CrowdStrike and
Google Cloud announced a series of product integrations to deliver
joint customers defense-in-depth security, comprehensive visibility and
workload protection at scale across hybrid cloud environments. These
integrations will enable more seamless sharing of telemetry and data
between the two security platforms, helping maintain high levels of
security across a customers' entire cloud or hybrid environment.
Under
this expanded partnership, CrowdStrike will tightly integrate its
CrowdStrike Falcon platform with Google Cloud's suite of security
products including Chronicle, VirusTotal Enterprise, and Google Cloud
Security Command Center (SCC), helping security teams increase
visibility of threats across cloud and hybrid deployments, and enabling
them to act much more quickly to address them.
"The
past year forced organizations to push their digital transformation
forward at record pace to support remote workforces. However, digital
transformation cannot be done without security transformation, in order
to protect organizations' cloud presence," said Amol Kulkarni, chief
product officer of CrowdStrike. "That is why we are proud to expand our
partnership with Google Cloud and deliver deeper integrations with their
security capabilities. These integrations are powered by our
best-in-class, AI-powered telemetry to provide contextual and actionable
intelligence that accelerates incident response to better protect cloud
workloads from sophisticated threat activity."
"Security
issues continue to disrupt enterprises across all industries, prompting
many to modernize their security plans and operations with the cloud.
At the same time, attackers continue to become more sophisticated and
evolve attack methods," said Sunil Potti, Vice President & General
Manager of Google Cloud Security. "Our expanded partnership with
CrowdStrike helps our joint customers make the most of their security
investments and gain multi-level defenses that can only be delivered by
the power of the cloud."
The new integrations between CrowdStrike's Falcon platform and Google Cloud include:
- Google
Cloud's security analytics engine, Chronicle, will integrate with the
CrowdStrike Falcon platform, which processes over five trillion
endpoint-related events per week, enabling security teams to more easily
analyze endpoint and workload telemetry in order to find and address
threats quickly. Teams will also be able to correlate petabytes of data
from Chronicle with datasets from the Falcon platform, enabling them to
thoroughly investigate long-term attacks and stop new ones.
- VirusTotal,
a crowdsourced malware collection platform, will integrate with
CrowdStrike Falcon and is planned to be available via the CrowdStrike Store,
allowing cybersecurity teams to quickly search for and identify files
or URLs that are relevant to an investigation, and uncover previously
unknown threats. Integrating VirusTotal with the Falcon platform will
also enable customers to more effectively track adversaries and generate
detection rules that can eliminate blind spots in their cloud and
hybrid infrastructure.
- Google
Cloud's SCC will aggregate alerts and events from the CrowdStrike
Falcon platform, which helps provide a single comprehensive view of
security and compliance across a customers' cloud environment. This
unified management console makes it much easier for security teams to
maintain visibility and control over their environment and to more
quickly prioritize violations and investigate alerts.
- Google Cloud's BeyondCorp Enterprise and Google Workspace will also integrate with Falcon Zero Trust Assessment (ZTA)
to allow joint customers to create and enforce granular access policies
to applications using CrowdStrike's unique risk signals, strengthening
zero trust initiatives. In addition, CrowdStrike will offer integrations
with Google Cloud's Security Agent Deployment taking advantage of the Operating System Configuration Management for automated and scalable sensor deployment.