ExtraHop, a specialist firm in cloud-native network detection and response (NDR), has announced a product integration with CrowdStrike Falcon Next-Gen SIEM.
The collaboration aims to enable joint customers to mitigate threats swiftly through the use of network telemetry in CrowdStrike Falcon’s AI-native platform.
As cyber attackers progressively evolve their tactics to avoid conventional security controls, such as exploiting devices that organisations can’t place an endpoint agent on and using “living off the land” techniques, security teams need to rely on numerous data sources for comprehensive visibility across their entire environment. Harmonising these diverse data sources not only bolsters the security landscape but also ensures accurate, context-aware security alerts.
ExtraHop’s NDR platform, RevealX, ingests, monitors, and analyses network data autonomously. It provides immediate visibility into all east-west and north-south network traffic, including encrypted communications. By integrating RevealX with Falcon Next-Gen SIEM, a deep spectrum of network telemetry is merged with rich security data, AI, and threat intelligence from the CrowdStrike Falcon platform.
Following the recent integration between ExtraHop and CrowdStrike, customers can revel in several benefits. These include complete visibility into managed and unmanaged assets with an expanded coverage against the MITRE ATT&CK framework, swift, and comprehensive investigations, as well as accelerated incident investigations. Additionally, integrated Security Orchestration, Automation, and Response (SOAR) playbooks provide bidirectional automated workflows and intelligently coordinated response actions ensuring rapid response to each threat.
Given the complex security landscape, “the needs of the modern SOC have outgrown the capabilities of the legacy SIEM,” commented Daniel Bernard, Chief Business Officer at CrowdStrike. The current era necessitates a reimagined SIEM that amalgamates an AI-powered platform approach with critical network data sources to stop breaches promptly and accurately, said Bernard, recognising the crucial role of ExtraHop in this transformation.
Meanwhile, Kanaiya Vasani, Chief Product Officer at ExtraHop, emphasised the crucial role of NDR in the deployment of successful next-gen SIEM. Vasani expressed their shared objective to “give customers faster access to the information they need to manage and mitigate their cyber risk.” Thus, ExtraHop’s award-winning technology, coupled with it being a market leader, makes it perfectly positioned to help organisations maximise the benefits of network data in security operations.
ExtraHop acknowledges that working alongside CrowdStrike enables them to infuse their technology into CrowdStrike Falcon’s Next Gen SIEM. Together, the companies are poised to keep cyber threats at bay, offering customers quicker access to essential information to manage and reduce their cyber risk.
About Author
