New cloud-scale framework provides customizable and easy-to-use custom automation to simplify enterprise security workflows
CrowdStrike, a leader in cloud-delivered endpoint protection and workload protection, announced Falcon Fusion, a unified and extensible framework purpose-built on the CrowdStrike Falcon® platform to orchestrate and automate complex workflows improving security operation center (SOC) efficiency. Falcon Fusion leverages the power of the CrowdStrike Security Cloud and relevant contextual insights across endpoints, identities, and workloads, in addition to telemetry from partner applications via the CrowdStrike Store, to improve SOC and IT efficiency and agility for enterprise customers.
Recommended ITech News: Cisco Announces Intent to Acquire Kenna Security to Deliver Vulnerability Management
“Our customers are dealing with expanding attack surfaces across multi-cloud environments and distributed workforces, making it increasingly burdensome for security teams to sift through an ever-growing number of alerts and keep their business secure”
With CrowdStrike Falcon Fusion, enterprise customers can meet the 1-10-60 challenge – 1 minute to identify a breach, 10 minutes to investigate, and 60 minutes to remediate – by streamlining incident investigation, response and remediation capabilities with repeatable and consistent workflows, which helps security teams get the right coverage with accuracy and speed. SOC analysts can define real-time active response workflows using an intuitive graphical user interface, along with customizable triggers based on detection and incident categories. This enables SOC teams to dramatically improve the overall efficiency of their workflows, providing them the necessary context to mitigate security risks to their organizations more quickly and effectively than ever.
Recommended ITech News: SGP Supports Netreo’s Acquisition of Stackify
“Our customers are dealing with expanding attack surfaces across multi-cloud environments and distributed workforces, making it increasingly burdensome for security teams to sift through an ever-growing number of alerts and keep their business secure,” said Amol Kulkarni, chief product officer of CrowdStrike. “We built Falcon Fusion to provide our customers with rich contextual insights and valuable customization to not only meet their immediate needs but also deploy repeatable workflows at scale. Falcon Fusion combines CrowdStrike Security Cloud’s comprehensive visibility across all business entities with the powerful incident response capabilities delivered by the lightweight Falcon agent to automate and simplify complex SOC workflows.”
Key features of Falcon Fusion include:
- Orchestrate and automate complex workflows: Build consistent and customizable workflows using intuitive no-code logic or custom code options for faster active response – all without leaving the console.
- Simplify security operations: Easy-to-use automation of workflows reduces the need to switch between different security tools and tasks and improves the efficiency of security team operations, allowing them to focus on more business critical strategic tasks.
- Accelerate incident triaging and real-time response: Speed-up incident triaging and incident response by configuring custom actions and notifications based on contextual insights from managed workloads and endpoints, resulting in reduced mean time to respond and remediate threats.
- Cut costs and resources: Free up skilled resources and improve cost efficiency by building and scaling workflows on demand employing no-code automation to create repeatable and reliable processes.
- Build powerful open ecosystem: Seamlessly deploy partner applications from the CrowdStrike Store to bring in additional telemetry to enrich their detection and response logic to further enhance security and IT operations.
Recommended ITech News: sensemetrics Acquired by Bentley Systems, Inc. to Accelerate Infrastructure IoT
