A Tale of Two RSA Conferences

Looking back at RSA 2020, it truly seems like it occurred in a different world. Thousands of us ranged the halls of Moscone Center in San Francisco together, sat shoulder-to-shoulder in auditoriums, and spoke face-to-face in trade show booths, meeting rooms, restaurants and hotel suites. Fast forward to RSA 2021. We’re all attending virtually, most from home offices, but we’re starting to see gradations of light at the end of this long, dark tunnel. That light may seem brighter for some than others right now, but I think most can agree that by RSA Conference 2022, we may actually be back together again, enjoying the proximity of our fellow humans. I hope so. In the meantime, we in security have learned a great deal in the past year about “resilience,” the watchword for this year’s virtual event. Resilience is a quality each of us has drawn upon in recent months: our inner resourcefulness, determination and grit. It also describes a goal that many of us have set for our organizations, as well as for the communities in which we live and work. I’ve been particularly inspired this year by many of our customers who, despite battling the ravages of the COVID-19 pandemic itself and the record-setting onslaught of cyber threats that accompanied it, worked tirelessly to keep their organizations and people safe.

Talking the Talk vs. Walking the Walk

In the video interview we shot at the CrowdStrike booth during RSA Conference 2020, I talked about CrowdStrike’s aspirations and plans, the rampant consolidation we were seeing across the industry, and the challenges faced by so many security professionals as they tried to knit together up to a dozen divergent security products and capabilities to provide a protective fabric around their organization’s most precious assets. I talked about the chilling effects this was having on early adopters, those who normally sought out “bleeding edge” capabilities to seize the upper hand against innovative bad actors and emerging threats. Finally, I talked about how CrowdStrike would continue to win in the market by removing complexity, adding important new capabilities while constantly simplifying the rollout and administration of our single-agent platform. At CrowdStrike, we don’t just “talk the talk.” We actually “walk the walk.” I’m deeply proud to say that a year later, we have remained true to that brand promise I articulated here at RSAC a year ago, the promise to provide “technology that just works — that’s easy to deploy, easy to use, and prevents the breach.” The success of that simple-sounding equation, and our ability to deliver it to the market, is unquestioned and increasingly unchallenged.

Validation Where It Counts

Our latest validation, delivered in just the last week, comes from leading analyst firms Gartner and Forrester. Gartner’s 2021 Magic Quadrant for Endpoint Protection Platforms (EPP) once again named CrowdStrike as a Leader, and showed us as the security vendor placed furthest for Completeness of Vision. Forrester subsequently named CrowdStrike a Leader in The Forrester Wave™: Endpoint Security Software As A Service, Q2 2021 report, in which CrowdStrike also received the highest scores possible across 17 different criteria. I am excited to also announce the CrowdStrike Falcon® Platform achieved 100% Protection Rate in the AV Comparatives Business Real-World Protection Test for the March-April 2021 period and the highest AAA rating in the Q1 Enterprise Endpoint Protection evaluation from independent testing organization SE Labs.

 

By testing security vendors against emulated sophisticated adversaries, tactics and techniques, security decision makers and enterprises have actionable data that helps assess the effectiveness of security products. Our commitment to third-party independent testing represents critical validation for our mission to stop breaches. The most important validation, of course, comes from our customers, who have rapidly adopted numerous new technologies and capabilities CrowdStrike introduced during the past year, and have expressed the same enthusiasm for our newest additions, which I am pleased to announce today.

Introducing Falcon Fusion

Our first announcement at RSA Conference 2021 is Falcon Fusion™, a unified, extensible framework, purpose-built on the CrowdStrike Falcon® platform to orchestrate and automate any complex workflows, leveraging the power of CrowdStrike’s Security Cloud, and relevant contextual insights across endpoints, identities, and workloads, in addition to telemetry from partner applications. Enterprise customers can build real-time active notification and response capabilities leveraging complex sequencing and branching along with customizable triggers based on detection and incident categorizations, improving SOC and IT efficiency and speed while meeting their use case requirements. You can learn more about this important extension to the Falcon platform here.

Falcon Horizon Adds Cloud IOA Detection

Secondly, I’m pleased to announce the addition of Cloud IOA (indicators of attack) detection capability to Falcon Horizon™, the industry’s only adversary-focused posture management solution that continuously detects, prevents and remediates cloud control plane security threats and stops breaches. Falcon Horizon is powered by up-to-the-minute threat intelligence on over 150+ adversary groups, and the most advanced cloud-native platform, providing complete visibility, IOA detection and guided remediation of control plane threats. Falcon Horizon improves investigation speed by up to 88%, leveraging insights based on cloud attack patterns, behavioral analytics and the MITRE ATT&CK® framework, combined with over 50 out-of-the-box IOA policies specifically created to eliminate noise and stop breaches. To learn more, click here.

Busy Year Supporting Defenders

Like the customers we serve, CrowdStrike teams have been incredibly busy this year delivering new ways to defend organizations and help security teams defeat adversaries. Here’s a short list of key announcements and new capabilities since the beginning of this year to enhance and strengthen the Falcon platform:
  • Launched CrowdStrike Falcon® Intelligence Recon™, designed to improve your situational awareness and gather context and information about how adversaries are targeting your organization across the dark web and other sources
  • Released a new Falcon container sensor for Linux that extends runtime security to container workloads in Kubernetes clusters that do not allow you to deploy the existing kernel-based Falcon sensor for Linux
  • Announced container image scanning to ensure that your containers are safe by assessing images before they are deployed
  • Released Identity Analyzer Reports and the ability to ensure CIS compliance in Falcon Horizon to ensure your Azure AD groups, users and apps have the correct permissions and to make sure your cloud configurations meet CIS standards
  • Further extended our leadership across all major OS platforms, with expanded Linux capabilities for Falcon Real Time Response, vulnerability coverage for Linux in Falcon Spotlight™, and Falcon Zero Trust Assessment to monitor and gauge the security posture of macOS hosts
  • Released multiple new dashboards including new Falcon OverWatch™ and Falcon Complete™ dashboards, Falcon Spotlight and Falcon Horizon compliance dashboards, and custom threat dashboards that addressed emerging threats like the Microsoft Exchange zero-day vulnerability earlier this year

The Real “Proof”

We are understandably excited about these new developments and capabilities, and many more still “waiting in the wings.” However, as the old saying goes, “The proof of the pudding is in the eating.” This is why I urge you to visit our virtual booth, talk to our experts and participate in our interactive demos. Then give it the real “taste test” — sign up for a free trial to see how Falcon performs in your environment. In my experience, when people see how the technology works, and they experience the “next-level” visibility our platform provides, deciding which vendor to trust with protecting your endpoints and cloud workloads becomes very straightforward.

Additional Resources

Breaches Stop Here