CrowdStrike Deepens Security Ties with Google

CrowdStrike has extended its relationship with Google Cloud to make it possible to bi-directionally share telemetry and data between CrowdStrike Falcon cloud service for protecting endpoints and security offerings from Google such as Chronicle, VirusTotal Enterprise and Google Cloud Security Command Center (SCC).

Amol Kulkarni, chief product officer at CrowdStrike, said the goal is to provide increased observability at a time when IT environments are becoming more extended than ever.

The CrowdStrike Falcon platform currently processes more than five trillion endpoint-related events per week. Cybersecurity teams are now able to correlate petabytes of data stored on the Chronicle threat protection service with datasets from the Falcon platform.

VirusTotal, a crowdsourced malware collection platform, will also be available via the CrowdStrike Store to make it easier to search for and identify files or URLs that are relevant to an investigation or uncover previously unknown threats. That capability will make it simpler for cybersecurity teams to enable customers to both track adversaries and generate detection rules more effectively.

SCC will aggregate alerts and events collected via the CrowdStrike Falcon platform to better prioritize and investigate alerts while BeyondCorp Enterprise and Google Workspace will also integrate with Falcon Zero Trust Assessment (ZTA) to allow IT organizations to create and enforce granular access policies as part of zero-trust initiatives.

Finally, CrowdStrike will offer integrations with Google Cloud’s Security Agent Deployment, taking advantage of Operating System Configuration Management for automated and scalable sensor deployment.

Kulkarni said the alliance with Google makes it simpler for security teams to employ a more comprehensive approach to security when endpoints today are more frequently accessing cloud services from almost anywhere. The integrations make it easier to identify, for example, which misconfigured cloud services have been accessed by specific endpoints. The challenge cybersecurity teams face today is they generally lack visibility into what has become an extended enterprise IT environment, he noted.

Google and CloudStrike together, over time, will also be able to leverage machine learning algorithms and other forms of artificial intelligence (AI) to employ end user and applications behavior to better secure IT environments, added Kulkarni.

As end users rely more on cloud service it’s become apparent there is a greater need for endpoint and cloud security to converge. That may ultimately lead to a wave of mergers and acquisitions. In the meantime, providers of endpoint and cloud security tools and services are moving toward providing tighter integrations across their respective offerings.

That integration will also make it easier for cybersecurity teams and developers to collaborate more easily as responsibility for application and cloud security continues to shift left as organizations embrace DevSecOps best practices, noted Kulkarni. The challenge organizations face today is many of them simply lack the visibility needed to successfully implement DevSecOps, he added. In the absence of that observability, it becomes difficult for cybersecurity teams to have a meaningful dialogue with developers that goes beyond listing potential vulnerabilities.

There’s an old adage about being unable to manage what can’t be seen. As it turns out, organizations are just as equally unable to secure what they can’t see.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 746 posts and counting.See all posts by mike-vizard