Members including Google Cloud, Okta, ServiceNow, Zscaler and others join forces to establish a shared schema for XDR data exchange, providing customers with an integrated, best-of-platform approach to XDR
Fal.Con 2021--CrowdStrike Inc., (NASDAQ: CRWD), a leader in cloud-delivered endpoint and workload protection, today announced the CrowdXDR Alliance, a unified and open Extended Detection and Response (XDR) coalition formed with security and IT operations leaders and best-of-breed solutions. The CrowdXDR Alliance will offer first-of-its-kind, integrated solutions for joint customers to protect their organizations from sophisticated cyber adversaries in a rapidly evolving threat landscape.
“The CrowdXDR Alliance will move XDR beyond just another buzzword and help customers truly embrace a best-of-platform approach to enterprise-wide security. Organizations don’t need more security alerts, they need the most relevant insights across their security stack to stop complex attacks and prevent breaches,” said George Kurtz, chief executive officer of CrowdStrike. “Through this alliance, we will enable an out-of-the-box integrated XDR solution with real-time detections and threat hunting across all domains and extend comprehensive visibility, protection and control across all environments.”
The lack of standards for data sharing across security platforms creates gaps in investigations and threat hunting. The CrowdXDR Alliance will establish a shared schema for data exchange to enrich EDR data with the most relevant, vendor-specific security telemetry. Together, CrowdStrike and the CrowdXDR Alliance partners will endeavor to deliver:
- Extended detection and response across an integrated security stack: Joint customers will benefit from optimized real-time threat detection, investigation, response and hunting through the seamless ingestion and correlation of relevant telemetry to stop the most sophisticated of attackers and novel threats.
- Unparalleled security efficiency and efficacy: Intelligently process telemetry from multiple sources at scale and speed to deliver actionable security insights and accelerated cross-domain investigations to customers in real-time, reducing time to remediate.
- Defense in depth with shared telemetry: Establish and support a standardized XDR schema to share relevant telemetry and accelerate incident response with contextually enriched detections, more effective correlations, timely investigations and automated responses - designed to optimize organizations’ security posture.
- Streamlined operational efficiencies: Simplify deployment by tightly integrating customer’s existing solutions and building a cohesive and more effective cybersecurity stack, designed to stop cyberattacks anywhere in their environment.
The CrowdXDR Alliance launch partners include leaders from security and IT industries spanning cloud, web, email, identity, network, OT and IT operations. Current members of the Alliance include Google Cloud, Okta, ServiceNow, Zscaler, Netskope, Proofpoint, Extrahop, Mimecast, Claroty and Corelight.
According to the Forrester “Adapt or Die: XDR Is On A Collision Course with SIEM and SOAR” report: “Good XDR lives and dies by the foundation of a good EDR. XDR providers will be limited or enabled by the EDR on which they are based. Choose your XDR based on an EDR with high efficacy detections, strong third-party partnerships or extended native capabilities, and automated response recommendations.”
Google Cloud: “There are many challenges facing cybersecurity professionals today - and they need solutions that operate at cloud scale to provide better ways of detection and response. Through our strategic partnership and integration of Google Chronicle with the CrowdStrike Falcon® platform, we deliver customers defense-in-depth security, comprehensive visibility, and workload protection at scale across hybrid cloud environments,” said Sunil Potti, vice president and general manager of Google Cloud Security. “We are excited to join the CrowdXDR Alliance today to expand on this partnership and bring joint customers an enriched XDR experience that combines a scalable cloud-based analytics solution in Chronicle with the leader in endpoint protection.”
ServiceNow: “ServiceNow is proud to be an inaugural member of the CrowdXDR Alliance, as addressing today’s security challenges for our customers requires vendor collaboration,” said Lou Fiorello, vice president and general manager of the Security Operations Business Unit at ServiceNow. “ServiceNow brings the unique strength of unified security, IT, and risk operations all on a single platform. Connecting CrowdXDR Alliance insights with ServiceNow Security Operations helps customers reduce their attack surface and optimize response by enabling collaboration and automation across people, process, and technology.”
Zscaler: “As two market leaders that are already providing joint integrated solutions to hundreds of Fortune 500 enterprises, we continue to deepen and broaden our collaboration,” said Punit Minocha, executive vice president of Business and Corporate Development at Zscaler. “Our enhanced access control integration with CrowdStrike reduces the attack surface and makes it easier for organizations to implement zero trust security while empowering work from anywhere. By integrating with the CrowdXDR Alliance, we enable our customers to connect the dots faster, derive meaningful insights, and neutralize threats more effectively.”
Netskope: “XDR, like SASE and Security Services Edge (SSE), is critical to security transformation and a non-negotiable need for enterprises moving to cloud infrastructure,” said Sanjay Beri, chief executive officer, Netskope. “Netskope provides hundreds of attributes of rich cloud metadata for cloud detection and response as part of a larger XDR program. We are pleased to join CrowdStrike in the CrowdXDR Alliance building on our strong partnership to help bring the best in cloud security to all environments.”
Proofpoint: “As attackers become more sophisticated, organizations need real-time, actionable intelligence to protect themselves from today’s most malicious threats,” said Ryan Kalember, executive vice president of Cybersecurity Strategy, Proofpoint. “Proofpoint is proud to join the CrowdXDR Alliance, which will integrate the world’s leading security solutions to provide customers with the tools they need to optimize their defenses while accelerating incident response.”
Extrahop: “Enterprise security teams face a daunting challenge ahead as supply chain compromises and increasingly sophisticated ransomware––now an advanced extortionate threat––become more prevalent,” Raja Mukerji, co-founder and chief customer officer, ExtraHop. “We have long partnered with CrowdStrike to provide critical detection and response from the edge, to the network, to the cloud, helping organizations defend against these threats. Now, we're proud to join the CrowdXDR Alliance, working alongside the team at CrowdStrike and other partners to provide the advanced detection and response capability that gives organizations the edge they need to stop breaches faster."
Mimecast: “Enterprise organizations are constantly targeted by sophisticated threat actors, and attacks have only increased in the hybrid working world,” said Peter Bauer, chief executive officer at Mimecast. “Collaboration in the cybersecurity industry is crucial to staying one step ahead of cybercriminals. We are proud to be a member of the CrowdXDR Alliance, and will bring real-time data and proactive threat hunting to protect our joint customers.”
Claroty: “As industrial and critical infrastructure organizations introduce more IoT devices into their environments to improve operational efficiency and profitability, these devices can serve as entry points for ransomware and other threats to disrupt operations,” said Yaniv Vardi, chief executive officer of Claroty. “We are honored to be a part of the CrowdXDR Alliance and continue building upon the Claroty-CrowdStrike joint solution to provide full-spectrum visibility and threat detection coverage for IoT in industrial environments.”
Corelight: "The new CrowdXDR Alliance is an important step forward in a historic journey underway in the security industry - away from closed ecosystems, and towards open, community-driven, and data-centric approaches for defense. Corelight is excited to participate, especially given our strong integrations with CrowdStrike and Humio," said Brian Dye, chief executive officer of Corelight.
*Adapt or Die: XDR Is On A Collision Course with SIEM and SOAR, April 28,2021, Forrester
This press release contains forward-looking statements that involve numerous assumptions, risks and uncertainties, including statements regarding the benefits of the CrowdXDR Alliance. You should not rely on these forward-looking statements, as actual outcomes and results may differ materially from those anticipated or implied by these forward-looking statements as a result of such assumptions, risks and uncertainties. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. Information on new products, features, and functionality, including our expectations with respect to the development, release and timing thereof, is for informational purposes only and should not be relied upon.
CrowdStrike Holdings, Inc. (Nasdaq: CRWD), a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon captures approximately 1 trillion high-fidelity signals per day in real time from across the globe, fueling one of the world’s most advanced data platforms for security.
With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.
There’s only one thing to remember about CrowdStrike: We stop breaches.
Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.
Learn more: https://www.crowdstrike.com/
© 2021 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.
Kevin Benacci, 216-409-5055