CrowdStrike Store expands range of third-party applications and use cases

CrowdStrike, a leader in cloud-delivered endpoint protection, announced new third-party applications for the CrowdStrike Store that will extend the power of the CrowdStrike Falcon platform, addressing additional use cases to strengthen the security posture of customers.

The CrowdStrike Store is the first unified security cloud ecosystem of trusted applications, providing a strategic choice of vendors and security technologies managed by a single cloud platform, custom-built for the enterprise.

It has spurred innovation with security technology providers, enabling them to bring their technologies to Falcon customers to optimize their security stack, and provides real-time access to rich endpoint telemetry.

The latest applications to be featured in the CrowdStrike Store improve threat protection against sophisticated attacks while solving additional use cases for CrowdStrike customers, including patch management, application whitelisting/control, vulnerability prioritization, autonomous deception, insider threat detection, and attack surface management.

Through the CrowdStrike Store, customers can discover, try, and seamlessly deploy these applications that extend their existing investment in the Falcon platform.

“We developed the CrowdStrike Store to revolutionize how security tools are created and deployed across the security industry, and the interest we have received from customers and third-party app developers since the store’s launch has been tremendous,” said Amol Kulkarni, CrowdStrike chief product and engineering officer.

“The CrowdStrike Store leverages the power of our security cloud for both scale and telemetry, enabling security applications to deliver smarter and more effective solutions, and provides our customers the opportunity to easily explore new, innovative technologies that enhance their Falcon experience.”

New applications features

Acalvio – Advanced threat hunting / deception
Acalvio’s ShadowPlex Autonomous Deception solution detects, engages and responds to advanced adversaries inside the network with Precision and Speed. Together with CrowdStrike’s next-generation antivirus and EDR solutions, ShadowPlex also brings the customer a novel capability, Deception-based Active Threat Hunting, for identifying hidden malicious threats.

Airlock Digital – Application whitelisting / App control
Airlock Digital’s application whitelisting allows only trusted files to run on Falcon managed customer endpoints, enabling a zero-trust methodology that proactively prevents unknown attacks. CrowdStrike customers gain access to the correlated rich datasets between Falcon and Airlock Digital to gain richer environment insights across their organization.

Automox – Endpoint hardening and patch management
Automox enables customers to quickly and proactively harden their endpoints by remediating vulnerabilities discovered by CrowdStrike Falcon Spotlight. It reduces time to remediation of discovered endpoint vulnerabilities, eliminates exposures before vulnerability weaponization, and reduces the noise and alert fatigue on response teams.

Dragos – ICS/OT threat detection
The Dragos application was launched in the CrowdStrike Store in September. The ICS/OT Threat Detection app provides visibility and insights into OT threat activity that originates in IT networks by ICS-focused threat activity groups using endpoint telemetry gathered by CrowdStrike Falcon platform.

Exabeam – SIEM / UEBA / Insider threat
Exabeam Advanced Analytics for CrowdStrike integrates with Falcon to seamlessly deliver user and entity behavior analytics (UEBA) to the customer environment to analyze Falcon endpoint telemetry and detect advanced threats, including insider threats and lateral movement with user attribution.

NopSec – Vulnerability Risk Prioritization and Management
NopSec’s Unified Vulnerability Risk Management (VRM) continually ingests CrowdStrike Falcon Spotlight vulnerabilities, provides contextual enrichment and deeper insights of overall risk exposure, reduces the time to remediation of critical security vulnerabilities and helps increase ROI of existing security investments.

RiskIQ – Attack surface management
RiskIQ Illuminate integrates with CrowdStrike Falcon to give organizations 360-degree visibility into their attack surface in near real-time. Correlating RiskIQ’s comprehensive internet data sets – such as passive DNS, email, SSL certificates, host pairs, web trackers, and WHOIS data – with CrowdStrike endpoint coverage provides end-to-end visibility into the organization’s digital attack surface, accelerating threat hunting and incident response engagements.

Ram Varadarajan, co-founder & chief executive officer at Acalvio Technologies: “ShadowPlex Autonomous Deception solution is unique in its ability to reduce dwell times for both insider and external threats.

“Built on over 25 patented technologies, ShadowPlex automates deployment of effective deception at scale, across the distributed enterprise network. The partnership with CrowdStrike enables ShadowPlex to leverage Falcon platform and it’s rich data repository to deliver the most comprehensive threat detection and threat hunting solution in the industry.”

Richard Rundle, chief executive officer at Airlock Digital: “Airlock Digital is excited to make application whitelisting and control available in partnership with CrowdStrike.

“CrowdStrike customers will have the capability to implement Airlock Digital’s zero trust endpoint security, complementing the existing strong visibility and detection provided by the Falcon platform.”