It’s been almost a year to the day since we announced the formation of CrowdStrike, a company totally focused on identifying and preventing the damage from targeted attacks. Over this past year, we have continued to hire rock stars and grow our company. But just hiring rock stars, experts in their respective disciplines, is not enough to build a transformational company. Galvanizing our collective vision into something that can be used by customers around the globe requires focused execution. Toiling day and night to get our technology to market may seem like hard work, but when it’s your mission, it becomes a lot easier. Today I’m delighted to announce the beta release of CrowdStrike Falcon, a Big Data Active Defense platform focused on raising the adversaries' costs and giving the strategic advantage back to defenders.
CrowdStrike Falcon is a revolutionary Active Defense platform that incorporates many of the foundational components necessary to deal with today’s determined and persistent adversaries. These elements include: real-time detection of adversary activities, attribution of the threat actors, flexibility of response actions, and intelligence dissemination. The ability to detect zero-day attacks without blacklisting and to attribute back to particular adversaries (when possible) is a fundamental element of our platform. Our cloud-based Big Data architecture allows us to infuse the platform with intelligence derived from the CrowdStrike Intelligence Team and our global network of event-driven sensors. We provide a rich data set of information on specific adversaries, industries they’re targeting, and their current Tactics, Techniques, and Procedures (TTPs), all mapped to the seven-step kill chain model. This happens in real time, not days or weeks after a breach occurs. Lastly, our goal is to share this information with a trusted community of like-minded security professionals so they can better defend against current and future attacks. My co-founder Dmitri Alperovitch does an excellent job of explaining our Active Defense strategy in his blog post: Active Defense: Time for a New Security Strategy, and how we have implemented these concepts in CrowdStrike Falcon.
In addition to the aforementioned features, there are other foundational components that the platform was designed to address from the the start. I’ve been preaching for several years that organizations should think “beyond the malware.” It’s more than the “What,” the malware used to infect a system. It is also about the “Who,” the person/groups behind the attack, and the “Why.” Why is this adversary targeting a particular entity, and what are they after? By understanding the Who, What, Why relationship, you’ll be empowered to make better risk-based decisions. Rather than having no context to understand if you should care that generic-trojanxyz was found on your network, you can assess what the financial, reputational, and operational impacts are and what your response should be. CrowdStrike Falcon was designed to link the Who, What, and Why together, so you don’t have to.
Given the recent news of how pervasive China has been in targeting companies around the globe, the beta release of CrowdStrike Falcon could not be more timely. The private beta customers we’re already working with are tired of existing solutions that fail to prevent the damage from targeted attacks. They’re tired of wondering why they’ve been forced to use antiquated technologies that still can’t defend against techniques noted in my book Hacking Exposed in 1999. They’re tired of user interfaces that were built for engineers by engineers, rather than a dashboard that conveys simplicity and elegance, and also clearly communicates data and intelligence to both technical team members and business leaders. They’re tired of solutions that scan for artifacts weeks or months after successful intrusions and grind the system to a halt, and frankly they’re tired of feeling like the proverbial punching bag, taking body blow after body blow. Companies are welcoming a new model that helps stem the tide of targeted attacks and the intellectual property bloodletting that takes place with alarming regularity.
While there are no silver bullets in security, nor will there ever be one, I’m confident that our technology will make a meaningful impact in changing the way people think about and implement security in the future. We still have much to accomplish, and I know our team will push forward and continue the audacious mission we embarked on over one year ago. One team, one fight, one singular mission – protecting our customers and safeguarding their intellectual property. Thanks for your support, and thanks to the many large enterprises who have been working with us for months and providing feedback to help us improve our Active Defense platform. Your help and guidance have been invaluable and much appreciated.
Stay tuned to this blog and our website as we unveil more details about the groundbreaking CrowdStrike Falcon platform in the coming weeks, or request a tech briefing and inquire about private beta participation now. General availability of the CrowdStrike Falcon platform is Spring 2013.