Netskope and CrowdStrike Integrate to Deliver Zero-Day Endpoint Security
Netskope Security Cloud Combined with the CrowdStrike Falcon Platform Provides Instant Visibility and Endpoint Protection Across the Enterprise
Netskope, the leader in cloud security, announced an integration with CrowdStrike, the leader in cloud-delivered endpoint protection. Together, the market-leading and award-winning Netskope Security Cloud and CrowdStrike’s Falcon platform will enable enterprises to extend advanced threat detection across end points and the cloud applications they access.
As the number of cloud applications consumed by users continues to grow, organizations must ensure that their Internet-connected devices are protected from cloud-based threats. With the ability to instantly identify and manage users’ access across the corporate network, organizations can rapidly detect and remediate any risky activity before critical data becomes compromised.
CrowdStrike’s endpoint protection technology binds with Netskope’s cloud-focused threat protection engine. Together, CrowdStrike and Netskope provide joint customers with increased real-time, actionable threat intelligence and enhanced malware and non-malware protection.
“The cloud has fundamentally changed the way people work today, allowing organizations to provide employees cutting edge tools that fuel collaboration, encourage mobility and increase business efficiency,” said Billy Bond, VP of Business Development and Alliances at Netskope. “This has caused the presence of Internet-connected endpoint devices in the enterprise to be as pervasive as ever, creating a host of new potential attack surfaces. By partnering with CrowdStrike, we have created an integrated solution that enables customers’ endpoint to cloud architecture to proactively prevent and respond to all attack vectors at each step of the kill chain, thus protecting an organization’s most valuable data assets from being destroyed or ending up in the wrong hands.”
The enhanced threat detection capabilities as a part of this integration include:
- Netskope customers can query their CrowdStrike solution with malware file hashes discovered by Netskope to retrieve the details of endpoints where the malware file may additionally reside. This search ensures that the malware has not made its way into the enterprise environment via other channels, which is a useful data point in determining the spread and nature of a potentially targeted cyber attack.
- Netskope customer platforms can send malware file hashes to their CrowdStrike solution for endpoint monitoring. Indicators of compromise (IOC) will trigger a detection if CrowdStrike observes the IOC activating in the endpoint environment. Seeding will also ensure faster detection of any malicious activity on the endpoint in the future.
- Netskope’s device classification feature allows customers to identify the presence (or lack) of an active CrowdStrike sensor on an endpoint. Customers can use Netskope device classification to limit access to activities in cloud services for systems not protected by CrowdStrike. Protected systems can access cloud services, ensuring a minimal attack surface from endpoint to cloud.
“As cyberattacks increase in sophistication and volume, endpoint security will continue to be top of mind for security teams as they look to adopt strategies to effectively manage and protect the countless devices in the enterprise,” said Matthew Polly, vice president of Worldwide Business Development, Channels at CrowdStrike. “By sharing threat analytics data generated by the Falcon protection platform with Netskope’s market-leading cloud security platform, and ingesting IOC data from Netskope, we are providing customers with the ability to gain unprecedented visibility and enriched context of their networks, significantly improving their overall security posture.”