated, but we have literally gone through and said, ‘What are the critical systems of our organization? What is the interplay between them? And if it comes crashing down, what is the plan?’…The reality for cybersecurity and business continuity is the work [must be]done well ahead of the disaster. It has to be part of the fabric of your company, like compliances, like customer service…It’s hard to celebrate cybersecurity—except for the days when you’re the only ones not sweating it. – Andrew Molosky, president and CEO of Tampa-based Chapters Health System

Professionals Input on Preventing A Repeat

Everyone wants to avoid a repeat. Below is some advice from professionals on preventing this from happening again.

Phased Check-ins on Endpoint Health

I’m incredibly surprised, even though they call it ‘Rapid Response,’ that [CrowdStrike] doesn’t have some phased approach that allows them to check in on the health of the endpoints that have been deployed … Even with some logical order of customer criticality, they could have circuit breakers to stop a deployment early that they see causes health issues. For example, don’t [update]airlines until your confidence level is higher from seeing the health of endpoints from other customers. – Andy Domeier, senior director of technology at SPS Commerce

Move Away from Auto-deploying Kernel Module Updates

It is absolutely irresponsible to auto-deploy a kernel module update globally without a health-mediated process or, at least, a recovery path at a lower level of the control plane … Something that remains functional even if the OS deployed on top crashes. – David Strauss, co-founder and CTO at Pantheon

Eliminate Unmanageable Endpoint Complexity

The Windows endpoint environment has reached the point of unmanageable complexity. A steady stream of updates and layering of security features has created a web of complexity that is difficult to manage or fix and therefore promotes risk. Moving Windows to the cloud and replacing the endpoint with a secure by design operating system, such as IGEL OS, can simplify management through centralization and aid in recovery should an outage or breach occur saving millions of dollars in lost productivity. We have grown somewhat numb to the steady stream of data breaches. This latest incident of the shepherd turning on the metaphorical sheep it was protecting highlights that we must consider approaching this problem differently. The move to Windows 11 and the opportunity for cloud transformation, along with the proliferation of SaaS, are proven technologies that can enable a much more secure endpoint strategy. – Jason Mafera, Field CTO at IGEL

Platform, People and Process in Software Testing

It’s not sufficient to just have a great software platform. It’s not sufficient to have highly enabled developers. It’s also not sufficient to just have predefined workflows and governance. All three of those have to come together – Dan Rogers, CEO at LaunchDarkly

Balance Security With Tight Deadlines

What you don’t want to have happen now is that you’re so worried about making software changes that you have a very long and protracted testing cycle and you end up stifling software innovation – Dan Rogers, CEO at LaunchDarkly

Security News

The post How to Prevent a CrowdStrike IT Outage Repeat appeared first on Digital IT News.

Armis and CrowdStrike Strengthen Security Posture Across IoT and OT Environments

Taylor Graham — Fri, 06 Oct 2023 13:00:42 +0000

Armis announced two new integrations with CrowdStrike to help organizations strengthen their security posture across their Internet of Things (IoT) and operational technology (OT) environments. The new integrations will provide organizations with comprehensive cyber exposure management capabilities and real-time actionable asset intelligence to see, secure, protect, and manage threats across their entire extended attack surface.

With the convergence of IT and OT, it is more important than ever that security teams secure their critical infrastructure systems by collecting and leveraging asset-specific context to drive tailored extended Internet of Things (XIoT) threat prevention policy and high-fidelity detections.

Through this new partnership between Armis and CrowdStrike, customers can now use CrowdStrike Falcon Insight for IoT along with Armis Centrix to get:

Comprehensive asset intelligence into all managed and unmanaged IT and IoT/OT devices across any environment and vertical
Automatic, prioritized device vulnerability and risk assessments for IoT/OT assets
Enhanced threat detection and mitigation for mission-critical IoT/OT assets

Armis also announced that the company is leveraging CrowdStrike Falcon LogScale, a next-generation SIEM with lightning fast search and custom dashboards, to provide customers the ability to quickly and seamlessly gain deeper IoT/OT security insights from data generated by Armis for unmanaged devices.

“The number of assets connected to business networks is growing at an exponential rate, expanding organizations’ attack surfaces and making it increasingly difficult for security teams to manage threats,” said Nadir Izrael, CTO and Co-Founder, Armis. “It’s crucial that global organizations across sectors be empowered with real-time, contextual insights to effectively mitigate risk. Together, Armis and CrowdStrike are helping customers to manage cyber risk exposure and protect the entire attack surface, keeping them safe and secure.”

“Our mission is to stop breaches from happening anywhere, and this expanded partnership with Armis ensures customers stay ahead of the rapidly evolving threat environment,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “By combining the unparalleled capabilities of both of our platforms, organizations of all sizes benefit immediately from powerful industry-leading AI-generated insights that enable their security teams to proactively protect their IoT/OT assets and swiftly remediate potential risks.”

For more information about the Armis and CrowdStrike integration, read the solution brief HERE.

Armis Centrix is available for purchase in the CrowdStrike Marketplace, a one-stop destination and world-class ecosystem of third party security products.

Armis is a member of the CrowdStrike CrowdXDR Alliance, a unified and open Extended Detection and Response (XDR) coalition formed with security and IT operations leaders and best-of-breed solutions. Learn more HERE.

Partners Xcitium and AVANT Join Cybersecurity Channel Forces

The post Armis and CrowdStrike Strengthen Security Posture Across IoT and OT Environments appeared first on Digital IT News.

Lookout Mobile Endpoint Security Available on CrowdStrike Marketplace

Taylor Graham — Mon, 18 Sep 2023 13:30:49 +0000

Lookout, Inc. announced the availability of Lookout Mobile Endpoint Security to CrowdStrike channel partners and customers via the CrowdStrike Marketplace. As part of CrowdStrike’s world-class ecosystem of compatible solutions from trusted partners, Lookout will be the first mobile threat defense solution in the CrowdStrike Marketplace.

While remote work is becoming the new normal for businesses around the world, many struggle to secure an increasingly mobile-centric environment. According to The Global State of Mobile Phishing Report published by Lookout, 2022 saw the highest mobile phishing encounter rate ever, with more than 50% of personal devices exposed to a mobile phishing attack. Lookout estimates the potential annual financial impact of a mobile phishing attack on an organization of 5,000 employees is nearly $4 million. These alarming statistics scream for the need of Lookout Mobile Endpoint Security.

Lookout Mobile Endpoint Security provides visibility into mobile threats and state-sponsored spyware, while protecting against mobile phishing and credential theft. The platform analyzes telemetry from more than 215 million devices, 269 million apps, and millions of web destinations to uncover hundreds of phishing domains each day.

“With the CrowdStrike Marketplace, we make it easy for customers to have flexibility and choice through integrations with best-of-breed security products into the CrowdStrike Falcon® platform,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Lookout’s Mobile Endpoint Security is a great example of an innovative partner security solution that addresses the critical security challenges that organizations face when employees connect their mobile devices to corporate networks.”

“The rapidly evolving threat landscape calls for a collaborative approach that brings together best-in-class solutions to secure the new hybrid workforce,” said Jim Dolce, Lookout CEO. “Being listed in the CrowdStrike Marketplace is a great opportunity for organizations to directly procure Lookout’s advanced mobile security solution to help execute a comprehensive security strategy.”

Lookout at CrowdStrike Fal.Con 2023

Lookout will join CrowdStrike and thousands of cybersecurity’s best as a Platinum sponsor of CrowdStrike Fal.Con 2023 at Caesars Palace in Las Vegas.

Attendees are invited to witness firsthand why Lookout Mobile Endpoint Security is the industry’s most advanced mobile threat defense platform.

Justin Albrecht, Lookout Director of Mobile Threat Intelligence, will host a speaking session titled “Phishing Tricks and Zero Clicks: Tracking Mobile Threats.” This session will shed light on the importance of viewing mobile devices as endpoints requiring protection, sharing trends, and reporting on mobile threats while offering unique insights into Lookout’s intelligence on APT activity targeting this often overlooked sector.

To access Lookout Mobile Endpoint Security on the CrowdStrike Marketplace, click HERE. To learn more about the Lookout Mobile Endpoint Security platform, visit the website HERE.

Lookout Global State of Mobile Phishing Report Released

The post Lookout Mobile Endpoint Security Available on CrowdStrike Marketplace appeared first on Digital IT News.