New CrowdStrike Falcon Platform Innovations Unify End-to-End Security and IT Operations to Remove Complexity and Stop Breaches
CrowdStrike announced new innovations that unify security and IT to stop breaches on the CrowdStrike Falcon cybersecurity platform.
The single-agent, cloud- and AI-native Falcon platform consolidates point products to eliminate complexity and deliver better security outcomes. With these new innovations, CrowdStrike is unifying the security and IT operations lifecycle – from assessing risk and threat detection, to accelerating remediation and response. New and expanded innovations include:
Project Kestrel: A Revolutionary New User Experience: Project Kestrel removes silos and unifies data from across the Falcon platform to provide an all-in-one view of an organization’s security environment. With a customizable user experience that ensures the right user gets the right data at the right time, Project Kestrel eliminates complexity, accelerates collaboration and enables rapid threat response. Dynamic access controls and a single view of all assets, vulnerabilities and misconfigurations empower organizations to stay ahead of adversaries.
CrowdStrike Endpoint Security stops breaches with AI-powered protection, detection and response, backed by world-class adversary intelligence. New innovations include:
- CrowdStrike Signal: A new family of AI-powered engines, Signal intelligently groups related events and alerts into actionable, prioritized insights, with a self-learning model tailored to the organization’s specific environment. Signal’s AI-generated lead detection improves analyst efficiency and surfaces novel and stealthy adversary tradecraft to reduce the risk of missed detections.
- Legacy OS Support: Falcon introduces anti-malware protection for legacy Windows operating system versions as early as Windows XP SP3/Server 2003.
Falcon Cloud Security delivers comprehensive visibility and protection across the entire cloud estate – infrastructure, applications, data and AI models from a single, unified platform. New innovations include:
- AI Security Posture Management: A new capability, AI-SPM monitors AI services and large language models (LLM) deployed in the cloud, detects misconfigurations, and identifies and addresses vulnerabilities to enable secure AI innovation.
- Data Security Posture Management: Now fully integrated with Falcon Cloud Security, security teams can discover, classify and protect data in all states – at rest or in motion – as it flows through the cloud estate and across endpoints.
Falcon Identity Protection detects and stops identity-driven attacks spanning domains with visibility and protection across and within clouds, identities and endpoints. New innovations include:
- Falcon Privileged Access: Enforces least privilege through risk-based Just-in-Time access across hybrid cloud environments to reduce the identity attack surface and combat cross-domain attacks.
- Real-Time Threat Protection for Microsoft Entra ID: Delivers Falcon’s AI-powered identity protection against password spraying, phishing and other identity threats targeting Entra ID (cloud-based active directory) environments.
Falcon Next-Gen SIEM unifies Falcon and third-party data, threat intelligence, AI and workflow automation to deliver the AI-native SOC. New innovations include:
- AI-generated Parsers: Easily ingest and process data from any source. Industry-first capabilities include using LLMs to analyze log data and build parsers automatically, accelerating investigations.
- Detection Posture Management: Maps active detection rules across all Falcon platform modules and third party tools to MITRE ATT&CK techniques to instantly identify coverage gaps and provide prescriptive recommendations to strengthen security posture.
- Workflow Automation Enhancements: Accelerate response with a new content library including an expanded set of prebuilt workflows and 300+ response actions.
Falcon Exposure Management proactively reduces intrusion risk with unified, AI-powered vulnerability prioritization and complete attack surface visibility. New innovations include:
- Network Vulnerability Assessment: Built on CrowdStrike’s patented ExPRT.AI technology for risk-based vulnerability prioritization, organizations can replace outdated, complex network scanning infrastructure with sensor-based, continuous scans that minimize network congestion, deliver real-time visibility and assessments, and prioritize the most critical network vulnerabilities.
- Attack Path Analysis: Identifies cross-domain exposures and attack paths leading to business-critical assets and data, enabling teams to predict likely adversary behavior based on real-world activity to harden high-risk areas of exposure.
Charlotte AI delivers the transformative power of conversational AI to organizations, turning hours of work into minutes or seconds. New innovations include:
- GenAI-powered Detection Triage: Analysts can now direct Charlotte AI to triage detections on their behalf, accelerating investigations and incident response. Charlotte AI has been trained leveraging the expertise of the elite Falcon Complete team, CrowdStrike’s market-leading MDR, so every organization can leverage industry best practices with the speed, consistency and scale of AI.
Falcon for IT automates complex use cases across security and IT using native GenAI workflows and the single-agent architecture of the Falcon platform. New innovations include:
- Extended Asset Context: Interrogates assets in real-time to gather extended IT context beyond standard security telemetry, such as patch deployment and management data to support investigation and response activities.
- Automated Tasks: Create scheduled queries and define a corresponding set of automated responses to immediately resolve compliance or configuration issues, apply emergency patches, and proactively address issues that might impact end user productivity.
“Today’s security challenges are rooted in complexity, which slows down response and increases risk,” said George Kurtz, CEO and founder, CrowdStrike. “With our latest innovations, we’re simplifying security and IT operations by bringing everything together in a unified platform. With a new user experience that ensures each team has the right data and tools at their fingertips, organizations gain faster decision-making, seamless collaboration and a more proactive approach to stopping breaches. By unifying the entire security and IT lifecycle – from risk assessment to response – we enable organizations to respond faster, work smarter and stay ahead of evolving threats.”
Source: CrowdStrike media announcement