Managing security posture at scale is a significant challenge for global organizations of all sizes. With a rapidly expanding security estate and a global worker gap of 3.4 million, according to (ICS)2, it is imperative that the efficacy of defensive controls is maximized to combat sophisticated adversaries. In order to do so effectively, organizations must test their security controls on a continuous basis to uncover configuration gaps and areas of missing visibility. Regulatory agencies as well as entities involved in the advancement of best practices, including the FBI, CISA and MS-ISAC, have formally recommended continuous testing in a production environment for optimal performance. However, we have observed a limited number of vendors that create a seamless experience for security analysts.
Traditional approaches to testing at scale have been limited based on two primary factors: 1) testing intervals and 2) interoperability with the security controls they test. Testing in weekly intervals is insufficient as adversaries move rapidly to exploit vulnerabilities in ever-changing infrastructure environments. Testing tools require lightweight deployments to proactively test on an intraday basis and produce high-fidelity results. When gaps are uncovered, traditional vendors have typically created an onerous process for the security operations team to investigate and modify configurations with limited context before initiating a subsequent test. To ensure the gaps identified aren’t lost to other priorities within the security organization, it is crucial that continuous testing tools identify the root cause and provide a remediation path that is enriched with the context of the security controls in the customer environment.
Prelude Security is reshaping the continuous security testing market with a deeply integrated, lightweight architecture that reduces the burden on security teams. The Prelude Detect platform deploys kilobyte-sized probes — an ephemeral process that runs in RAM — across endpoint infrastructure and runs tests on a daily interval by default, with the flexibility to run hourly. This approach enables teams to answer the fundamental question of whether their controls are appropriately configured to defend against the latest threats with high fidelity. Prelude’s path to remediation is seamless, as contextual indicators are passed to the defensive controls to ensure subsequent tests are passed.
CrowdStrike is excited to announce its strategic investment in Prelude Security through the CrowdStrike Falcon Fund, our strategic investment vehicle. A key piece of that will be a multi-faceted partnership between CrowdStrike and Prelude to enable continuous testing deeply integrated with our best-in-class XDR security platform and endpoint security solutions. Through our initial integration, CrowdStrike and Prelude create a self-optimizing loop, providing assurance that customer defenses are continuously validated.
How the Integration Works
- Prelude utilizes CrowdStrike’s best-in-class architecture to deploy its probes to joint customers via Falcon Real Time Response.
- Falcon Real Time Response allows customers to ensure that their testing scales with their underlying infrastructure.
- Prelude passes indicators of compromise through CrowdStrike’s open APIs, and our AI/ML capabilities enable the Falcon platform to learn from the findings of Prelude’s test to auto-harden defenses.
Please visit the Prelude integration page in the CrowdStrike Store to learn more and request the integration today.
Additional Resources
- Learn more about Falcon Fund and CrowdStrike’s partnership with innovative companies.
- See how CrowdStrike gives you comprehensive protection across your organization through our 15-day free trial.
- Join us this fall at Fal.Con 2023 to see how CrowdStrike is delivering protection to customers around the world.