Crowdstrike, a leading provider of modern Endpoint protection solution, recently released its yearly Global Threat Report 2019. The report informs the public on key findings and trends observed by Crowdstrike from the past year. Sangram Aglave, Contributing Editor, Businessworld caught up with Mike Sentonas, Vice President, Technology Strategy at Crowdstrike to learn more about the Report and their strategy.
The Global Threat Report 2019 from Crowdstrike does not include bad actors operating out of the United States and Israel. Does it mean the report is incomplete or is it just that there are no bad actors operating out of the United States and Israel?
As described in the Methodology section of the 2019 Global Threat Report, the report was developed through comprehensive threat data in a fourfold approach: CrowdStrike Falcon Intelligence; CrowdStrike Falcon OverWatch - the company’s industry-leading managed hunting team; The CrowdStrike Threat Graph, a massively scalable, cloud-based graph database technology processing 1 trillion events a week across 176 countries; and the CrowdStrike Services team. The Global Threat Report is based on intrusions, campaigns, and targeting that we’ve seen in our customer base – either where our technology is deployed or where our team has been engaged for security services. If we haven’t reported on a particular actor, this means that we haven’t encountered them firsthand. We are unable to make any inferences about activities or actor motivations – APTs, eCrime, etc. – that we haven’t directly observed or analyzed.
A nation and state are two different things. What do you mean by a nation-state actor in your report?
CrowdStrike Intelligence classifies cyber adversaries into three naming conventions based on their motivations: eCrime, nation-state or hacktivist. A nation-state actor is a person who is acting on behalf of a particular government and in many cases conducts cyber espionage for their government.
How does CrowdStrike services organization preserves, protects and maintains the Confidentiality of the Customer information they acquire?
CrowdStrike protects the confidentiality and integrity of information collected during all engagements. CrowdStrike Services maintains and regularly reviews/updates its Services Standards on Evidence Handling policy & procedures, which adhere to the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) and Scientific Working Group on Digital Evidence standards guidance.
Philosophically security should never be optional. Threat Hunting, Threat Intelligence and Crowdstrike service optional on your catalogue? Do you have plans to bring all your products and services into an omnibus solution offering?
Threat Hunting and Threat Intelligence are now part of CrowdStrik’es core products. Falcon Endpoint Protection Enterprise includes Falcon OverWatch (our proactive threat hunting service) as well as Falcon X (our integrated threat intelligence solution). Falcon Endpoint Protection Premium includes those same two items, but adds OverWatch Premium to give customers a more advanced and comprehensive threat hunting program as part of the offering.
A key theme for CrowdStrike in 2019 is making sure that threat hunting and threat intelligence are included with the product, and that’s exactly what we deliver with Falcon Endpoint Protection Enterprise and Falcon Endpoint Protection Premium.
Services is optional because it is a service and not a technology product. The CrowdStrike Services team offers things like incident response services as well as strategic advisory services such as compromise assessments and red team exercises. While these are complementary to our technology platform, we find that it makes the most sense to keep them as optional add-ons, giving the customer the flexibility to only get the products and services that meet their needs.
Who are your major competitors and how does Crowdstrike differentiate from them?
CrowdStrike was established in 2011 as a direct result of the inefficiencies and shortcomings of established products and solutions dominating the cyber market. CrowdStrike pioneered the first endpoint security platform that is fully cloud-based to break the vicious cycle of ineffective protection and continuous hacks that many businesses and government organizations struggled with. This innovation disrupted the multi-billion dollar legacy endpoint security market with innovative technology, services delivery, and intelligence gathering. CrowdStrike’s groundbreaking technology ensures that organizations can not only defend themselves but also do so in an efficient and future-proof manner.
As the only endpoint security solution to be built 100 percent in the cloud, CrowdStrike is able to provide customers fast deployment across users, a reduction in friction and costs, and infinite scalability that can grow with any size organization.
Analyst recognition confirms our industry leadership. We are the only vendor to be named a leader in the Forrester Wave Reports for Incident Response, Endpoint Security Suites and Endpoint Detection and Response. We have also been recognized by Gartner. In the 2018 Gartner Magic Quadrant for Endpoint Protection Platforms, CrowdStrike was positioned highest for the ability to execute and completeness of vision in the Visionary Quadrant; and we received the highest overall rating in the 2019 Gartner Peer Insights Customers’ Choice for Endpoint Detection and Response Solutions.
Can you share your India Go-to-Market strategy?
CrowdStrike continues to expand its footprint globally and within the APJ region. The organization will continue to add strategic resources and operations in the most high-yielding regional markets. Most recently, we have expanded our team to continue to drive explosive growth within the India and SAARC market. CrowdStrike opened our Innovation and Development Center in Pune in 2018, and we have been heavily investing in our go-to-market sales and technical teams since then.