CrowdStrike Adds Attack Surface Management Module
Following its acquisition of Reposify earlier this year, CrowdStrike today added external attack surface management (EASM) technology to the CrowdStrike Falcon platform.
CrowdStrike CTO Michael Sentonas said CrowdStrike Falcon Surface will initially be made available as a standalone module before EASM capabilities are more deeply embedded in the company’s core cybersecurity platform. At the same time, CrowdStrike has integrated Crowdstrike Falcon Surface with its CrowdStrike Falcon Intelligence Recon offering.
In the second half of next year, the company will integrate CrowdStrike Falcon Surface with CrowdStrike Falcon Spotlight, a patch management module and CrowdStrike Falcon Discover, a monitoring tool.
The overall goal is to provide a comprehensive approach using a single agent to manage cybersecurity. That approach will ultimately reduce costs by eliminating the need for cybersecurity teams to integrate multiple point products, noted Sentonas.
CrowdStrike acquired Reposify to gain access to an attack surface scanning engine that the company concluded was faster and more accurate than rival platforms, said Sentonas. Organizations of all sizes are struggling with cybersecurity because they have lost visibility into their environments; EASM technology makes it simpler to scan networks to discover all the potential surfaces that are attacked, he added.
Once discovered, it becomes possible to apply security policies and remediate vulnerabilities using the various modules that make up the CrowdStrike platform, noted Sentonas.
CrowdStrike has been combining a set of internally developed capabilities with platforms it has acquired over the past year to extend the CrowdStrike Falcon platform. Falcon employs machine learning algorithms and other forms of artificial intelligence (AI) alongside indicators of attacks, deep kernel visibility, custom indicators of compromise (IoCs) and behavioral blocking to secure IT environments.
The overall goal is to provide a set of core capabilities that cybersecurity teams can easily extend by adding additional modules to, for example, specifically address container security.
It’s not clear how much organizations are consolidating cybersecurity tools as part of their efforts to reduce the cost of cybersecurity. However, there’s always more pressure to reduce costs during times of economic uncertainty. The challenge, as always, is that organizations will need to spend some money upfront to acquire a new platform to reduce costs later by eliminating the need for other products and services.
Regardless of the approach to cybersecurity, the attack surface that needs to be defended is continuing to expand. Not only are more devices and platforms being connected to the network in the age of the internet-of-things (IoT), but there are also more types of applications being deployed. Most cybersecurity teams are not going to be able to keep pace with the rate at which IT environments are expanding without the aid of machine learning algorithms.
In the meantime, the attacks being launched against those IT environments will only increase in volume and sophistication. Unfortunately, the odds that cybersecurity teams will be able to combat those threats with existing legacy tools and platforms are slim to none.
