CIO Influence
Automation CIO Influence News

Acalvio Announces Integration with CrowdStrike to Enhance Identity Protection

Acalvio Announces Integration with CrowdStrike to Enhance Identity Protection

Partnership offers automation to CrowdStrike’s honeytokens capabilities to further help customers effectively and securely lure adversaries from critical resources

Acalvio Technologies, the leader in cyber deception technology, announced a partnership with CrowdStrike that enables customers to integrate Acalvio’s technology with CrowdStrike Falcon® Identity Protection to combat increasingly sophisticated identity-based attacks. Available on the CrowdStrike Store, this integration empowers CrowdStrike customers to use Acalvio’s automation and AI-based recommendations to accelerate the creation and deployment of honeytokens and honey accounts via Falcon® Identity Protection.

Latest Cioinfluence Interview: CIO Influence Interview with Joe Ramieri, VP of North America at Instabase

“Our honeytoken offering expands our robust partnership with CrowdStrike and complements CrowdStrike Falcon Identity Protection by adding new automation to its deception capabilities to combat identity attacks”

According to the 2023 CrowdStrike Global Threat Report, “adversaries are doubling down on stolen credentials,” continuing the trend from 2022 where 80% of cyberattacks leveraged identity-based techniques. According to Gartner1, “Modern identity threats can subvert traditional identity and access management (IAM) preventive controls, such as multifactor authentication (MFA). This makes identity threat detection and response (ITDR) a top cybersecurity priority for 2022 and beyond.”

Currently, there exists a fundamental asymmetry in the security industry – the defenders must get it right all the time, but the threat actor needs to succeed only once. Honeytokens turn this asymmetry on its head – with this approach the threat actor is much more likely to get caught. Honeytoken accounts are accounts created in Active Directory (AD) that are specifically designed to lure attackers and deflect them away from real identities. Honeytokens are specially designed data resources corresponding to the honeytoken accounts that are embedded in legitimate assets, such as endpoints.

Falcon® Identity Protection has built-in support for monitoring honeytoken accounts and a policy-based identity threat containment and response mechanism. Any engagement with honeytoken accounts triggers high-fidelity detection and response by the CrowdStrike Falcon Platform, giving the SOC analysts visibility into the adversary’s attack path.

Read More About Cioinfluence Interview: CIO Influence Interview with Michael Berthold, CEO at KNIME

The Acalvio solution provides an automated AI-driven recommendation for high value honeytoken account creation, extending the power of Falcon Identity Protection to lure adversaries away from critical resources. It also offers automated creation, seamless deployment, and lifecycle management of a variety of sophisticated, fingerprint resistant honeytokens at scale on enterprise endpoints. The pre-integrated solution leverages the CrowdStrike Falcon platform and requires no Acalvio software or agent to be installed in the customer’s network.

“As identity-based attacks continue to rise, we see honeytokens playing a critical role to lure adversaries from high-value resources,” said Elia Zaitsev, chief technology officer at CrowdStrike. “With Acalvio now available on the CrowdStrike Store, customers can leverage the power of Falcon Identity Protection and accelerate their defense-in-depth strategy.”

“Our honeytoken offering expands our robust partnership with CrowdStrike and complements CrowdStrike Falcon Identity Protection by adding new automation to its deception capabilities to combat identity attacks”, said Ram Varadarajan, CEO and co-founder of Acalvio Technologies. “CrowdStrike customers can use our agentless solution to maximize their preexisting investments in the CrowdStrike Falcon platform.”

Browse The Complete Interview About Cioinfluence: CIO Influence Interview with Filip Verloy, Field CTO for the EMEA Region at Noname Security

 [To share your insights with us, please write to sghosh@martechseries.com] 

Related posts

ERP Success Partners Acquires Createch’s NetSuite ERP Practice

GlobeNewswire

First Annual Teradici Cybersecurity Survey Finds Companies Rapidly Adopting Zero Trust Instead of VPN to Secure Hybrid Workplaces

CIO Influence News Desk

Morse Micro and Edgecore Networks Unleash a New Wi-Fi HaLow Platform, Redefining IoT Connectivity

PR Newswire