CrowdStrike's Fal.Con 2023 Key Takeaways
Bionic acquisition makes case for platform consolidation
This week at Fal.Con, World Wide Technology learned CrowdStrike's roadmap firsthand from CrowdStrike's CEO, George Kurtz, along with the rest of their executive leadership team through several exciting announcements.
CrowdStrike now has 27 modules to choose from that everyone should examine to see how CrowdStrike's platform capabilities could fit or expand into their tool ecosystem. It was great for us to see that CrowdStrike Fal.Con's two themes, "Better Together" and "Cybersecurity Takes a Crowd," are in lockstep with WWT's cybersecurity motto, "Secure, All Together."
CrowdStrike further leaned in their greatest hits, such as the EDR, XDR, and MDR endpoint security solutions, and then continued to cement themselves as a "security platform consolidation" company, announcing its acquisition of the Israeli-based startup, Bionic. This is great news for organizations wanting to add or consolidate Application Security Posture Management (ASPM) into their respective tech stacks through one solution provider.
CrowdStrike introduces Raptor
CrowdStrike also let the world know that their LogScale technology would be available for all CrowdStrike data and third-party data. Prior to this, their data layer did not treat the data types equally, but now, with Falcon Raptor, it will be natively stitched into their XDR offering. For the enterprises that were hesitant to commit to an XDR implementation with CrowdStrike, this provides a path to bring your "other than CrowdStrike" tech into XDR in a more streamlined approach.
Prioritized patching and "no-code application development"
More exciting announcements included Falcon Exposure Management, combining Vulnerability Management data (first or third-party) and Falcon Spotlight, to bring us External Attack Surface Management (EASM), which makes it much easier to prioritize the patching vulnerabilities in their environments.
Also, CrowdStrike's new Falcon Foundry will be introducing a "no code application development" platform, giving security teams the autonomy to build their own app with access to all threat intel from the platform, as well as access to third-party telemetry from APIs or other modes that store the data in Falcon LogScale.
Breaking down walls between IT and security and protecting corporate data
In an announcement not just for the security teams, Falcon for IT will extend the CrowdStrike platform to tackle other IT challenges. "CrowdStrike's latest innovations expand the power of the Falcon platform to help customers solve three significant problems facing security and IT teams today: preventing theft of sensitive data in today's cloud era, managing adversary risk due to the proliferation of vulnerabilities and configuration issues, and breaking down the silos between security and IT," said Raj Rajamani, chief product officer at CrowdStrike. This brings more IT capabilities into the CrowdStrike platform and will allow IT and security teams to work off the same set of data to optimize remediation, breaking down those traditional silos.
And speaking of data, the news of their data protection module being released should calm the fears of every security team regarding the traditional, clunky legacy DLP agent. This works by leveraging the same endpoint agent, but with the added ability to detect initial compromise via data exfiltration along with data protection policies that will track content moving across files, removable storage and SaaS applications. CrowdStrike's platform focuses on data and its security, so enhancing the data security for customers is a great step forward.
Charlotte, an AI-driven SOC Analyst
Lastly, let us talk about everyone's favorite topic in 2023, the one we have all been waiting for since it was announced in May: Charlotte AI. What or who is Charlotte you ask? This is not your neighborhood Charlotte who wants to ask you about AI. Oh no, Charlotte AI is just CrowdStrike's version of this little-known technology we call artificial intelligence!
CrowdStrike is no stranger to AI as it was their original answer to the legacy anti-virus (AV). Charlotte is the highly anticipated generative AI SOC Analyst built, not to replace humans, but to provide them straightforward access to data across the platform, using straight-forward questions much like we have seen in OpenAI's ChatGPT and Google's Bard (now Gemini). Imagine your SOC Analyst being able to ask Charlotte, "How many assets are susceptible to the MOVEit zero-day vulnerability in my production environment," in normal subject/predicate fashion versus trying to rush to find the correct syntax while your C-Suite and customers are waiting for you to produce an accurate number? Almost too good to be true.
Other use cases include threat hunting, plain text automation, or simply asking Charlotte to create a script to deploy an update to an application that needs a patch. George Kurtz's demo of Charlotte AI on stage was an inspiring look into the future of AI and SOC Analysts to work faster and smarter in an evolving threat landscape.
Cybersecurity takes a crowd
Overall, the week at CrowdStrike Fal.Con provided an opportunity for WWT to highlight our strong go-to-market partnership with CrowdStrike and mutual customers and partners, as we all delved into CrowdStrike's enriching announcements, sessions and labs.
One particularly exciting moment, personal to us, was when WWT delighted attendees with a presentation on the WWT Cyber Range, an innovation ecosystem designed to reduce cyber risk and increase time to value through rigorous testing, real-world training and hands-on learning.
CrowdStrike Fal.Con's mottos, "Better Together" and "Cybersecurity Takes a Crowd," along with WWT's, "Secure, All Together" approach, illustrate how important it is for cybersecurity to be a team effort. But the Chainsmokers, who performed at the CrowdStrike Fal.Con conference this year, said it best with their lyrics "…if we go down, then we go down together."