CrowdStrike Inc, a leader in cloud-delivered endpoint and workload protection, announced that CrowdStrike Falcon Fusion, an automated workflow solution built on the CrowdStrike Falcon platform to help organisations improve the efficiency and speed of their security and IT operations, is now available for free for all Falcon Prevent and Falcon Insight customers, empowering under-pressure SOC teams to enable streamlined automation and response.
Expanded technology stacks that increase attack surfaces, distributed workforces as well as a skills shortage in cybersecurity create a perfect storm that SOC teams must navigate. Coupled with an evolving threat landscape fuelled by innovative cyber-attacks, security teams have to sift through a rising volume of alerts to keep businesses secure.
Falcon Fusion — a cloud-scale unified security orchestration, automation and response (SOAR) framework — now includes a new workflow builder user experience with an intuitive interface to build any scenario, no matter how complex, with parallel branching and sequencing logic, and supporting actions to accelerate incident triage and real-time response at a time when security teams face incredible constraints, drastically reducing time to remediation.
“One of the common complaints among enterprise SOC analysts is the time spent analysing and responding to multiple — and sometimes duplicate — alerts across different systems, resulting in alert fatigue and compromised efficiency when responding,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “CrowdStrike’s platform was built to provide AI-centric software to fight automated attacks, freeing up security teams to focus on advanced threats like hands-on-keyboard activity because there is always a need for a human component in the most robust security postures.”
Falcon Fusion helps customers stop breaches by staying ahead of adversary behaviour, before lateral movement takes place. It enables customers to automate processes that shouldn’t require human involvement. This increases the efficiency and efficacy of the SOC team, so they can focus their time on tasks that are more business-critical. It helps streamline security analyst workflows by automating actions around specific and complex scenarios with an intuitive, no-code easy to use interface.
Processing upward of 1 trillion events per day, with more than 140 million indicators-of-attack (IOA) decisions made every second in streaming data alone, CrowdStrike protects billions of entities — workloads, endpoints, identities and more — every day. All of this, combined with partner data accessed through the CrowdStrike Store, provides visibility and enriched context into events across the environment and strengthens active response capabilities to streamline incident response and remediation.
As a cybersecurity company that has built one of the largest cloud architectures in the world, CrowdStrike has gained an exceptional vantage point and garnered unique experience on what it takes to streamline incident response, while delivering unprecedented visibility and context — all in one place.