ExtraHop, CrowdStrike Deepen Partnership Through Addition of Threat Intelligence

It’s no surprise threat actors are getting faster. CrowdStrike’s Counter Adversary Operations team has recently found that the average time for an adversary to “break out” and move laterally from initial compromise to other hosts in the victim environment is down to an all-time low of 79 minutes.

That’s compared to 84 minutes as noted in the CrowdStrike 2023 Global Threat Report from earlier this year and to 98 minutes the previous year. The fastest adversary CrowdStrike tracked in its 2023 Global Threat Report began moving laterally within seven minutes of compromising an endpoint.

To help security operations teams win this race against adversaries, ExtraHop and CrowdStrike announced further integrations between their two security platforms that deepen their existing technology partnership and help customers meet demanding cybersecurity KPIs.

CrowdStrike Threat Intelligence for ExtraHop Customers

Specifically, ExtraHop will be integrating world-class CrowdStrike FalconⓇ Intelligence into the Reveal(x) network detection and response platform as an out-of-the-box service for all users. Falcon is recognized as a leader in The Forrester Wave™: External Threat Intelligence Services Providers, Q3 2023. ExtraHop was named a leader in The Forrester Wave: Network Analysis and Visibility Solutions, Q2 2023.

The integration of Falcon Intelligence with Reveal(x) in early 2024 will provide ExtraHop customers with real-time, high-quality telemetry and IOCs from the CrowdStrike threat research team. Fed by trillions of unique events each day, the added intelligence will help expose the latest threat actors, malicious tools, and attack techniques hiding in users' networks.

The addition of CrowdStrike Falcon Intelligence into Reveal(x) will help ExtraHop customers reduce their time to investigate cyber incidents by providing more timely and contextual detections. The integration will use the high-fidelity list of threat indicators developed by CrowdStrike threat researchers and apply them to the unique environments of every ExtraHop customer, bringing even greater speed and accuracy to detections and helping to reduce mean time to respond (MTTR).

A recent customer survey found that Falcon Intelligence Premium reduces response time, decreases time-consuming threat research, and improves risk posture. The April 2023 Techvalidate survey of CrowdStrike Cloud Security customers found:

• An 80% time savings while investigating alerts;
• A 78% reduction in effort during threat research;
• An 80% improved risk posture.

Meanwhile, a commissioned Total Economic Impact™ study conducted by Forrester Consulting on behalf of ExtraHop found that a composite organization comprised of interviewees with experience using Reveal(x) 360 led to:

• 83% reduction in time to detect threats;
• 87% reduction in time to resolve threats;
• 66% reduction in unplanned outages;
• 193% ROI.

Enterprise-Grade NDR for CrowdStrike Services and CrowdStrike Marketplace

ExtraHop also announced that CrowdStrike Services can now leverage Reveal(x) in existing ExtraHop customer environments for additional network visibility and context to augment their investigations. Reveal(x) delivers 360-degree network visibility that eliminates blindspots to accelerate investigation and response for joint Services customers.

“The combination of CrowdStrike and ExtraHop gives our customers the intelligence, technology, and expertise they need to better understand and contextualize threats to stay one step ahead of adversaries,” said Daniel Bernard, Chief Business Officer, CrowdStrike. “Continuing to build upon our historic partnership is essential for providing customers with best-in-class security that stops breaches and keeps businesses up and running.”

In addition, Reveal(x) will be available in the newly launched CrowdStrike Marketplace, a one-stop destination and world-class ecosystem of third-party security products, CrowdStrike announced.

The new CrowdStrike Marketplace connects CrowdStrike customers to ExtraHop, resulting in simplified security stacks and reduced operational costs.

ExtraHop, CrowdStrike Customers Benefit from Deepening Partnership

Today’s announcements build on the already-powerful integration between Reveal(x) and the CrowdStrike Falcon® platform, including Falcon Insight XDR, Falcon ThreatGraph, and Falcon LogScale. When combined, the two platforms allow joint customers to achieve broader, deeper visibility when identifying and responding to threats, better positioning them to stop attacks in their earliest stages.

To learn more about the integrations between CrowdStrike and ExtraHop, watch the webinar, “How to Accelerate XDR Outcomes: Bridging the Gap Between Network and Endpoint.”