It was a wild week for cybersecurity in Las Vegas leading up to Fal.Con 2023 and all the news about ransomware made this year’s conference more applicable than ever for organizations’ need to secure their data. MindPointGroup’s software development and MPGSOC teams attended Fal.Con 2023 to learn about the newest innovations to CrowdStrike. The sales and marketing teams could be seen in the HUB, introducing Falcon Users to Peregrine for CrowdStrike, a new product for SOC Analysts and Incident Responders who utilize CrowdStrike Falcon. The convention displayed CrowdStrike’s commitment to enhancing offerings and expanding its presence in various areas of cybersecurity and IT. This year’s convention also provided MindPoint Group and other CrowdStrike partners an exclusive sneak peek into CrowdStrike’s latest innovations, including Charlotte AI, Falcon Foundry, Falcon for IT, and their recent acquisition of Bionic. These exciting developments from CrowdStrike promise to shape the future of cybersecurity and leave us eagerly anticipating what lies ahead in this dynamic field.
Below are a few highlights that our team and I found interesting and relevant to MindPoint Group.
The newest iteration of the Falcon platform, Raptor, includes multiple enhancements, such as improved data handling with LogScale technology, AI-driven incident correlation using Charlotte AI, and collaborative incident management capabilities.
Log scale offers an extensible query language. It is incredibly intuitive, and a lot faster than the previous search header. “Falcon LogScale accelerates security operations with petabyte-scale log management and delivers real time detections and lightning-fast search to stop threats,” according to CrowdStrike.
CrowdStrike launched Falcon Foundry, a no-code application development platform, allowing users to create custom apps leveraging Falcon's capabilities without coding experience. It is too early to evaluate how many companies will have the resources and API knowledge to write their own application so there might be a reliance on adjacent vendors or service providers to build these custom apps. However, the accessibility of no-code application development is a step towards greater innovation in cybersecurity defense, and we look forward to exploring where Foundry takes the industry as a whole.
Ask Charlotte AI
According to CrowdStrike, Charlotte AI is designed to accelerate our security analysts’ productivity and response. It will upskill Tier 1 analysts, helping them to investigate as if they are Tier 3s. Given the platform’s expansiveness, we are looking forward to having an assistant to help us find things faster as well as another tool to add enrichment to our investigations. Security expertise is hard to find—and expensive—so any help to make our team more productive is welcome in our environment.
Falcon Exposure Management
CrowdStrike unveiled Falcon Exposure Management, combining external attack surface management, vulnerability management, and asset visibility to help organizations understand potential attacker paths and secure critical data. From an analyst perspective, we still like to use the event search to get this information and see the raw details rather than using a dashboard.
Users are always looking for tools that might be complementary to CrowdStrike and given the big theme around integration this year, upgrading the CrowdStrike Marketplace makes perfect sense. CrowdStrike’s Marketplace has been a great centralized place to give access to third-party complementary tools to consider, and now with upgrades to the Marketplace to make purchasing products directly from the marketplace possible, CrowdStrike users will be able to shop, demo and purchase all from within the Marketplace. While checking out the marketplace, be on the lookout for MPG’s Peregrine for CrowdStrike, a native desktop application that utilizes CrowdStrike’s EDR solution and Falcon’s API to batch manage, investigate, contain, and remediate alerts on multiple end user devices right from your desktop.
From MPG's perspective, as a CrowdStrike partner, the announcements and enhancements from CrowdStrike combined with excellent informational sessions, CS University, and an engaging exhibit hall combined to make Fal.Con 2023 an exciting place to be this year. MindPoint Group’s team is looking forward to the future of cybersecurity and all the new innovations CrowdStrike has made possible, including building the ecosystem for Peregrine to excel in. To try Peregrine for yourself, which works hand in hand with CrowdStrike Falcon's API, download and start your free trial.